Molly Sauter, a doctoral student at McGill University and a research affiliate at the Berkman Center at Harvard ("exploring cyberspace, sharing its study & pioneering its development"), has a paper calling the use of DDOS (distributed denial of service) attacks a legitimate form of activism and protest. This can't go unchallenged.
Over the past year or so, we've seen some of the most pervasive and widespread credit card...
Businesses of all sizes seem to be moving at least some operations to the cloud. It’s only...
US-based game developer Brianna Wu was driven from her home over the weekend after a troll posted her address online and threatened to rape, kill and mutilate her. This situation came about because of the Gamergate controversy.
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing here in infosec land.
Having an IR Team is not a guarantee of breach-free life for the organization. In this short post I am trying to list very specific reasons why breaches happen despite IR teams being present and active. Instead of writing yet-another-smart-ass-who-knows-it-all post that talks about "events are ignored," "teams are underfunded," etc.
What a difference a few months can make. Shortly after the Heartbleed bug caused a panic in security circles, along comes something which could be even more serious and the reaction seems to be one big yawn.
British police forces have complained that as many as six smartphones seized have been remotely wiped in the past year, potentially killing vital evidence as part of ongoing investigations.
Ever looked closely at a Google search URL and seen a weird "ei" parameter in there? While it doesn't seem to occur for every search, when it does, that "ei" parameter contains an encoded Unix UTC timestamp (and other things Google only knows). Interpreting this artifact can thus allow forensic analysts to date a particular search session.
A little-known Department of Homeland Security program for providing liability protection to US firms in the wake of terrorist or other attacks could also provide shelter for firms facing legal action in the wake of a cyber attack.
The US government is claiming that an agent had the right to set up a Facebook account and to impersonate a young woman using information it swiped from her seized mobile phone after she was arrested.
AT&T, one of the US's biggest telecoms, has fired an insider for having thumbed through customer accounts without authorization and potentially slurping customers' taxpayer IDs, driver license numbers and more.
If we have learned anything about payment technology over the past decade, it’s that there will always be a new technology or a new scheme that will be championed as a way to reduce the growing rise of payment card fraud.
A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software.
There is a misconception that having an IR plan will suffice and the statistics seem to indicate having a plan is on the rise. While having a plan is great, they are rarely more than just guidelines and are not the robust set of company specific procedures they should be, especially if you don’t have people practicing them day in and day out.
FBI Director James Comey has compared Chinese hackers to a "drunk burglar" — not so subtle, but prolific and reckless enough to cost US companies billions each year.
Following on from our previous Windows Phone post and after some excellent testing feedback, it's time to release some Windows Phone 8.0 scripts for extracting SMS, Call History and Contacts.
New court documents released this week by the U.S. government in its case against the alleged ringleader of the Silk Road online black market and drug bazaar suggest that the feds may have some ‘splaining to do.