Advertisement
Blogs
Subscribe to DFI News

The Lead

PFIC 2014 - A Great Exchange of Ideas

November 13, 2014 | by Chet Hosmer | Comments

Once again the Paraben team has put together just the right Forensic Innovation Environment with a perfect backdrop. The conference provides a brainshare and the perfect mix of lectures, trainings, and lab sessions that truly generate a spirit of collaboration and innovation that is forging new partnerships. 

TOPICS:
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

In its statement on Monday night, Anonymous explained that through the Klan's Twitter account, it obtained large amounts of information on multiple white supremacists, and "members of Anonymous who seized the account are continuing to debate if the identi

Anonymous Statement: KKK is a Terrorist Group, KKK Responds Poorly

November 18, 2014 11:48 am | by Violet Blue | Comments

In its statement on Monday night, Anonymous explained that through the Klan's Twitter account, it obtained large amounts of information on multiple white supremacists, and "members of Anonymous who seized the account are continuing to debate if the identities of the people associated with the Klan's account should be released to the public."

TOPICS:
With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against – what types of att

2014 SANS Incident Response Survey Results

November 17, 2014 11:35 am | by Garrett Gross | Comments

With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against — what types of attacks are most common, what defenses are most widely used, and what challenges IR teams face in their response efforts. 

TOPICS:
Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government ini

Cyber security: Do the experts need letters after their name?

November 17, 2014 10:47 am | by Tom Brewster | Comments

Despite its reticence over everything Snowden, GCHQ has been awfully proud of its work with academia over the last year. Though it has always worked closely with universities, the Cheltenham-based spy agency has given its backing to various government initiatives designed to give a fillip to British cybersecurity wannabes and graduates.

TOPICS:
Advertisement
Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges.

Network Hijackers Exploit Technical Loophole

November 14, 2014 10:36 am | by Editor | Comments

Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world’s Internet address ranges.  

TOPICS:
To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments

The Mercenaries

November 13, 2014 11:25 am | by Shane Harris | Comments

To all outward appearances, Endgame Inc. looks like the typical young tech startup. It is anything but. Endgame is one of the leading players in the global cyber arms business. Among other things, it compiles and sells zero day information to governments and corporations.

TOPICS:
Law enforcement wasn't very willing to share about how it managed to slice through the layers of the Tor network, which is designed to mask users' identity by means of software that routes encrypted browsing traffic through a network of worldwide servers.

Tor Project Puzzles Over How the Law Shredded Anonymity in Operation Onymous

November 12, 2014 10:03 am | by Lisa Vaas | Comments

Law enforcement wasn't very willing to share about how it managed to slice through the layers of the Tor network, which is designed to mask users' identity by means of software that routes encrypted browsing traffic through a network of worldwide servers.

TOPICS:
Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 20

The Future of Incident Response

November 12, 2014 9:19 am | by Bruce Schneier | Comments

Security is a combination of protection, detection, and response. It's taken the industry a long time to get to this point, though. The 1990s was the era of protection. Our industry was full of products that would protect your computers and network. By 2000, we realized that detection needed to be formalized as well, and the industry was full of detection products and services. This decade is one of response.

TOPICS:
Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the White House.

Attacks on Open Source Call for Better Software Design

November 11, 2014 9:25 am | by Brian Robinson | Comments

Another day, another major vulnerability for government systems, it seems. This time it affects Drupal, a popular, open source content management system that’s been used for an increasing number of agency websites, including the White House.   

TOPICS:
Advertisement
Hackers have breached US Postal Service networks, leading to a significant breach of employee data.

Hackers Hit US Postal Service Networks, Employee Data Grabbed

November 10, 2014 11:27 am | by Zack Whittaker | Comments

Hackers have breached US Postal Service networks, leading to a significant breach of employee data.                                           

TOPICS:
Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach.

DHS Employee Data Breached in 'State-sponsored Attack'

November 7, 2014 11:55 am | by Lisa Vaas | Comments

Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach.                         

TOPICS:
Most online account hijacking capers are carried out using automated bots, but not all. In fact, some of the most effective and damaging heists result from targeted, carefully staged, manual attacks, a new study by Google shows.

Google: Manual Account Hijacks Much More Dangerous than Bot Takeovers

November 7, 2014 10:16 am | by Jai Vijayan | Comments

Most online account hijacking capers are carried out using automated bots, but not all. In fact, some of the most effective and damaging heists result from targeted, carefully staged, manual attacks, a new study by Google shows.      

TOPICS:
There are few things more frustrating to users than using a tool which doesn't support (or may even be at odds with) their processes. Tools should be designed to support our workflows, and the more often we perform a workflow, the more important it is tha

Triage Any Alert with These Five Weird Questions!

November 6, 2014 9:58 am | by David Bianco | Comments

There are few things more frustrating to users than using a tool which doesn't support (or may even be at odds with) their processes. Tools should be designed to support our workflows, and the more often we perform a workflow, the more important it is that our tools support it.

TOPICS:
 The alert fired and the end point needs to be triaged but what options do you have. Do you spend the time to physically track down the end point, remove the hard drive, image the drive, and then start your analysis. How much time and resources would be s

Triaging with Tr3Secure Script's NTFS Artifacts Only Option

November 6, 2014 9:49 am | by Corey Harrell | Comments

The alert fired and the end point needs to be triaged but what options do you have. Do you spend the time to physically track down the end point, remove the hard drive, image the drive, and then start your analysis. How much time and resources would be spent approaching triage in this manner? 

TOPICS:
The newest version of the OpenBSD operating system, version 5.6, replaces the ubiquitous OpenSSL library with LibreSSL, a fork of OpenSSL created by the OpenBSD team.

OpenBSD 5.6 Replaces OpenSSL with LibreSSL

November 5, 2014 10:29 am | by Larry Seltzer | Comments

The newest version of the OpenBSD operating system, version 5.6, replaces the ubiquitous OpenSSL library with LibreSSL, a fork of OpenSSL created by the OpenBSD team.                       

TOPICS:
On Sunday, the West Yorkshire Rugby League club's Keighley Cougars home page was replaced with a a black screen that read "Hacked By Team System DZ" at the top and featuring the message: "I love you isis."

Rugby Team's Site Defaced to Read 'I love you isis'

November 4, 2014 10:50 am | by Lisa Vaas | Comments

On Sunday, the West Yorkshire Rugby League club's Keighley Cougars home page was replaced with a a black screen that read "Hacked By Team System DZ" at the top and featuring the message: "I love you isis."             

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading