Advertisement
 
Network Forensics
Subscribe to Network Forensics

The Lead

As part of their routine combat training, Army brigades will be more rigorously challenged to fight enemies in cyberspace.

Army Embeds Cyber Forces in Combat Training Drills

July 7, 2015 10:57 am | by Sandra I. Erwin, National Defense | News | Comments

As part of their routine combat training, Army brigades will be more rigorously challenged to fight enemies in cyberspace.

Harvard Reveals It Had an IT Breach

July 2, 2015 2:37 pm | by Ingrid Lunden, Tech Crunch | News | Comments

A seventeenth-century university has become the victim of a twenty-first-century crime. Harvard...

Corrupt Silk Road Investigator Pleads Guilty, Admits to $240K Movie Deal

July 2, 2015 12:09 pm | by Joe Mullin, Ars Technica | News | Comments

Carl Mark Force, the head of a Baltimore-based team of law enforcement that investigated the...

Hundreds of Dark Web Sites Cloned and 'Booby Trapped'

July 2, 2015 8:10 am | by Mark Stockley | Blogs | Comments

The founder of one of the Dark Web's fledgling search engines is warning Tor users about the...

Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essentia

Understanding Digital and Cyber Topography is Critical to Successful Military Operations

July 2, 2015 8:10 am | by Capt. Ryan Robinson, SIGNAL | News | Comments

Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essential to operational success.

I want to talk about a vulnerability disclosure trend that I have recently noticed – a trend that I believe may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their comp

Why Vulnerability Disclosure Shouldn't be a Marketing Tool

July 2, 2015 8:09 am | by Brian Honan | Blogs | Comments

I want to talk about a vulnerability disclosure trend that I have recently noticed – a trend that I believe may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.

Cyber criminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyber

Crooks Use Hacked Routers to Aid Cyber Heists

July 1, 2015 10:25 am | by Brian Krebs | Blogs | Comments

Cyber criminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyber heists are leveraging hacked wireless routers to deliver their password-stealing crimeware.

Advertisement
The Foreign Intelligence Surveillance Court ruled late Monday that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.

Surveillance Court Rules That NSA Can Resume Bulk Data Collection

July 1, 2015 10:14 am | by Charlie Savage, The New York Times | News | Comments

The Foreign Intelligence Surveillance Court ruled late Monday that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.

The cryptography behind bitcoin solved a paradoxical problem: a currency with no regulator, that nonetheless can’t be counterfeited. Now a similar mix of math and code promises to pull off another seemingly magical feat by allowing anyone to share their d

MIT's Bitcoin-Inspired 'Enigma' Lets Computers Mine Encrypted Data

June 30, 2015 11:41 am | by Andy Greenberg, Wired | News | Comments

The cryptography behind bitcoin solved a paradoxical problem: a currency with no regulator, that nonetheless can’t be counterfeited. Now a similar mix of math and code promises to pull off another seemingly magical feat by allowing anyone to share their data with the cloud and nonetheless keep it entirely private.

Researchers who earlier this year spotted potential hacktivist activity against popular gas tank monitoring systems at US gas stations say they've been studying some real-world attacks on these systems as well as on their own honeypot set up to study and

Gas Stations in the Bullseye

June 30, 2015 11:12 am | by Kelly Jackson Higgins, Dark Reading | News | Comments

Researchers who earlier this year spotted potential hacktivist activity against popular gas tank monitoring systems at US gas stations say they've been studying some real-world attacks on these systems as well as on their own honeypot set up to study and gather intelligence on the attackers and their intentions.

A cyber strategy announced last week by the head of the agency that hackers robbed of sensitive dossiers on federal employees has potential to deter future attacks, say private investigators who probe computer espionage campaigns.

After Historic Hack, OPM Chief’s 15-Point Plan May be Too Little, Too Late

June 30, 2015 10:45 am | by Aliya Sternstein, Nextgov | News | Comments

A cyber strategy announced last week by the head of the agency that hackers robbed of sensitive dossiers on federal employees has potential to deter future attacks, say private investigators who probe computer espionage campaigns. 

Following two cyber attacks on Penn State University’s College of Liberal Arts, the   university is resetting passwords on its college-issued accounts, but school   officials said they believe no personal identifiable information, such as Social   Securit

Penn State Says It Was Victim of Cyber Attack

June 29, 2015 12:06 pm | by Madasyn Czebiniak, Pittsburgh Post-Gazette | News | Comments

Following two cyber attacks on Penn State University’s College of Liberal Arts, the university is resetting passwords on its college-issued accounts, but school officials said they believe no personal identifiable information, such as Social Security numbers, or research data has been compromised.

Advertisement
While some in the U.S. Government are convinced that China is to blame for the breach at the Office of Personnel Management, others hold that investigation is more important for attribution.

Not All US Goverment Fingers Point to China, Yet

June 26, 2015 12:20 pm | by Ernie Austin, Associate Editor | Articles | Comments

While some in the U.S. Government are convinced that China is to blame for the breach at the Office of Personnel Management, others maintain that further investigation is important for attribution.

Recently, Nextgov reported that the National Archives and Records Administration (NARA) found "indicators of compromise" similar to the breach at the Office of Personnel Management. But, the signs of intrusion turned out not to be so similar after all.

NARA Compromise Not Like the Others

June 25, 2015 11:57 am | by Ernie Austin, Associate Editor | Articles | Comments

Recently, Nextgov reported that the National Archives and Records Administration (NARA) found "indicators of compromise" similar to the breach at the Office of Personnel Management. But, the signs of intrusion turned out not to be so similar after all.

Finger-pointing burst into the open on Capitol Hill Wednesday over blame for hacking into the U.S. government's personnel records, which the chairman of a House oversight committee said might affect as many as 32 million current and former employees and o

Finger-Pointing Starting in Blame for Government Hack

June 25, 2015 9:44 am | by Alicia A. Caldwell, Associated Press | News | Comments

Finger-pointing burst into the open on Capitol Hill Wednesday over blame for hacking into the U.S. government's personnel records, which the chairman of a House oversight committee said might affect as many as 32 million current and former employees and others.

Internet pioneer and DNS expert Paul Vixie says "passive DNS" is way to shut down malicious servers and infrastructure without affecting innocent users.

How to Avoid Collateral Damage in Cybercrime Takedowns

June 25, 2015 9:35 am | by Kelly Jackson Higgins, Dark Reading | News | Comments

Internet pioneer and DNS expert Paul Vixie says "passive DNS" is way to shut down malicious servers and infrastructure without affecting innocent users.  

 The golden age of mobile forensics is over. There is no longer an easy way to get through the passcode in new iOS devices. Chip-off acquisition is dead due to full-disk encryption, while physical acquisition is dead since 64-bit devices and versions of i

The Future of Mobile Forensics

June 24, 2015 11:18 am | by Oleg Afonin, Danil Nikolaev and Yuri Gubanov | Articles | Comments

The golden age of mobile forensics is over. There is no longer an easy way to get through the passcode in new iOS devices. Chip-off acquisition is dead due to full-disk encryption, while physical acquisition is dead since 64-bit devices and versions of iOS 8 that cannot be jailbroken. Blackberries were highly resistant to chip-off acquisition from the beginning, and Android is getting there quickly. 

Advertisement
The second of two former U.S. agents charged with pocketing hundreds of thousands of dollars in digital currency reached a plea agreement with prosecutors.

Second US Agent Agrees to Plead Guilty to Bitcoin Theft

June 24, 2015 11:13 am | by Joel Rosenblatt, Bloomberg | News | Comments

The second of two former U.S. agents charged with pocketing hundreds of thousands of dollars in digital currency reached a plea agreement with prosecutors.

U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter.

SEC Hunts Hackers Who Stole Corporate Emails to Trade Stocks

June 24, 2015 10:00 am | by Sarah N. Lynch and Joseph Menn, Reuters | News | Comments

U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter.

The National Archives and Records Administration recently detected unauthorized activity on three desktops indicative of the same hack that extracted sensitive details on millions of current and former federal employees, government officials said Monday.

Signs of OPM Hack Turn Up at Another Federal Agency

June 23, 2015 11:43 am | by Aliya Sternstein, Nextgov | News | Comments

The National Archives and Records Administration recently detected unauthorized activity on three desktops indicative of the same hack that extracted sensitive details on millions of current and former federal employees, government officials said Monday. The revelation suggests the breadth of one of the most damaging cyber assaults known is wider than officials have disclosed. 

A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers, Trustwave researchers have discovered.

RubyGems Vulnerability Can Lead to Installation of Malicious Apps

June 23, 2015 10:48 am | by Zeljka Zorz, Help Net Security | News | Comments

A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers, Trustwave researchers have discovered.

Cannabis is the most commonly exchanged product on the Deep Web, according to a major new study of the unindexed web from Trend Micro.

Cannabis Comes Out On Top in Deep Web Trawl

June 23, 2015 10:27 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Cannabis is the most commonly exchanged product on the Deep Web, according to a major new study of the unindexed web from Trend Micro.

The massive hack of the Office of Personnel Management has raised questions about whether government contractors may have inadvertently made the agency more vulnerable to attack.

OPM Hack Raises Questions About Security of Government Contractors

June 22, 2015 12:11 pm | by Erin Kelly, USA TODAY | News | Comments

The massive hack of the Office of Personnel Management has raised questions about whether government contractors may have inadvertently made the agency more vulnerable to attack.  

Security researchers have many names for the hacking group that is one of the suspects for the cyber attack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers a

Hunt for Deep Panda Intensifies in Trenches of US-China Cyber War

June 22, 2015 10:52 am | by Jeremy Wagstaff, Reuters | News | Comments

Security researchers have many names for the hacking group that is one of the suspects for the cyber attack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew, and Myers' team is one of the few who has watched it mid-assault — and eventually repulsed it.

The United States leads the world in hosting malicious servers that are used to   remotely command and control infected user machines and systems. And the US is the   second-most frequent target of those systems, a new report from Level 3   Communications

US Hosts the Most Botnet Servers

June 22, 2015 10:31 am | by Jai Vijayan, Dark Reading | News | Comments

The United States leads the world in hosting malicious servers that are used to remotely command and control infected user machines and systems. And the US is the second-most frequent target of those systems, a new report from Level 3 Communications shows.  

Fifty-six million sets of unprotected data were found in cloud databases used to store mobile application data, an investigation by German researchers has shown.

App Data Flaw Threatens Millions of Users

June 19, 2015 1:00 pm | by Ernie Austin, Associate Editor | Articles | Comments

Fifty-six million sets of unprotected data were found in cloud databases used to store mobile application data, an investigation by German researchers has shown.

The energy grid is once again found to be vulnerable, with a serious flaw in the Nova-Wind Turbine human-machine (HMI) interface, which would allow remote code execution.

Wind Turbines Open to Hijacking

June 19, 2015 12:03 pm | by Tara Seals, Infosecurity Magazine | News | Comments

The energy grid is once again found to be vulnerable, with a serious flaw in the Nova-Wind Turbine human-machine (HMI) interface, which would allow remote code execution.

The Electronic Frontier Foundation has released their latest attempt to fill in where privacy protection laws have fallen short.

Which Tech Companies Have Five-Star Privacy?

June 19, 2015 11:37 am | by Ernie Austin, Associate Editor | Articles | Comments

The Electronic Frontier Foundation, the non-profit defender of digital rights, has released their latest attempt to fill in where privacy protection laws have fallen short.

One of two former U.S. agents charged with pocketing hundreds of thousands of dollars in digital money during the investigation of the illegal Silk Road Internet drug emporium reached a plea agreement with prosecutors.

Ex-US Agent Charged With Bitcoin Theft to Plead Guilty

June 18, 2015 11:37 am | by Joel Rosenblatt, Bloomberg | News | Comments

One of two former U.S. agents charged with pocketing hundreds of thousands of dollars in digital money during the investigation of the illegal Silk Road Internet drug emporium reached a plea agreement with prosecutors.

Advertisement
X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading