Advertisement
The resource for digital forensic professionals
Subscribe to DFI News All

The Lead

With the global smartphone market expected to total 1.75 billion users this year, it is rare for an investigator to conduct a digital forensic investigation that does not include a smartphone.

Digging for Data, Finding Evidence in Third-Party Applications

July 16, 2014 | by Heather Mahalik and Cesar Quezada | Basis Technology, SANS Institute | Articles | Comments

With the global smartphone market expected to total 1.75 billion users this year, it is rare for an investigator to conduct a digital forensic investigation that does not include a smartphone. While smartphone forensics has vastly improved over the years, third-party apps are making it increasingly difficult for investigators to find data. As a result, valuable evidence is being overlooked.

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to r

Internet of Things Devices are Doomed

September 16, 2014 11:05 am | by Ericka Chickowski | Blogs | Comments

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to remotely modify the printer's firmware so that its LED indicator screen could run the classic first-person-shooter game, Doom.

TOPICS:
The Nigerian authorities are looking for a missing IT admin at an unnamed bank who is suspected of helping cybercriminals make off with 6.28 billion Naira ($38.6m).

Nigerian Bank IT Worker Missing after Multi-billion Naira Heist

September 16, 2014 10:43 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

The Nigerian authorities are looking for a missing IT admin at an unnamed bank who is suspected of helping cybercriminals make off with 6.28 billion Naira ($38.6m).                         

TOPICS:

Even Biometric Locks Can be Picked

September 16, 2014 8:26 am | by Andrew Smith, The Conversation | News | Comments

How can we ensure that someone is who they say they are? How can be sure that the person in our system, both digitally speaking or physically in front of us, is who whom they claim to be? You may think that a good password is the answer, but with so many ways to break into a computer system these methods are clearly not always effective.

TOPICS:
Advertisement
 Two Chinese cyber espionage gangs known for targeting very different industries and working out of different regions of the nation actually use some of the same or similar tactics, tools, and resources in their spying operations, researchers found.

Franchising the Chinese APT

September 15, 2014 11:12 am | by Kelly Jackson Higgins | Blogs | Comments

Two Chinese cyber espionage gangs known for targeting very different industries and working out of different regions of the nation actually use some of the same or similar tactics, tools, and resources in their spying operations, researchers found.

TOPICS:
There are many ways bad guys attack systems, disrupt infrastructures and steal data, but one of the most common uses an entry point that is vital to Internet communications and yet, it seems, carelessly disregarded: the humble, but crucial, SSL.

SSL Remains Security Weakness Despite Latest Reinforcements

September 15, 2014 11:01 am | by Brian Robinson | News | Comments

There are many ways bad guys attack systems, disrupt infrastructures and steal data, but one of the most common uses an entry point that is vital to Internet communications and yet, it seems, carelessly disregarded: the humble, but crucial, SSL.

TOPICS:
Matt Weeks, one of the developers who contributes code to the open source Metasploit Project, has published a long report detailing how he was able to reverse-engineer the encrypted communications protocol used by Ammyy Admin, one of the most popular remo

Turning the Tables on Tech Support Scammers

September 15, 2014 10:43 am | by Lee Hutchinson, Ars Technica | News | Comments

Matt Weeks, one of the developers who contributes code to the open source Metasploit Project, has published a long report detailing how he was able to reverse-engineer the encrypted communications protocol used by Ammyy Admin, one of the most popular remote control apps used by tech support scammers, and then use that knowledge to ferret out a vulnerability in the Ammyy Admin application.

TOPICS:
The NSA has allegedly infiltrated the internal networks of two German telcos as part of an ambitious project to map the entire internet in real-time, according to the latest revelations from whistleblower Edward Snowden.

NSA Maps the Internet with German Telecoms

September 15, 2014 10:25 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

The NSA has allegedly infiltrated the internal networks of two German telcos as part of an ambitious project to map the entire internet in real-time, according to the latest revelations from whistleblower Edward Snowden.         

TOPICS:
The headache caused by the attack on JPMorgan Chase’s computer network this summer may not go away anytime soon. Over two months, hackers gained entry to dozens of the bank’s servers, potentially giving the hackers a window into how the bank’s individual

JPMorgan Still Investigating Attack

September 15, 2014 10:13 am | by Nicole Perlroth and Matthew Goldstein, The New York Times | News | Comments

The headache caused by the attack on JPMorgan Chase’s computer network this summer may not go away anytime soon. Over two months, hackers gained entry to dozens of the bank’s servers, potentially giving the hackers a window into how the bank’s individual computers work.

TOPICS:
Advertisement
Silent Shield has sponsored the first Digital Crime Scene Challenge at the 26th Annual Crimes Against Children Conference (CACC). Internationally recognized, the CACC is the premier conference of its kind providing practical and interactive instruction to

Silent Shield Sponsors First Digital Crime Scene Challenge at 26th Annual Crimes Against Children Conference

September 12, 2014 5:00 pm | by Silent Shield | News | Comments

Silent Shield has sponsored the first Digital Crime Scene Challenge at the 26th Annual Crimes Against Children Conference (CACC). Internationally recognized, the CACC is the premier conference of its kind providing practical and interactive instruction to those fighting crimes against children and helping children heal.

TOPICS:
Every sector of the United States government has likely been hacked at some point, according to the FBI, which has lent to “unprecedented” partnerships with private industry to protect financial interests targeted by “a wide range of cyber adversaries.”

FBI: Relentless Hacking behind Govt-industry Collaboration

September 12, 2014 12:20 pm | by RT | News | Comments

Every sector of the United States government has likely been hacked at some point, according to the FBI, which has lent to “unprecedented” partnerships with private industry to protect financial interests targeted by “a wide range of cyber adversaries.”

TOPICS:
US government requests for access to Dropbox user content and account details rose in line with subscriber numbers over the first half of 2014, but several of the accounts requested didn’t actually exist, according to the firm.

US Government Requests Access to Non-existent Dropbox Accounts

September 12, 2014 11:52 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

US government requests for access to Dropbox user content and account details rose in line with subscriber numbers over the first half of 2014, but several of the accounts requested didn’t actually exist, according to the firm.       

TOPICS:
Reports emerged earlier this week that a BlackPOS variant discovered last month by Trend Micro was to blame for the data breach at Home Depot, raising speculation that the breach was carried out by the same group that breached Target and with the same mal

Home Depot Breach May Not be Related to BlackPOS, Target

September 12, 2014 11:11 am | by Sara Peters | Blogs | Comments

Reports emerged earlier this week that a BlackPOS variant discovered last month by Trend Micro was to blame for the data breach at Home Depot, raising speculation that the breach was carried out by the same group that breached Target and with the same malware. But new analysis has led some researchers to believe that it isn't related to BlackPOS at all.

TOPICS:
Yahoo says the government threatened to fine the company $250,000 a day if it did not comply with demands to go along with an expansion of U.S. surveillance by surrendering online information, a step the company regarded as unconstitutional. The outlines

Yahoo Threatened with $250,000-a-day Fine for Withholding Info

September 12, 2014 10:52 am | News | Comments

Yahoo says the government threatened to fine the company $250,000 a day if it did not comply with demands to go along with an expansion of U.S. surveillance by surrendering online information, a step the company regarded as unconstitutional. The outlines of Yahoo's secret and ultimately unsuccessful court fight against government surveillance emerged when a federal judge ordered the unsealing of some material about Yahoo's court challenge.

TOPICS:
Guidance Software, Inc. has announced an event management and response solution that bundles EnCase® Cybersecurity and HP ArcSight Express. The new bundled solution is designed for organizations that have invested in the ability to detect threats, but are

Post-detection Event Management and Recovery

September 12, 2014 10:02 am | Guidance Software, Inc. | Product Releases | Comments

Guidance Software, Inc. has announced an event management and response solution that bundles EnCase® Cybersecurity and HP ArcSight Express. The new bundled solution is designed for organizations that have invested in the ability to detect threats, but are challenged with determining which of the countless alerts being generated are meaningful, and can help to mitigate successful cyber attacks.

TOPICS:
First responders must use caution when they seize electronic devices. Improperly accessing data stored on electronic devices may violate Federal laws, including the Electronic Communications Privacy Act of 1986 and the Privacy Protection Act of 1980. Firs

First Responder Electronic Crime Scene Investigation

September 12, 2014 8:50 am | by NIJ | Articles | Comments

First responders must use caution when they seize electronic devices. Improperly accessing data stored on electronic devices may violate Federal laws, including the Electronic Communications Privacy Act of 1986 and the Privacy Protection Act of 1980. First responders may need to obtain additional legal authority before they proceed. 

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading