Some cyber criminals build massive botnets to use unsuspecting endpoints for spam, distributed...
Within the DFIR and threat intel communities, there has been considerable talk about "TTPs"...
The goal of CrowdResponse is to provide a lightweight solution for incident responders to perform signature detection and triage data collection.
You end up having to talk to a range of people when building out an internal incident response process. It's a natural consequence because the way people did things in the past is changing and these changes will impact the way they do things going forward.
A 17-year-old scam artist allegedly ripped off 10,000 people who purchased a fake anti-virus app. A blogger for the website Android Police bought the app from the Play Store and discovered that Virus Shield had no anti-virus functionality whatsoever, and didn't do anything like it claimed.
In 2013, the malware UPATRE was noted as one of the top malware seen attached to spammed messages. The malware was also notorious for downloading other malware, including ZeuS and ransomware, particularly its more sophisticated form, Cryptolocker. This was enough reason to believe that the UPATRE threat is constantly advancing its techniques–this time, by using multiple levels of attachments.
A New Jersey woman lost her retirement savings after she fell for a phony Match.com cutie. The woman cashed out her IRA, sending the funds to somebody who turned out to be a crook.
In the wake of long-overdue media attention to revelations that a business unit of credit bureau Experian sold consumer personal data directly to an online service that catered to identity thieves, Experian is rightfully trying to explain its side of the story by releasing a series of talking points. This blog post is an attempt to add more context and fact-checking to those talking points.
Back when I was doing PCI exams (while a member of the IBM ISS ERS team), Visa would send us these lists which included file names (no paths) and hashes ... we had to search for them in every exam, so we did.
An exclusive KrebsOnSecurity investigation detailing how a unit of credit bureau Experian ended up selling consumer records to an identity theft service in the cybercrime underground has prompted a multi-state investigation by several attorneys general, according to wire reports.
It has solidified my opinion that to defeat the evil minions trying to steal our data or indeed trying to hide their own, we as a community need to be as collaborative as possible, sharing our knowledge and experience as much as we can.
I recently encountered a botnet targeting Android smartphone users who bank at financial institutions in the Middle East. The crude yet remarkably effective mobile bot that powers this whole operation comes disguised as one of several online banking apps, has infected more than 2,700 phones, and has intercepted at least 28,000 text messages.
How are Firefox profile directory names generated? To answer this question, we first have to understand which artifacts we are examining. In this case, we are dealing with Firefox profiles.
Windows 8 introduced a new feature of saving previously searched terms/keywords. I am refering to the Windows Search functionality which moved from the Start-menu in Windows 7 to the Charms bar in Windows 8.
Cybersecurity more and more resembles nothing less than old-fashioned warcraft, with both sides confident in the weaponry they have and in their ability to either penetrate or defend borders. As the threat of cyber conflicts ratchets up, the two modes of warfare seem at times to be getting chillingly similar.
Understanding command and control (a.k.a. C2, CnC or C&C), is critical to effectively detect, analyze, and remediate malware incidents. The phrase "command and control," which has its origins in military terminology, refers to the approach an attacker uses to take command of and exercise control over a compromised system.
Twitter accounts can cost more to purchase than a stolen credit card because an individual’s account credentials potentially have a greater yield.