Subscribe to DFI News

The Lead

Microsoft is Finally Killing Its Darlings

April 9, 2014 | by Lily Hay Newman | Comments

Microsoft released seven security updates for Windows XP and four for Microsoft Office 2003. The company made it clear (if it wasn't already) that this is the end of the line.                     

View Sample

DFI News

Signature Detection with CrowdResponse

April 10, 2014 3:30 pm | by Chad Tilbury | Comments

The goal of CrowdResponse is to provide a lightweight solution for incident responders to perform signature detection and triage data collection.                             


Holding the Line

April 10, 2014 10:55 am | by Corey Harrell | Comments

You end up having to talk to a range of people when building out an internal incident response process. It's a natural consequence because the way people did things in the past is changing and these changes will impact the way they do things going forward.


Google Takes Down Fake Anti-virus App

April 9, 2014 9:39 am | by John Zorabedian | Comments

A 17-year-old scam artist allegedly ripped off 10,000 people who purchased a fake anti-virus app. A blogger for the website Android Police bought the app from the Play Store and discovered that Virus Shield had no anti-virus functionality whatsoever, and didn't do anything like it claimed.


UPATRE Ups the Ante with Attachment Inside an Attachment

April 8, 2014 10:56 am | by Marilyn Melliang | Comments

In 2013, the malware UPATRE was noted as one of the top malware seen attached to spammed messages. The malware was also notorious for downloading other malware, including ZeuS and ransomware, particularly its more sophisticated form, Cryptolocker. This was enough reason to believe that the UPATRE threat is constantly advancing its techniques–this time, by using multiple levels of attachments.

TOPICS: Lothario Cons Woman Out of Her Retirement Savings

April 8, 2014 10:42 am | by Lisa Vaas | Comments

A New Jersey woman lost her retirement savings after she fell for a phony cutie. The woman cashed out her IRA, sending the funds to somebody who turned out to be a crook.                 


Fact-Checking Experian’s Talking Points

April 7, 2014 11:00 am | by Editor | Comments

In the wake of long-overdue media attention to revelations that a business unit of credit bureau Experian sold consumer personal data directly to an online service that catered to identity thieves, Experian is rightfully trying to explain its side of the story by releasing a series of talking points. This blog post is an attempt to add more context and fact-checking to those talking points.


What's Up?

April 4, 2014 5:01 pm | by Harlan Carvey | Comments

Back when I was doing PCI exams (while a member of the IBM ISS ERS team), Visa would send us these lists which included file names (no paths) and hashes ... we had to search for them in every exam, so we did.            


US States Investigating Breach at Experian

April 4, 2014 11:07 am | by Editor | Comments

An exclusive KrebsOnSecurity investigation detailing how a unit of credit bureau Experian ended up selling consumer records to an identity theft service in the cybercrime underground has prompted a multi-state investigation by several attorneys general, according to wire reports.


Never-ending Training Cycle

April 3, 2014 11:18 am | by Editor | Comments

It has solidified my opinion that to defeat the evil minions trying to steal our data or indeed trying to hide their own, we as a community need to be as collaborative as possible, sharing our knowledge and experience as much as we can.    


Android Botnet Targets Middle East Banks

April 3, 2014 9:27 am | by Editor | Comments

I recently encountered a botnet targeting Android smartphone users who bank at financial institutions in the Middle East. The crude yet remarkably effective mobile bot that powers this whole operation comes disguised as one of several online banking apps, has infected more than 2,700 phones, and has intercepted at least 28,000 text messages.  


Verifying Program Behavior Using Source Code

April 2, 2014 10:30 am | by Dan Pullega | Comments

How are Firefox profile directory names generated? To answer this question, we first have to understand which artifacts we are examining. In this case, we are dealing with Firefox profiles.                 


Search History on Windows 8 and 8.1

April 1, 2014 10:44 am | by Editor | Comments

Windows 8 introduced a new feature of saving previously searched terms/keywords. I am refering to the Windows Search functionality which moved from the Start-menu in Windows 7 to the Charms bar in Windows 8.            


Can government's cyber defense withstand a market-driven offense?

April 1, 2014 9:36 am | by Brian Robinson | Comments

Cybersecurity more and more resembles nothing less than old-fashioned warcraft, with both sides confident in the weaponry they have and in their ability to either penetrate or defend borders. As the threat of cyber conflicts ratchets up, the two modes of warfare seem at times to be getting chillingly similar.


The Importance of Command and Control Analysis for Incident Response

March 31, 2014 10:21 am | by Anuj Soni | Comments

Understanding command and control (a.k.a. C2, CnC or C&C), is critical to effectively detect, analyze, and remediate malware incidents. The phrase "command and control," which has its origins in military terminology, refers to the approach an attacker uses to take command of and exercise control over a compromised system. 


Why a Twitter Account May be More Valuable Than a Credit Card

March 28, 2014 9:58 am | by Michael Callahan | Comments

Twitter accounts can cost more to purchase than a stolen credit card because an individual’s account credentials potentially have a greater yield.                             



You may login with either your assigned username or your e-mail address.
The password field is case sensitive.