Advertisement
The resource for digital forensic professionals
Subscribe to DFI News All

The Lead

It goes without saying that the expert will understand the scientific basis of the testing that was done. However, even the most educated and experienced persons have gaps in their knowledge and experience. In most cases, what you don’t know will have no

Should You Say "I Don’t Know" on the Witness Stand?

September 26, 2014 | by Elaine M. Pagliaro | Articles | Comments

It goes without saying that the expert will understand the scientific basis of the testing that was done. However, even the most educated and experienced persons have gaps in their knowledge and experience. In most cases, what you don’t know will have no effect on the outcome of a trial.

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

Card data of Supervalu and Albertsons shoppers may be at risk in another hack. The companies said that in late August or early September, malicious software was installed on networks that process credit and debit card transactions at some of their stores.

Another Card System Hack at Supervalu, Albertsons

September 30, 2014 10:53 am | by Associated Press | News | Comments

Card data of Supervalu and Albertsons shoppers may be at risk in another hack. The companies said that in late August or early September, malicious software was installed on networks that process credit and debit card transactions at some of their stores.

TOPICS:
This new version of XORSearch integrates Frank Boldewin’s shellcode detector. In his Hack.lu 2009 presentation, Frank explains how he detects shellcode in Microsoft Office documents by searching for byte sequences often used in shellcode.

XORSearch with Shellcode Detector

September 30, 2014 10:36 am | by Editor | Blogs | Comments

This new version of XORSearch integrates Frank Boldewin’s shellcode detector. In his Hack.lu 2009 presentation, Frank explains how he detects shellcode in Microsoft Office documents by searching for byte sequences often used in shellcode.    

TOPICS:
Days after GM announced the appointment of a chief security officer, automotive cybersecurity has gotten another boost with a $4 million Series A funding shot for car-focused Argus Cyber Security.

Investors Drive into Car Cybersecurity

September 30, 2014 10:06 am | by Tara Seals, Infosecurity Magazine | News | Comments

Days after GM announced the appointment of a chief security officer, automotive cybersecurity has gotten another boost with a $4 million Series A funding shot for car-focused Argus Cyber Security.               

TOPICS:
Advertisement
Kevin Mitnick, who post-prison reinvented himself as a skilled penetration tester, security consultant and social engineer, is now offering to sell zero-day exploits at the eye-popping opening price of $100,000.

Ex-con Kevin Mitnick Now Selling Zero-day Exploits, Starting at $100K

September 29, 2014 10:51 am | by Lisa Vaas | Blogs | Comments

Kevin Mitnick, who post-prison reinvented himself as a skilled penetration tester, security consultant and social engineer, is now offering to sell zero-day exploits at the eye-popping opening price of $100,000.           

TOPICS:
In this post I'm releasing an installation guide to build a custom ticketing system to track and document security incidents. The guide contains nothing groundbreaking; just instructions on how to install and configure Request Tracker in CentOS with a Pos

CSIRT Request Tracker Installation Guide

September 29, 2014 10:39 am | by Corey Harrell | Blogs | Comments

In this post I'm releasing an installation guide to build a custom ticketing system to track and document security incidents. The guide contains nothing groundbreaking; just instructions on how to install and configure Request Tracker in CentOS with a PostgreSQL database and Apache web server. 

TOPICS:
Security experts are urging firms to patch the Shellshock bug as soon as possible, after spotting a “significant amount” of malicious traffic exploiting the Bash vulnerability made public recently.

Malicious Shellshock Traffic Invades the Web

September 29, 2014 10:28 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Security experts are urging firms to patch the Shellshock bug as soon as possible, after spotting a “significant amount” of malicious traffic exploiting the Bash vulnerability made public recently.               

TOPICS:
Disgruntled workers are increasingly exacting their revenge on their employers by using their access to company computers to engage in cyber sabotage, the FBI is warning. Others are using their access to extort money from their employers by threatening sa

FBI Warns of Rising Cyber Sabotage, Extortion by Disgruntled Employees

September 29, 2014 10:05 am | by Sean Higgins, Washington Examiner | News | Comments

Disgruntled workers are increasingly exacting their revenge on their employers by using their access to company computers to engage in cyber sabotage, the FBI is warning. Others are using their access to extort money from their employers by threatening sabotage.

TOPICS:

Organized Crime Opting for Hidden Internet Service Industry

September 29, 2014 9:51 am | by Europol | News | Comments

The 2014 iOCTA (Internet Organised Crime Threat Assessment), published by Europol's European Cybercrime Centre (EC3), describes an increased commercialization of cyber crime. A service-based criminal industry is developing, in which specialists in the virtual underground economy develop products and services for use by other criminals. 

TOPICS:
Advertisement
The US financial services industry is finally getting tough on cybercrime, with the announcement of a new body to be tasked with developing threat intelligence products.

US Banks Get Serious about Security Information Sharing

September 26, 2014 10:40 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

The US financial services industry is finally getting tough on cyber crime, with the announcement of a new body to be tasked with developing threat intelligence products.                       

TOPICS:
Apple’s new policy about law enforcement is ruffling some feathers with FBI, and has been a point of debate among the rest of us. It has become such because it’s been viewed as just that – a policy – rather than what it really is, which is a design change

Random Thoughts on iPhone, Encryption, and the FBI

September 26, 2014 10:24 am | by Jonathan Zsziarski | Blogs | Comments

Apple’s new policy about law enforcement is ruffling some feathers with FBI, and has been a point of debate among the rest of us. It has become such because it’s been viewed as just that — a policy — rather than what it really is, which is a design change.

TOPICS:
FBI Director James B. Comey sharply criticized Apple and Google recently for developing forms of smartphone encryption so secure that law enforcement officials cannot easily gain access to information stored on the devices — even when they have valid sear

FBI Blasts Apple, Google for Blocking Phones from Police Investigation

September 26, 2014 10:13 am | by Craig Timberg and Greg Miller, The Washington Post | News | Comments

FBI Director James B. Comey sharply criticized Apple and Google recently for developing forms of smartphone encryption so secure that law enforcement officials cannot easily gain access to information stored on the devices — even when they have valid search warrants.

TOPICS:
With a bug as dangerous as the “shellshock” security vulnerability discovered recently, it takes less than 24 hours to go from proof-of-concept to pandemic.

Hackers Already Using Shellshock Bug to Launch Botnet Attacks

September 26, 2014 9:56 am | by Andy Greenberg, Wired | News | Comments

With a bug as dangerous as the “shellshock” security vulnerability discovered recently, it takes less than 24 hours to go from proof-of-concept to pandemic.                           

TOPICS:
State v. Brown is a pending criminal case in Essex County, New Jersey involving allegations that the defendant tweeted a nude video of his former girlfriend. The defendant is charged with two counts of invasion of privacy for allegedly covertly videotapin

New Jersey Case Highlights Need for Clarity on Digital Forensics Testimony

September 26, 2014 9:07 am | by Matthew Adams | Blogs | Comments

State v. Brown is a pending criminal case in Essex County, New Jersey involving allegations that the defendant tweeted a nude video of his former girlfriend. The defendant is charged with two counts of invasion of privacy for allegedly covertly videotaping the woman as she got ready to take a shower. 

TOPICS:

Fall 2014

September 25, 2014 5:19 pm | Digital Editions | Comments

Read the Fall 2014 Digital Edition of DFI News!

TOPICS:
A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks.

Bug in Bash Shell Creates Security Hole for Linux and Unix

September 25, 2014 10:19 am | by Sean Gallagher, Ars Technica | News | Comments

A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks.    

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading