SUBSCRIBE TO FREE
DFI News EMAIL NEWSLETTER
Insider Theft of Intellectual Property
May 21, 2013 11:04 am | News | CommentsThis is the sixth entry in the Spotlight On series published by the CERT Insider Threat Center. Each entry focuses on a specific area of threat to organizations from their current or former employees, contractors, or business partners and presents analysis based on hundreds of actual insider threat cases cataloged in the CERT insider threat database.
Find TrueCrypt and BitLocker Encrypted Containers and Images
May 21, 2013 10:55 am | News | CommentsPassware announced that Passware Kit Forensic 12.5 can now recognize hard disk images and containers, such as TrueCrypt, BitLocker, PGP, during a computer scan. For a computer forensic professional this means that no evidence is hidden inside a volume.
A New Perspective on Siri Forensics
May 21, 2013 8:52 am | by Julie Desautels | Blogs | CommentsSince its release in 2007, the iPhone has been extremely popular. Sales have especially increased within the past three years. With its growing popularity and larger user population, there is a greater chance of coming across a case which involves forensically examining an iPhone.
Complaint Filed against Snapchat
May 20, 2013 11:47 am | News | CommentsA privacy watchdog group is going after Snapchat for deceiving users about self-destructing messages that don't actually self-destruct. The smartphone app has become popular with young people for sending messages that a few seconds later disappear. The Electronic Privacy Information Center has filed a complaint with the Federal Trade Commission.
Chinese Hackers Resume US Attacks
May 20, 2013 11:24 am | News | CommentsThree months after hackers working for a cyberunit of China’s People’s Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks using different techniques, according to computer industry security experts and American officials.
Cyber Teams Need to Look for Trouble
May 20, 2013 11:05 am | by William Jackson | News | CommentsAgency cybersecurity teams have not been accepted by IT shops as full partners in the job of supporting agency missions and as a result are falling farther behind in efforts to detect and block threats. Security needs to adopt a more aggressive posture, seeking out threats rather than just detecting them and working with IT departments to follow through on remediation.
Uncovering Syrian Hackers
May 20, 2013 8:29 am | by Nicole Perlroth | News | CommentsIt’s the question of the moment inside the murky realm of cybersecurity: Just who — or what — is the Syrian Electronic Army? The hacking group that calls itself the S.E.A. struck again, this time breaking into the Twitter accounts and blog headlines of The Financial Times.
MoVP II - 1.4 - New HPAK Address Space
May 17, 2013 4:24 pm | by Editor | Blogs | CommentsVolatility can analyze memory dumps in the "HPAK" archive format, which is proprietary to the Fast Dump (FDPro.exe) acquisition utility. If you're not the person acquiring memory, there's no telling what tool or format will be used for the acquisition … but you still have to find a way to analyze it.
Ragebooter: 'Legit' DDoS Service, or Fed Backdoor?
May 17, 2013 3:24 pm | by Editor | Blogs | CommentsRecently, I profiled asylumbooter.com, one of several increasingly public DDoS-for-hire services posing as Web site “stress testing” services. Today, we’ll look at ragebooter.net, yet another attack service except for one secret feature which sets it apart from the competition: According the site’s proprietor, ragebooter.net includes a hidden backdoor that lets the FBI monitor customer activity.
Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records
May 17, 2013 10:23 am | by Kim Zetter | News | CommentsIn the wake of the AP scandal, in which federal investigators obtained the phone records of journalists using only a subpoena, four lawmakers have introduced legislation in the House that would prevent federal agencies from seizing any phone records without a court order.
Romanian Hacker Aims to Protect World's ATMs
May 17, 2013 9:40 am | by Radu Marinas | News | CommentsValentin Boanta, sitting in his jail cell, proudly explains the device he has invented which, he says, could make the world's ATMs impregnable even to tech-savvy criminals like himself. Boanta, 33, is six months into a five-year sentence for supplying gadgets an organized crime gang used to conceal ATM skimmers, which can copy data from an unsuspecting ATM user's card so a clone can be created.
Lulzsec Hackers Sentenced
May 16, 2013 4:09 pm | by Peter Bright | News | CommentsThe four British Lulzsec hackers — Mustafa "tflow" al-Bassam, Ryan "kayla" Ackroyd, Jake "topiary" Davis, and Ryan "ViraL" Cleary — were sentenced to between 20 and 32 months in jail for crimes committed during Lulzsec's 50 day hacking spree in 2011. The handling of charges of conspiracy to commit fraud brought against all four was also an important issue.
The Trick to Detecting Poison Ivy RAT and Other Stealthy Malware
May 16, 2013 3:04 pm | by William Jackson | News | CommentsHackers have become adept at modifying malicious code to avoid detection by signature-based security tools so that even well-known malware such as the Poison Ivy Remote Access Tool can slip past defenses. But even stealthy, well-disguised threats leave tracks that can be discovered through analysis of network traffic.
The White X
May 16, 2013 2:35 pm | by Editor | Blogs | CommentsA certain engineer retired from his job of 37 years at a very productive factory of a very well-known company. Prior to his departure, he trained three young college graduates with engineering degrees on the ins-and-outs of the factory. Because the retiring engineer did not have a college degree his replacements quickly discounted his admonitions as the ramblings of an "old man."
The Tool Validation 'Myth-odology'
May 16, 2013 2:27 pm | by Editor | Blogs | CommentsWhat we have seen in the community for some time is that a new tool is announced or mentioned, and members of the community begin clamoring for their copy of that tool. Many times, one of the first questions is, "where can I download a copy of the tool?"


