Within four days of the first public reports of a major flaw in OpenSSL's software for securing communications on the Internet, mass attacks searched for and targeted vulnerable servers. In a report, IBM found that while the attacks have died down, approximately half of the original 500,000 potentially vulnerable servers remain unpatched.
Mobile forensics has changed the methodology when it comes to offender profiling. The frequent use of mobile devices has provided investigators with another source for profiling criminal suspects, as well as an insight into their habits and personalities.
As in any job, in cybersecurity it’s the paperwork that gets you. In a recent study, the Government Accountability Office found that agencies are doing an incomplete job in documenting their response to security incidents.
Much has been made of the aging infrastructure and outdated software tools that are used to protect the power grid in the US from cybe attack, but a new era of code-breaking quantum computers threatens to give criminals future tech that rivals any sci-fi movie plot.
In a restricted intelligence document distributed to police, public safety, and security organizations in July, the Department of Homeland Security warned of a “malicious activity” that could expose secrets and security vulnerabilities in organizations’ information systems. The name of that activity: “Google dorking.”
Digital devices have provided law enforcement agencies investigating child abuse and exploitation with an embarrassment of riches. The devices can hold thousands of images that can be used as evidence and as clues to help identify and find missing children. But the sheer volume of data being reviewed can slow an investigation to a crawl.
JPMorgan Chase & Co is investigating a possible cyber attack and working with law enforcement authorities to determine the scope. It disclosed the investigation after the FBI said Wednesday evening it was investigating media reports earlier in the day that several U.S. financial companies have been victims of recent cyber attacks.
As the acting cybersecurity chief of a federal agency, Timothy DeFoggi should have been well versed in the digital footprints users leave behind online when they visit web sites and download images. But he must have believed his use of the Tor anonymizing network shielded him from federal investigators.
Black Hat USA 2014 recently welcomed more than 9,000 of the most renowned security experts. Tucked away from the glamour of the vendor booths giving away t-shirts and the large presentation rooms filled with rockstar sessions, was the Arsenal — a place where developers were able to present their security tools and grow their community.
Alleged Silk Road mastermind Ross Ulbricht (aka, Dread Pirate Roberts), has been indicted on three additional charges, including narcotics trafficking, distribution of narcotics by means of the internet, and conspiracy to traffic in fraudulent identification documents.
According to newly published documents, the National Security Agency has built a “Google-like” search interface for its vast database of metadata, and the agency shares it with dozens of other American intelligence agencies. The new documents are part of the Snowden leaks and were first published on by The Intercept.
Even before the academic semester starts, students from across the globe have begun registering for the largest set of student cybersecurity competitions in the world: the NYU Polytechnic School of Engineering Cyber Security Awareness Week (CSAW).
Six months ago, NIST released version 1.0 of its voluntary Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed with industry in a collaborative and open process over the course of a year, as directed by President Obama in Executive Order 13636. NIST is now seeking public feedback on the framework.
To help digital forensic and incident response (DFIR) professionals take on any Apple case without hesitation, the SANS Institute has introduced the new FOR518: Mac Forensic Analysis course. This intense hands-on forensic analysis course will help Windows-based investigators broaden their analysis capabilities and achieve the confidence and knowledge needed to comfortably analyze any Mac or iOS system without hesitation.
A cyber attack at a firm that performs background checks for U.S. government employees compromised data of at least 25,000 workers, including some undercover investigators, and that number could rise, agency officials say.