The Flashback trojan that hijacked well over 500,000 Macs at its peak is still clinging to life, with about 22,000 infected machines in recent days, a security researcher said. The compromised Macs were observed connecting to command and control servers that had been "sinkholed — meaning taken over for research or security purposes — by analysts from security firm Intego.
A researcher looked at the security of home banking apps, and found shocking results. Forty home banking apps from the top 60 most influential banks in the world were tested and found to have major security weaknesses.
A plan by AT&T Inc to explain how it shares some customer information with government agencies may not be enough to restore public trust, an attorney for New York State Comptroller Thomas DiNapoli told securities regulators.
RSA may well have earned much of the criticism being heaped upon it for allegedly enabling a backdoor in one of its encryption technologies under a contract with the National Security Agency. But singling out the company for reproach deflects attention from the role that other technology vendors may have had in enabling the NSA's data collection activities.
President Barack Obama is expected to rein in spying on foreign leaders and is considering restricting National Security Agency access to Americans' phone records, according to people familiar with a White House review of the government's surveillance programs.
More law enforcement agencies are doing more with less, but digital evidence keeps growing. Many digital evidence labs are backlogged. Some agencies are responding by asking personnel to wear more hats: computer forensics tasked with mobile forensics, investigators tasked with some digital evidence analysis. Therefore, asking for or obtaining all the evidence on every mobile device is less and less realistic.
A team of malware developers is preparing to sell a new ransomware program that encrypts files on infected computers and asks victims for money to recover them, according to a volunteer group of security researchers who tracked the development of the threat on underground forums in recent weeks.
SANS Institute will debut a new version of its popular digital forensic examination toolkit, SIFT Workstation, at the upcoming SANS Digital Forensics and Incident Response Training Event in Monterey, Calif., March 5 – 10. SIFT 3.0 is a complete rebuild of the previous SIFT version and features the latest digital forensic tools available today.
Oxygen Forensic Suite 2014 v.6.0 targets gang offences greatly improving the analysis of multiple mobile devices within a case. New analysis options allow investigating interactions occurring among users of multiple mobile devices, while the improved Timeline view is now able to display all events occurring during a certain time period in a single view regardless of the number of mobile devices in the case.
BlackBerry CEO John Chen says the company plans to open a new security center in the U.S. to improve mobile security. Speaking at the CES Government (CESG) event in Las Vegas, Chen said the new "Security Innovation Center" will be established in Washington, D.C., and will "serve as a hub for collaboration with key government customers and other expert partners."
Opposing court rulings on the National Security Agency's massive phone record surveillance — one threatening the program and the other supporting it — are stirring fast legal footwork as both cases start to wind their way through federal appeals courts and possibly to the Supreme Court.
President Obama is preparing a package of intelligence reforms that will probably put a public advocate for the first time in the secret court that approves surveillance practices and remove a controversial telephone records database from direct government control, aides said.
SANS Institute is bringing its most popular forensic courses together at one event with the introduction of the SANS Digital Forensics and Incident Response Training Event. This all-forensic event will take place in Monterey, Calif., March 5–10. SANS will also debut two new forensic courses at the event, FOR572: Advanced Network Forensics and Analysis and FOR585: Advanced Smartphone Forensics.
Oskar Zepeda has had pretty much one mission in his life: kill or capture. After serving nine tours of duty in Iraq and Afghanistan, he now has a new target — child predators. Zepeda, 29, is part of a 17-member class of veterans trained in computer forensics and sent to Immigration and Customs Enforcement field offices.
There has been a lot of news lately about nefarious-sounding backdoors being inserted into cryptographic standards and toolkits. One algorithm, a pseudo-random bit generator, Dual_EC_DRBG, was ratified by the National Institute of Standards and Technology (NIST) in 2007 and is attracting a lot of attention for having a potential backdoor.