Advertisement
Blogs
Subscribe to DFI News

The Lead

Molly Sauter, a doctoral student at McGill University and a research affiliate at the Berkman Center at Harvard ("exploring cyberspace, sharing its study & pioneering its development"), has a paper calling the use of DDOS (distributed denial of service) a

Researcher Makes the Case for DDOS Attacks

October 14, 2014 | by Larry Seltzer | Comments

Molly Sauter, a doctoral student at McGill University and a research affiliate at the Berkman Center at Harvard ("exploring cyberspace, sharing its study & pioneering its development"), has a paper calling the use of DDOS (distributed denial of service) attacks a legitimate form of activism and protest. This can't go unchallenged.

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

Contact Opposing Counsel After Inadvertent Disclosure

October 24, 2014 9:53 am | by Joshua Gilliland, Esq. | Comments

What happens when a lawyer inadvertently produces an attorney protected by the attorney-client privilege? A Magistrate Judges and District Court Judge orders the receiving party to destroy the inadvertently produced email.  

TOPICS:

Four Ways Snowden Got it Wrong

October 23, 2014 11:29 am | by Dave Aitel | Comments

As a former ‘research scientist’ at the National Security Agency, I feel compelled to respond to James Bamford’s exclusive interview with Edward Snowden that appeared in the September issue of Wired magazine. Many of the factual assertions about the NSA and intelligence community that were included in Bamford’s article, and previous Snowden “disclosures,” are highly questionable.

TOPICS:

Timeline Analysis by Categories

October 22, 2014 11:24 am | by Corey Harrell | Comments

"Corey, at times our auditors find fraud and when they do sometimes they need help collecting and analyzing the data on the computers and network. Could you look into this digital forensic thing just in case if something comes up?" This simple request is what lead me into the digital forensic and incident response field. In this post I'm highlighting how this type of organization is applied to timeline analysis leveraging Plaso.

TOPICS:
Advertisement

Can You Ask the Court to Order a Party to Follow the Duty to Preserve?

October 21, 2014 8:52 am | by Joshua Gilliland, Esq. | Comments

There are no shortage of cases where the duty to preserve has gotten attorneys and parties a like in trouble. However, it is difficult to ask a Court to order a party to “follow the rules,” because the party already has a duty to so. However, if there is evidence of wrongdoing by the party that was subject to the duty to preserve, the outcome could be different.

TOPICS:
US-based game developer Brianna Wu was driven from her home over the weekend after a troll posted her address online and threatened to rape, kill and mutilate her. This situation came about because of the Gamergate controversy.

Another Game Developer Flees Her Home Following Gamergate Death Threats

October 14, 2014 9:32 am | by Lisa Vaas | Comments

US-based game developer Brianna Wu was driven from her home over the weekend after a troll posted her address online and threatened to rape, kill and mutilate her. This situation came about because of the Gamergate controversy.       

TOPICS:
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing

Strategic Incident Response to Increase Information Security after Breaches

October 13, 2014 11:10 am | by Samuel Liles | Comments

Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are going and take a moment to reflect on what we’re doing here in infosec land.

TOPICS:
Having an IR Team is not a guarantee of breach-free life for the organization. In this short post I am trying to list very specific reasons why breaches happen despite IR teams being present and active. Instead of writing yet-another-smart-ass-who-knows-i

Why Breaches Happen under IR Teams Noses

October 13, 2014 11:00 am | by Editor | Comments

Having an IR Team is not a guarantee of breach-free life for the organization. In this short post I am trying to list very specific reasons why breaches happen despite IR teams being present and active. Instead of writing yet-another-smart-ass-who-knows-it-all post that talks about "events are ignored," "teams are underfunded," etc.

TOPICS:
What a difference a few months can make. Shortly after the Heartbleed bug caused a panic in security circles, along comes something which could be even more serious and the reaction seems to be one big yawn.

What Gives? Shellshock Fails to Shock

October 13, 2014 8:33 am | by Brian Robinson | Comments

What a difference a few months can make. Shortly after the Heartbleed bug caused a panic in security circles, along comes something which could be even more serious and the reaction seems to be one big yawn.            

TOPICS:
Advertisement
British police forces have complained that as many as six smartphones seized have been remotely wiped in the past year, potentially killing vital evidence as part of ongoing investigations.

Smartphones 'Remotely Wiped' in Police Custody

October 10, 2014 11:06 am | by Zack Whittaker | Comments

British police forces have complained that as many as six smartphones seized have been remotely wiped in the past year, potentially killing vital evidence as part of ongoing investigations.                 

TOPICS:
Ever looked closely at a Google search URL and seen a weird "ei" parameter in there? While it doesn't seem to occur for every search, when it does, that "ei" parameter contains an encoded Unix UTC timestamp (and other things Google only knows). Interpreti

Google-ei'd ?!

October 10, 2014 10:38 am | by Editor | Comments

Ever looked closely at a Google search URL and seen a weird "ei" parameter in there? While it doesn't seem to occur for every search, when it does, that "ei" parameter contains an encoded Unix UTC timestamp (and other things Google only knows). Interpreting this artifact can thus allow forensic analysts to date a particular search session.

TOPICS:
A little-known Department of Homeland Security program for providing liability protection to US firms in the wake of terrorist or other attacks could also provide shelter for firms facing legal action in the wake of a cyber attack.

DHS Anti-Terrorism Program Could Provide Cyberattack Liability Protection

October 9, 2014 12:29 pm | by Kelly Jackson Higgins | Comments

A little-known Department of Homeland Security program for providing liability protection to US firms in the wake of terrorist or other attacks could also provide shelter for firms facing legal action in the wake of a cyber attack.     

TOPICS:
The US government is claiming that an agent had the right to set up a Facebook account and to impersonate a young woman using information it swiped from her seized mobile phone after she was arrested.

DEA Agent Steals Woman's Identity and Photos to Lure in Suspects on Facebook

October 9, 2014 11:32 am | by Lisa Vaas | Comments

The US government is claiming that an agent had the right to set up a Facebook account and to impersonate a young woman using information it swiped from her seized mobile phone after she was arrested.              

AT&T, one of the US's biggest telecoms, has fired an insider for having thumbed through customer accounts without authorization and potentially slurping customers' taxpayer IDs, driver license numbers and more.

AT&T Hit by Insider Breach

October 8, 2014 10:17 am | by Lisa Vaas | Comments

AT&T, one of the US's biggest telecoms, has fired an insider for having thumbed through customer accounts without authorization and potentially slurping customers' taxpayer IDs, driver license numbers and more.          

TOPICS:
If we have learned anything about payment technology over the past decade, it’s that there will always be a new technology or a new scheme that will be championed as a way to reduce the growing rise of payment card fraud.

Tokenization: 6 Reasons the Card Industry Should be Wary

October 8, 2014 9:58 am | by Pat Carroll | Comments

If we have learned anything about payment technology over the past decade, it’s that there will always be a new technology or a new scheme that will be championed as a way to reduce the growing rise of payment card fraud.        

TOPICS:
A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software.

Bugzilla Zero-Day Exposes Zero-Day Bugs

October 7, 2014 11:33 am | by Editor | Comments

A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software.

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading