On my to-do list for some time has been to add support back into the Tr3Secure collection script...
American Airlines Flight 136 from LAX to London was delayed recently after someone in the...
CurrentC, a merchant-backed mobile payment system in development to rival Google Wallet and Apple Pay, has been hacked during its pilot phase.
What began as a scheme to defraud office supply stores has evolved into more ambitious crimes that have cost retailers around the country millions of dollars — and the Nigerian cyber criminals behind the fraud have also turned at-home Internet users into unsuspecting accomplices.
The U.S. Senate has a few privacy-related questions it would like to ask the people in charge at Whisper, the self-proclaimed "safest place on the internet."
An odd new pattern of credit card fraud emanating from Brazil and targeting U.S. financial institutions could spell costly trouble for banks that are just beginning to issue customers more secure chip-based credit and debit cards.
What happens when a lawyer inadvertently produces an attorney protected by the attorney-client privilege? A Magistrate Judges and District Court Judge orders the receiving party to destroy the inadvertently produced email.
As a former ‘research scientist’ at the National Security Agency, I feel compelled to respond to James Bamford’s exclusive interview with Edward Snowden that appeared in the September issue of Wired magazine. Many of the factual assertions about the NSA and intelligence community that were included in Bamford’s article, and previous Snowden “disclosures,” are highly questionable.
"Corey, at times our auditors find fraud and when they do sometimes they need help collecting and analyzing the data on the computers and network. Could you look into this digital forensic thing just in case if something comes up?" This simple request is what lead me into the digital forensic and incident response field. In this post I'm highlighting how this type of organization is applied to timeline analysis leveraging Plaso.
There are no shortage of cases where the duty to preserve has gotten attorneys and parties a like in trouble. However, it is difficult to ask a Court to order a party to “follow the rules,” because the party already has a duty to so. However, if there is evidence of wrongdoing by the party that was subject to the duty to preserve, the outcome could be different.
Over the past year or so, we've seen some of the most pervasive and widespread credit card security breaches at many of the nation's largest retailers. With Apple's new Apple Pay service launching on Monday alongside a slew of security features, it comes at the perfect time.
Businesses of all sizes seem to be moving at least some operations to the cloud. It’s only a matter of time before you get a phone call asking you to conduct some kind of cloud forensics and/or incident response.
The U.S. Justice Department has piled on more charges against alleged cybercrime kingpin Roman Seleznev, a Russian national who made headlines in July when it emerged that he’d been whisked away to Guam by U.S. federal agents while vacationing in the Maldives.
US-based game developer Brianna Wu was driven from her home over the weekend after a troll posted her address online and threatened to rape, kill and mutilate her. This situation came about because of the Gamergate controversy.
Molly Sauter, a doctoral student at McGill University and a research affiliate at the Berkman Center at Harvard ("exploring cyberspace, sharing its study & pioneering its development"), has a paper calling the use of DDOS (distributed denial of service) attacks a legitimate form of activism and protest. This can't go unchallenged.
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing here in infosec land.
Having an IR Team is not a guarantee of breach-free life for the organization. In this short post I am trying to list very specific reasons why breaches happen despite IR teams being present and active. Instead of writing yet-another-smart-ass-who-knows-it-all post that talks about "events are ignored," "teams are underfunded," etc.