Once again the Paraben team has put together just the right Forensic Innovation Environment with a perfect backdrop. The conference provides a brainshare and the perfect mix of lectures, trainings, and lab sessions that truly generate a spirit of collaboration and innovation that is forging new partnerships.
A study of published intelligence on three major malware families used in Russia's...
We live in a world today where individuals’ movements and locations are being recorded in many...
ISIS members have proven exceptionally difficult to track due a proper use of technology tools,...
We live in a world today where individuals’ movements and locations are being recorded in many different ways. These movements and locations are commonly being used as evidence in civil, criminal, and domestic litigation. It is of paramount importance that anyone who is involved in litigation that uses cellular location evidence understands the appropriate and inappropriate use of this type of location data.
Yes, I understand why passwords are universally despised: the strains they put on our memory, the endless demand to update them, their sheer number. I hate them, too. But there is more to passwords than their annoyance. In our authorship of them, in the fact that we construct them so that we (and only we) will remember them, they take on secret lives.
In its statement on Monday night, Anonymous explained that through the Klan's Twitter account, it obtained large amounts of information on multiple white supremacists, and "members of Anonymous who seized the account are continuing to debate if the identities of the people associated with the Klan's account should be released to the public."
With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against — what types of attacks are most common, what defenses are most widely used, and what challenges IR teams face in their response efforts.
Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government initiatives designed to give a fillip to British cybersecurity wannabes and graduates.
Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges.
To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments and corporations.
Law enforcement wasn't very willing to share about how it managed to slice through the layers of the Tor network, which is designed to mask users' identity by means of software that routes encrypted browsing traffic through a network of worldwide servers.
Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 2000, we realized that detection needed to be formalized as well, and the industry was full of detection products and services. This decade is one of response.
Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the White House.
Hackers have breached US Postal Service networks, leading to a significant breach of employee data.
Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach.
Most online account hijacking capers are carried out using automated bots, but not all. In fact, some of the most effective and damaging heists result from targeted, carefully staged, manual attacks, a new study by Google shows.
There are few things more frustrating to users than using a tool which doesn't support (or may even be at odds with) their processes. Tools should be designed to support our workflows, and the more often we perform a workflow, the more important it is that our tools support it.
The alert fired and the end point needs to be triaged but what options do you have. Do you spend the time to physically track down the end point, remove the hard drive, image the drive, and then start your analysis. How much time and resources would be spent approaching triage in this manner?