Advertisement
Blogs
Subscribe to DFI News

The Lead

In this post I'm releasing an installation guide to build a custom ticketing system to track and document security incidents. The guide contains nothing groundbreaking; just instructions on how to install and configure Request Tracker in CentOS with a Pos

CSIRT Request Tracker Installation Guide

September 29, 2014 | by Corey Harrell | Comments

In this post I'm releasing an installation guide to build a custom ticketing system to track and document security incidents. The guide contains nothing groundbreaking; just instructions on how to install and configure Request Tracker in CentOS with a PostgreSQL database and Apache web server. 

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

State v. Brown is a pending criminal case in Essex County, New Jersey involving allegations that the defendant tweeted a nude video of his former girlfriend. The defendant is charged with two counts of invasion of privacy for allegedly covertly videotapin

New Jersey Case Highlights Need for Clarity on Digital Forensics Testimony

September 26, 2014 9:07 am | by Matthew Adams | Comments

State v. Brown is a pending criminal case in Essex County, New Jersey involving allegations that the defendant tweeted a nude video of his former girlfriend. The defendant is charged with two counts of invasion of privacy for allegedly covertly videotaping the woman as she got ready to take a shower. 

TOPICS:
Nearly three-fourths of US Fortune 500 companies now have set up incident response plans and teams in preparation for cyberattacks, but only one-third of them consider their IR operations actually effective in the face of a data breach, according to a new

Incident Response Fail

September 25, 2014 8:15 am | by Kelly Jackson Higgins | Comments

Nearly three-fourths of US Fortune 500 companies now have set up incident response plans and teams in preparation for cyberattacks, but only one-third of them consider their IR operations actually effective in the face of a data breach, according to a new study.

TOPICS:
Amid fresh threats by ISIS against the US and its allies this week, worries of what the well-financed and social-media savvy militant group could do in the cyber realm has triggered debate over whether ISIS ultimately could or would disrupt US critical in

ISIS Cyber Threat to US Under Debate

September 24, 2014 10:39 am | by Kelly Jackson Higgins | Comments

Amid fresh threats by ISIS against the US and its allies this week, worries of what the well-financed and social-media savvy militant group could do in the cyber realm has triggered debate over whether ISIS ultimately could or would disrupt US critical infrastructure networks.

TOPICS:
Advertisement
Much like other mobile chat applications, WhatsApp contacts, messages, and attachments can be valuable to examiners looking to recover evidence for a variety of different investigation types. Whether you’re analyzing the mobile device of a suspect or a vi

Recovering WhatsApp Forensic Artifacts

September 24, 2014 8:20 am | by Jamie McQuaid | Comments

Much like other mobile chat applications, WhatsApp contacts, messages, and attachments can be valuable to examiners looking to recover evidence for a variety of different investigation types. Whether you’re analyzing the mobile device of a suspect or a victim, these chat artifacts can contain valuable information to help solve a case.

TOPICS:
Hardly a week goes by when I don’t hear from a reader wondering about the origins of a bogus credit card charge for $49.95 or some similar amount for a product they never ordered. As this post will explain, such charges appear to be the result of crooks t

Who's Behind the Bogus $49.95 Charges?

September 23, 2014 11:19 am | by Editor | Comments

Hardly a week goes by when I don’t hear from a reader wondering about the origins of a bogus credit card charge for $49.95 or some similar amount for a product they never ordered. As this post will explain, such charges appear to be the result of crooks trying to game various online affiliate programs by using stolen credit cards.

TOPICS:
It has been a brutal season for data breaches, from the wholesale theft of customer records numbering in the billions to the exposure of naughty celebrity pictures. More significant to agencies is the case that cost US Investigations Services (USIS) a con

Passwords vs. Biometrics

September 22, 2014 10:56 am | by William Jackson | Comments

It has been a brutal season for data breaches, from the wholesale theft of customer records numbering in the billions to the exposure of naughty celebrity pictures. More significant to agencies is the case that cost US Investigations Services (USIS) a contract to perform government background checks.  

TOPICS:
The US Department of Justice (DOJ) is proposing a power grab that would make it easier for domestic law enforcement to break into computers of people trying to protect their anonymity via Tor or other anonymizing technologies.

Tor Users Could be FBI's Main Target if Legal Power Grab Succeeds

September 22, 2014 10:33 am | by Lisa Vaas | Comments

The US Department of Justice (DOJ) is proposing a power grab that would make it easier for domestic law enforcement to break into computers of people trying to protect their anonymity via Tor or other anonymizing technologies.       

TOPICS:

US Military in the Dark on Cyber Attacks against Contractors

September 19, 2014 12:42 pm | by Brian Prince | Comments

Communication is the key to any good relationship. Yet a new report from the US Senate Armed Services Committee shows that a lack of communication has left the US Transportation Command (Transcom) in the dark about threats to cyber security.   

TOPICS:
Advertisement
The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the inves

In Home Depot Breach, Investigation Focuses on Self-Checkout Lanes

September 19, 2014 11:23 am | by Editor | Comments

The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the investigation. The finding could mean thieves stole far fewer cards during the almost five-month breach than they might have otherwise.  

TOPICS:
C&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizations.

Breach at Goodwill Vendor Lasted 18 Months

September 18, 2014 8:54 am | by Editor | Comments

C&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizations.

TOPICS:
Governments around the world are demanding increasingly larger amounts of user data from Google, according to the company’s latest Transparency Report.

New Google Transparency Report Details Hike in Government User Data Requests

September 17, 2014 12:23 pm | by Lee Munson | Comments

Governments around the world are demanding increasingly larger amounts of user data from Google, according to the company’s latest Transparency Report.                            

TOPICS:
Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to r

Internet of Things Devices are Doomed

September 16, 2014 11:05 am | by Ericka Chickowski | Comments

Security researchers are telling a story of Internet of Things (IoT) Doom, but it might not be exactly the doom you expect: Last week at 44Con in London, a researcher showed off a hack of a vulnerability in a Canon Pixma printer that made it possible to remotely modify the printer's firmware so that its LED indicator screen could run the classic first-person-shooter game, Doom.

TOPICS:
Security researchers at IBM said they had uncovered a series of hacking attacks aimed at Middle Eastern petrochemical companies. The researchers, at IBM’s Trusteer division, said the hackers were using a variant of financial malware known as Citadel, whic

Middle Eastern Petrochemical Plants are Targets of Hackers

September 16, 2014 10:49 am | by Nicole Perlroth | Comments

Security researchers at IBM said they had uncovered a series of hacking attacks aimed at Middle Eastern petrochemical companies. The researchers, at IBM’s Trusteer division, said the hackers were using a variant of financial malware known as Citadel, which was first discovered in 2012.

TOPICS:
 Two Chinese cyber espionage gangs known for targeting very different industries and working out of different regions of the nation actually use some of the same or similar tactics, tools, and resources in their spying operations, researchers found.

Franchising the Chinese APT

September 15, 2014 11:12 am | by Kelly Jackson Higgins | Comments

Two Chinese cyber espionage gangs known for targeting very different industries and working out of different regions of the nation actually use some of the same or similar tactics, tools, and resources in their spying operations, researchers found.

TOPICS:
Reports emerged earlier this week that a BlackPOS variant discovered last month by Trend Micro was to blame for the data breach at Home Depot, raising speculation that the breach was carried out by the same group that breached Target and with the same mal

Home Depot Breach May Not be Related to BlackPOS, Target

September 12, 2014 11:11 am | by Sara Peters | Comments

Reports emerged earlier this week that a BlackPOS variant discovered last month by Trend Micro was to blame for the data breach at Home Depot, raising speculation that the breach was carried out by the same group that breached Target and with the same malware. But new analysis has led some researchers to believe that it isn't related to BlackPOS at all.

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading