Will the National Institute of Standards and Technology break its close relationship with the National Security Agency in developing cryptographic and cybersecurity standards? That seems very likely following a recent report by an outside panel of experts, and it will have implications for federal agencies.
A New York court opened up our entire Gmail accounts to feds or cops with warrants, in spite of...
Forensic scientist and author Jonathan Zdziarski has posted the slides from his talk at the...
The recent NIST Mobile Forensics Webcast and SANS FOR585 poster got monkey thinking about using the Android emulator for application artefact research. By using an emulator, we don't need to "root" an Android device in order to access artifacts from the protected data storage area.
The term live response is being heard more and more frequently but what exactly is it and how does it differ from traditional forensics.
Google has hired a prolific hacker by the name of George Hotz to join the Project Zero team. Hotz is well-known for hacking Sony's PlayStation 3 and Apple's iPhone.
The US Government Accountability Office compared documented incident response actions to requirements set by the Federal Information Security Management Act of 2002 (FISMA) and National Institute of Standards and Technology (NIST) Special Publication 800-61, Computer Security Incident Handling Guide. The results were surprising.
Germany is thinking about using manual typewriters to evade US snooping. According to The Guardian, the head of the Bundestag's parliamentary inquiry into National Security Agency (NSA) activity in Germany — Christian Democrat politican Patrick Sensburg - said in an interview with Morgenmagazin TV that he and his colleagues were considering tossing email completely.
For small businesses looking to reduce their exposure to data theft the good news is the advantage of being small.
We were delighted to write, in early June 2014, about the takedown of a sizeable part of the criminal infrastructure behind the Gameover botnet and the CryptoLocker ransomware. We didn't for a moment think that this takedown would be a permanent cure, because it wasn't really a cure at all.
Linux forensics/incident response is a new thing for me. I've never had occasion thus far to conduct a "real" investigation into a Linux machine. This "intrusion" into my honeypot inspired me to conduct my own attack and investigation so I could learn more about the subject.
U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests.
Security information and event management (SIEM) has been an area where I have spent considerable time researching. My research started out as curiosity to see if the technology could solve some problems then continued to get organization buy-in followed by going all in to architect, implement, and manage a SIEM for my organization.
Late last year, hackers breached Target's data security and stole information from millions of credit cards. Brian Krebs, who writes about cyber crime and computer security for his blog, Krebs on Security, broke the story. A few days later, he broke the story of a credit card breach at Neiman Marcus.
I've seen a trend in recovered stolen devices over the past few years: the bad guys are rapidly restoring devices to factory settings to prevent them from being tracked by the owner or law enforcement. That leaves me with a problem, though: how do I determine the owner of a device that has been restored?
There are a lot of folks with different skill sets and specialties involved in targeted threat analysis and threat intel collection and dissemination. There are a lot of researchers with specific skill sets in network traffic analysis, malware reverse engineering, etc.
Coordinated botnet disruptions have increased in pace and popularity over the last few years as more private companies work with international law enforcement agencies to combat malware infections on a grand scale. Operation Tovar, announced on June 2 2014, is the latest to make headlines.
With the constant drumbeat of cybersecurity worries that government has to deal with, it’s easy to lose sight of the trees when it comes to threats, and to consider them all as part of the same dark forest.