Advertisement
Blogs
Subscribe to DFI News

The Lead

PFIC 2014 - A Great Exchange of Ideas

November 13, 2014 | by Chet Hosmer | Comments

Once again the Paraben team has put together just the right Forensic Innovation Environment with a perfect backdrop. The conference provides a brainshare and the perfect mix of lectures, trainings, and lab sessions that truly generate a spirit of collaboration and innovation that is forging new partnerships. 

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

Cell Phone Tracking via Call Detail Records

November 25, 2014 7:07 am | by Larry E. Daniel | Comments

We live in a world today where individuals’ movements and locations are being recorded in many different ways. These movements and locations are commonly being used as evidence in civil, criminal, and domestic litigation. It is of paramount importance that anyone who is involved in litigation that uses cellular location evidence understands the appropriate and inappropriate use of this type of location data.

TOPICS:
Mixing upper and lower case letters, numbers and special characters doesn’t make passwords any harder for hackers to crack, only increasing the number of characters does, according to new research from Trustwave.

The Secret Life of Passwords

November 24, 2014 4:13 am | by Editor | Comments

Yes, I understand why passwords are universally despised: the strains they put on our memory, the endless demand to update them, their sheer number. I hate them, too. But there is more to passwords than their annoyance. In our authorship of them, in the fact that we construct them so that we (and only we) will remember them, they take on secret lives.

TOPICS:
In its statement on Monday night, Anonymous explained that through the Klan's Twitter account, it obtained large amounts of information on multiple white supremacists, and "members of Anonymous who seized the account are continuing to debate if the identi

Anonymous Statement: KKK is a Terrorist Group, KKK Responds Poorly

November 18, 2014 11:48 am | by Violet Blue | Comments

In its statement on Monday night, Anonymous explained that through the Klan's Twitter account, it obtained large amounts of information on multiple white supremacists, and "members of Anonymous who seized the account are continuing to debate if the identities of the people associated with the Klan's account should be released to the public."

TOPICS:
Advertisement
With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against – what types of att

2014 SANS Incident Response Survey Results

November 17, 2014 11:35 am | by Garrett Gross | Comments

With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against — what types of attacks are most common, what defenses are most widely used, and what challenges IR teams face in their response efforts. 

TOPICS:
Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government ini

Cyber security: Do the experts need letters after their name?

November 17, 2014 10:47 am | by Tom Brewster | Comments

Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government initiatives designed to give a fillip to British cybersecurity wannabes and graduates.

TOPICS:
Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges.

Network Hijackers Exploit Technical Loophole

November 14, 2014 10:36 am | by Editor | Comments

Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges.  

TOPICS:
To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments

The Mercenaries

November 13, 2014 11:25 am | by Shane Harris | Comments

To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments and corporations.

TOPICS:
Law enforcement wasn't very willing to share about how it managed to slice through the layers of the Tor network, which is designed to mask users' identity by means of software that routes encrypted browsing traffic through a network of worldwide servers.

Tor Project Puzzles Over How the Law Shredded Anonymity in Operation Onymous

November 12, 2014 10:03 am | by Lisa Vaas | Comments

Law enforcement wasn't very willing to share about how it managed to slice through the layers of the Tor network, which is designed to mask users' identity by means of software that routes encrypted browsing traffic through a network of worldwide servers.

TOPICS:
Advertisement
Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 20

The Future of Incident Response

November 12, 2014 9:19 am | by Bruce Schneier | Comments

Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 2000, we realized that detection needed to be formalized as well, and the industry was full of detection products and services. This decade is one of response.

TOPICS:
Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the White House.

Attacks on Open Source Call for Better Software Design

November 11, 2014 9:25 am | by Brian Robinson | Comments

Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the White House.   

TOPICS:
Hackers have breached US Postal Service networks, leading to a significant breach of employee data.

Hackers Hit US Postal Service Networks, Employee Data Grabbed

November 10, 2014 11:27 am | by Zack Whittaker | Comments

Hackers have breached US Postal Service networks, leading to a significant breach of employee data.                                           

TOPICS:
Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach.

DHS Employee Data Breached in 'State-sponsored Attack'

November 7, 2014 11:55 am | by Lisa Vaas | Comments

Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach.                         

TOPICS:
Most online account hijacking capers are carried out using automated bots, but not all. In fact, some of the most effective and damaging heists result from targeted, carefully staged, manual attacks, a new study by Google shows.

Google: Manual Account Hijacks Much More Dangerous than Bot Takeovers

November 7, 2014 10:16 am | by Jai Vijayan | Comments

Most online account hijacking capers are carried out using automated bots, but not all. In fact, some of the most effective and damaging heists result from targeted, carefully staged, manual attacks, a new study by Google shows.      

TOPICS:
There are few things more frustrating to users than using a tool which doesn't support (or may even be at odds with) their processes. Tools should be designed to support our workflows, and the more often we perform a workflow, the more important it is tha

Triage Any Alert with These Five Weird Questions!

November 6, 2014 9:58 am | by David Bianco | Comments

There are few things more frustrating to users than using a tool which doesn't support (or may even be at odds with) their processes. Tools should be designed to support our workflows, and the more often we perform a workflow, the more important it is that our tools support it.

TOPICS:
 The alert fired and the end point needs to be triaged but what options do you have. Do you spend the time to physically track down the end point, remove the hard drive, image the drive, and then start your analysis. How much time and resources would be s

Triaging with Tr3Secure Script's NTFS Artifacts Only Option

November 6, 2014 9:49 am | by Corey Harrell | Comments

The alert fired and the end point needs to be triaged but what options do you have. Do you spend the time to physically track down the end point, remove the hard drive, image the drive, and then start your analysis. How much time and resources would be spent approaching triage in this manner? 

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading