Advertisement
 
Network Forensics
Subscribe to Network Forensics

The Lead

Like a corporation that doesn't like government intrusion, the Iranian government   seems to to be turning from aggression within regulated industry to a new warfare   technology that has fewer restrictions.

Iran Turning to Unregulated Cyber Attacks

April 17, 2015 12:30 pm | by Ernie Austin, Associate Editor | News | Comments

Like a corporation that doesn't like government intrusion, the Iranian government seems to to be turning from aggression within regulated industry to a new warfare technology that has fewer restrictions.

New Dark-Web Market is Selling Zero-Day Exploits to Hackers

April 17, 2015 12:04 pm | by Andy Greenberg, Wired | News | Comments

Hackers have for years bought and sold their secrets in a de facto gray market for zero-day...

Pilot: US Government Claims Of Plane Wi-Fi Hacking Wrong And Irresponsible

April 17, 2015 8:46 am | News | Comments

The US government released a report yesterday warning of security threats facing modern aircraft...

Hackers Could Commandeer New Planes Through Passenger Wi-Fi

April 16, 2015 11:45 am | by Kim Zetter, Wired | News | Comments

Seven years after the Federal Aviation Administration first warned Boeing that its new...

View Sample

SUBSCRIBE TO FREE Forensic Magazine EMAIL NEWSLETTER

Attribution ... does it matter? If you're gov, yeah (maybe). If you're a mom-and-pop, not so much. I would suggest that during both hunting and IR, attribution can be a distraction. Why is that?

Detection Hunting Talk Notes

April 16, 2015 10:07 am | by Harlan Carvey | Blogs | Comments

Attribution ... does it matter? If you're gov, yeah (maybe). If you're a mom-and-pop, not so much. I would suggest that during both hunting and IR, attribution can be a distraction. Why is that? 

If you're looking to reduce the pool of possible zero-day vulnerabilities that could potentially be used for criminal or state-sponsored breaches of computer and network security, throwing people and money at the problem isn't necessarily going to solve i

Researchers Try to Hack the Economics of Zero-Day Bugs

April 15, 2015 10:42 am | by Sean Gallagher, Ars Technica | News | Comments

If you're looking to reduce the pool of possible zero-day vulnerabilities that could potentially be used for criminal or state-sponsored breaches of computer and network security, throwing people and money at the problem isn't necessarily going to solve it. At least, that's the conclusion from a team of researchers at MIT, Harvard, and the security firm HackerOne.

The big search engines don't ignore the Deep Web because there's some impenetrable technical barrier that prevents them from indexing it - they do it because they're commercial entities and the costs and benefits of searching beyond their current horizons

Is DARPA's Memex search engine a Google-killer?

April 15, 2015 9:43 am | by Mark Stockley | Blogs | Comments

The big search engines don't ignore the Deep Web because there's some impenetrable technical barrier that prevents them from indexing it - they do it because they're commercial entities and the costs and benefits of searching beyond their current horizons don't stack up.

Advertisement
The Simda botnet, known for spreading banking malware and dropping a backdoor on hundreds of thousands of machines worldwide, was taken down in a collaborative effort between international law enforcement bodies and private security and technology compani

Coordinated Takedown Puts End to Simda Botnet

April 14, 2015 12:02 pm | by Michael Mimoso, Threatpost | News | Comments

The Simda botnet, known for spreading banking malware and dropping a backdoor on hundreds of thousands of machines worldwide, was taken down in a collaborative effort between international law enforcement bodies and private security and technology companies.

It worked on Hurricane Panda. Can APT30 and other organized cyberespionage groups   also be convinced that an attack campaign isn't worth the trouble?

Chinese Nation-State Hackers Give Up Attack Campaign

April 14, 2015 11:24 am | by Sara Peters, Dark Reading | News | Comments

It worked on Hurricane Panda. Can APT30 and other organized cyberespionage groups also be convinced that an attack campaign isn't worth the trouble?

According to the IT and security professionals surveyed by ESG, better detection tools, better analysis tools, and more training on how to deal with incident response issues are the top ways to improve the efficiency and effectiveness of the information s

Key Challenges to Timely Incident Response

April 14, 2015 10:55 am | by Help Net Security | News | Comments

According to the IT and security professionals surveyed by ESG, better detection tools, better analysis tools, and more training on how to deal with incident response issues are the top ways to improve the efficiency and effectiveness of the information security staff.

Ernie Austin

Middle School Boy Charged With Felony Pranking

April 14, 2015 9:54 am | by Ernie Austin, Associate Editor | Blogs | Comments

Fourteen-year-old Domanik Green has been charged with felony offense against a computer system and unauthorized access. The eighth grader changed the wallpaper on a teacher's computer to a picture of two men kissing, after using an administrative-level password to accesss his middle school's network.

Even in the smallest police departments, today’s gumshoes are finding crime-solving clues in computer chips as criminals take a more technological approach to break the law.

Secret Service Trains Local Cyber Sleuths

April 13, 2015 12:05 pm | by Deborah Highland, Bowling Green Daily News | News | Comments

Even in the smallest police departments, today’s gumshoes are finding crime-solving clues in computer chips as criminals take a more technological approach to break the law.

Advertisement
Most organizations today focus on protecting their networks against malware, exploits, malicious websites and unpatched vulnerabilities. Unfortunately, there is a fundamental flaw with this approach: a malware-centric defense approach will leave you vulne

Solving the Right Problem: Stop Adversaries, Not Just Their Tools

April 10, 2015 10:11 am | by Dmitri Alperovitch | Blogs | Comments

Most organizations today focus on protecting their networks against malware, exploits, malicious websites and unpatched vulnerabilities. Unfortunately, there is a fundamental flaw with this approach: a malware-centric defense approach will leave you vulnerable to attacks that don’t leverage malware.  

China has been actively diverting unencrypted Web traffic destined for its top online search service — Baidu.com — so that some visitors from outside of the country were unwittingly enlisted in a novel and unsettling series of denial-of-service attacks ai

Don't Be Fodder for China's 'Great Cannon'

April 10, 2015 9:52 am | by Brian Krebs | Blogs | Comments

China has been actively diverting unencrypted Web traffic destined for its top online search service — Baidu.com — so that some visitors from outside of the country were unwittingly enlisted in a novel and unsettling series of denial-of-service attacks aimed at sidelining sites that distribute anti-censorship tools, according to research released this week.

Russian Hackers used a phishing email sent to the State Department as a jumping off point to infiltrate White House systems. Non-classified, but sensitive, data was taken. The hackers have also been able to reenter the State Department's system, despite e

Russians Still Hacking the White House

April 9, 2015 11:25 am | by Ernie Austin, Associate Editor | News | Comments

Russian Hackers used a phishing email sent to the State Department as a jumping off point to infiltrate White House systems. Non-classified, but sensitive, data was taken. The hackers have also been able to reenter the State Department's system, despite efforts to keep them out.

Last December, Police in Massachusetts confronted a new, and growing, frontier in cyber terrorism when the CryptoLocker ransomware virus infected the department’s network, encrypting essential department files until the town paid a $500 bitcoin ransom.

Police Pay Ransom After Network Cyber Attack

April 9, 2015 11:02 am | by Jayne W. Miller. Tewksbury Town Crier | News | Comments

Last December, Police in Massachusetts confronted a new, and growing, frontier in cyber terrorism when the CryptoLocker ransomware virus infected the department’s network, encrypting essential department files until the town paid a $500 bitcoin ransom.

A new group of international cybercrime fighters claimed one of its first kills Thursday, pulling the plug on malicious servers that hijacked at least 12,000 machines, most of them in the United States.

Cybercrime Fighting Group Takes Down Beebone Botnet

April 9, 2015 10:44 am | by Raphael Satter, Associated Press | News | Comments

A new group of international cybercrime fighters claimed one of its first kills Thursday, pulling the plug on malicious servers that hijacked at least 12,000 machines, most of them in the United States.

Advertisement
When a data breach occurs and personal information is stolen, where does it end up? Bitglass researchers decided to find out.

Diving Into the Dark Web: Where does stolen data go?

April 8, 2015 11:02 am | by Charlie Osborne, ZD Net | News | Comments

When a data breach occurs and personal information is stolen, where does it end up? Bitglass researchers decided to find out.

Deloitte Cyber Risk Service stages executive war games to show what might happen in the C-Suite after a breach.

Cyber War Games: Top 3 Lessons Learned about Incident Response

April 8, 2015 10:31 am | by Sara Peters, Dark Reading | News | Comments

Deloitte Cyber Risk Service stages executive war games to show what might happen in the C-Suite after a breach.

A new executive order signed into law by the president has one online community up in arms, after its loose wording effectively ruled out donating to Edward Snowden and others.

After Obama's Cybersecurity Order Threatens Snowden Fund, Bitcoin Donations Spike

April 7, 2015 9:54 am | by Zack Whittaker, ZD Net | News | Comments

A new executive order signed into law by the president has one online community up in arms, after its loose wording effectively ruled out donating to Edward Snowden and others.

The operator of an underground marketplace hosted within the Tor network has reported a flaw in Tor that he claims is being used for an ongoing denial of service attack on the site.

Bugs in Tor Network Attacks Underground Markets

April 6, 2015 11:16 am | by Sean Gallagher, Ars Technica | News | Comments

The operator of an underground marketplace hosted within the Tor network has reported a flaw in Tor that he claims is being used for an ongoing denial of service attack on the site.

Google's Android security report shows that devices that only install apps from the Google Play store have fewer infections.

Google: Less Than 1% Of Androids Have Potentially Harmful App Installed

April 6, 2015 10:44 am | by Sara Peters | Blogs | Comments

Google's Android security report shows that devices that only install apps from the Google Play store have fewer infections.

Over the past few weeks, China has been using its country's Internet infrastructure to attack political opponents by turning normal users' web browsers into Denial of Service tools. They exploited the fact that many enormous sites still use insecure HTTP

China Uses Unencrypted Websites to Hijack Browsers in GitHub Attack

April 2, 2015 3:36 pm | by Bill Budington, EFF | News | Comments

Over the past few weeks, China has been using its country's Internet infrastructure to attack political opponents by turning normal users' web browsers into Denial of Service tools. They exploited the fact that many enormous sites still use insecure HTTP rather than HTTPS, allowing the Great Firewall to modify those sites, and the fact that our web browsers are willing to run JavaScript code on an extremely liberal basis.

Google has taken the unprecedented decision to no longer recognize the certificate authorities (CAs) of .cn operator the China Internet Network Information Center (CNNIC), after a major security breach last month.

Google Set to Blacklist Chinese Websites

April 2, 2015 11:23 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Google has taken the unprecedented decision to no longer recognize the certificate authorities (CAs) of .cn operator the China Internet Network Information Center (CNNIC), after a major security breach last month.

The charging of two federal agents has led to a heap of documents from the Silk Road drug trafficking case being unsealed, including the above chats about the massive January theft—an attack that was actually perpetrated by a Secret Service agent, Shaun B

New Silk Road Docs Show How Agents Looted the Site

April 2, 2015 9:48 am | by Joe Mullin, Ars Technica | News | Comments

The charging of two federal agents has led to a heap of documents from the Silk Road drug trafficking case being unsealed, including the above chats about the massive January theft—an attack that was actually perpetrated by a Secret Service agent, Shaun Bridges. The 121-page document stash provides new insight into the details of how Bridges and DEA agent Carl Force ripped off the website.

The controversy surrounding former Secretary of State Hillary Clinton’s email has brought data destruction to the forefront of the national conversation. But now reports say Clinton “wiped the server,” deleting all emails. But how easy is it to permanentl

How hard is it to permanently delete data?

April 1, 2015 9:46 am | by Mark Pomerleau, GCN | News | Comments

The controversy surrounding former Secretary of State Hillary Clinton’s email has brought data destruction to the forefront of the national conversation. But now reports say Clinton “wiped the server,” deleting all emails. But how easy is it to permanently wipe data from servers or storage media?

The recent large-scale DDoS attacks against GitHub and anti-censorship group Greatfire.org are likely to signal the start of a major new attack campaign by China against foreign internet sites, according to Greatfire.

Beijing May Target Foreign Websites in New DDoS Campaign

March 31, 2015 10:23 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

The recent large-scale DDoS attacks against GitHub and anti-censorship group Greatfire.org are likely to signal the start of a major new attack campaign by China against foreign internet sites, according to Greatfire.

Taiwan wants to join a major anti-hacking drill conducted by the United States to strengthen cyber security ties with its staunchest ally, its vice premier said on Monday, a move which would help safeguard against constant targeting by hackers in rival Ch

Taiwan Wants Stronger Cyber Ties with US to Counter China Threat

March 30, 2015 1:17 pm | by Michael Gold and J.R. Wu, Reuters | News | Comments

Taiwan wants to join a major anti-hacking drill conducted by the United States to strengthen cyber security ties with its staunchest ally, its vice premier said on Monday, a move which would help safeguard against constant targeting by hackers in rival China.  

On Friday, GitHub, the open-source software code collaboration site, said they were experiencing the largest DDoS (distributed denial of service) attack in github.com's history, according to their blogpost.

DDoS Attack Targets GitHub Anti-Censorship

March 30, 2015 12:31 pm | by Ernie Austin, Associate Editor | News | Comments

On Friday, GitHub, the open-source software code collaboration site, said they were experiencing the largest DDoS (distributed denial of service) attack in github.com's history, according to their blogpost.

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading