Network Forensics
SUBSCRIBE TO FREE
DFI News EMAIL NEWSLETTER
Facebook, Microsoft Release Number of Data Requests from Government
June 17, 2013 12:02 pm | by Cecilia Kang | News | CommentsFacebook and Microsoft for the first time have said they had gotten data requests from the government under the Foreign Intelligence Surveillance Act, but they added that the U.S. government did not permit them to provide specific figures. The companies said some of the requests were for terrorism investigations. But others were from a local sheriff asking for data to locate a missing child or from federal marshals tracking fugitives.
Ex-spy Employee Had Secret Online Presence
June 14, 2013 8:37 am | by John Shiffman, Mark Hosenball and Kristina Cooke | News | CommentsWhile working for U.S. intelligence agencies, Edward Snowden had another secret identity: an online commentator who anonymously railed against citizen surveillance and corporate greed. He was also a prolific commentator on technology forum Ars Technica, posting approximately 750 messages.
Here's Everything We Know about PRISM to Date
June 13, 2013 4:45 pm | by Timothy Lee | Blogs | CommentsSince the Guardian and The Washington Post revealed the existence of the NSA’s PRISM program, there’s been a confusing debate about what exactly the program is and how it works. While the Obama administration has tacitly acknowledged the program’s existence, tech companies have angrily denied that they had given the NSA “direct” or “unfettered” access to their servers. So what’s going on?
Rise of the Social Bots
June 13, 2013 10:14 am | by Karthik Selvaraj | Blogs | CommentsMalware authors and distributors follow the money. When you consider the growing popularity of social networking websites, it should come as no surprise that malware continues to maintain its presence in this area. Malware authors and distributors know that social networks don’t just connect people, they also instill a form of implicit trust.
Snowden's Snooping Claims Raise Alarm Bells in Hong Kong
June 13, 2013 9:35 am | by James Pomfret | News | CommentsFresh revelations by former CIA employee Edward Snowden have raised concerns that the U.S. National Security Agency (NSA) may have hacked into Hong Kong's key internet exchange, which handles nearly all the Chinese territory's domestic web traffic.
Unwinding the Dead
June 12, 2013 4:58 pm | by Editor | Blogs | CommentsI have had a run of cases where significant information has been found in the iTunes backups on computers that I have looked at. If you weren't aware, owners of iPhone/iPad/iPod mobile devices can hook them up to their computers for backing-up purposes.
NIST Publishes Draft Cloud Computing Security Document for Comment
June 12, 2013 1:46 pm | News | CommentsThe National Institute of Standards and Technology (NIST) has published a draft document on security for cloud computing as used in the federal government. "NIST Cloud Computing Security Reference Architecture" provides a case study that walks readers through steps an agency follows using the cloud-adapted Risk Management Framework while deploying a typical application to the cloud.
Google's Real Secret Spy Program? Secure FTP
June 12, 2013 10:25 am | by Kim Zetter | News | CommentsGoogle does not participate in any government program involving a lockbox or other equipment installed at its facilities to transfer court-ordered data to the government, a company spokesman says, refuting with some finality one of the lingering theories about the NSA’s PRISM program. Instead the company transmits FISA information the old fashioned way: by hand, or over secure FTP.
Microsoft Citadel Takedown Ultimately Counterproductive
June 12, 2013 9:53 am | News | CommentsThe recent disruption of nearly 1500 Citadel botnets believed to be responsible for over half a billion US dollars in financial fraud and affecting more than five million people in 90 countries has been welcomed by most security experts, but not all.
Guardian Reporter Delayed Emailing NSA Source because Cryptography is Tough
June 11, 2013 4:57 pm | by Dan Goodin | News | CommentsIf you still haven't gotten around to encrypting your email, you have company. Glenn Greenwald, the civil liberties writer who recently exposed the National Security Agency's vast data-collection programs, wasn't quick to jump on the email encryption wagon either.
Why NSA Will Have the Capacity for All that Data It's Collecting
June 11, 2013 11:08 am | by Kevin McCaney | News | CommentsThe National Security Agency’s data gathering operations are generating a lot of debate among security and privacy proponents, but one thing is sure: all that data will have some place to go, and NSA will have the capacity for it. NSA is a few months away from beginning operations at a massive $1.2 billion code-breaking and data analysis data center in Utah.
US Helps Allies Trying to Battle Iranian Hackers
June 10, 2013 12:16 pm | by Thom Shanker and David Sanger | News | CommentsThe Obama administration has begun helping Middle Eastern allies build up their defenses against Iran’s growing arsenal of cyberweapons, and will be doing the same in Asia to contain computer-network attacks from North Korea, according to senior American officials.
Whistleblower Who Exposed NSA Mass-surveillance Revealed
June 10, 2013 11:52 am | by Megan Geuss | News | CommentsThe Guardian has released an interview with the man who has been the paper's source for a few now-infamous leaked documents that revealed a vast dragnet maintained by the NSA for gathering information on communications in America. That source, is Edward Snowden, 29, an employee of American defense contractor Booz Allen Hamilton and a former technical assistant for the CIA.
Intelligence Agencies and the Data Deluge
June 10, 2013 11:28 am | by Quentin Hardy | Blogs | CommentsPolitical leaders including President Obama and Senator Dianne Feinstein in recent days have defended snooping on private communications by noting that intelligence agencies were not reading personal messages, but rather information about the messages.
Spy Program Shows Just How Well US Knows Its People
June 10, 2013 10:52 am | by Hal Hodson | News | CommentsUsing network science, it is easy to manipulate large databases to figure out exactly who is behind every phone number, who they've talked to, when, where and for how long. The NSA probably doesn't care to track the movements and activities of every person in the Verizon database, but the possibility is just a mouse click away.
Making Sense of Patterns in the Twitterverse
June 7, 2013 3:06 pm | by Tom Rickey | News | CommentsCourt Corley, a data scientist at the Department of Energy's Pacific Northwest National Laboratory, has created a powerful digital system capable of analyzing billions of tweets and other social media messages in just seconds, in an effort to discover patterns and make sense of social media information.
Vrublevsky Arrested for Witness Intimidation
June 7, 2013 9:18 am | by Editor | Blogs | CommentsPavel Vrublevsky, the owner of Russian payments firm ChronoPay and the subject of an upcoming book by this author, was arrested in Moscow for witness intimidation in his ongoing trial for allegedly hiring hackers to attack against Assist, a top ChronoPay competitor.
Microsoft, FBI Take Aim at Global Cyber Crime Ring
June 6, 2013 10:05 am | by Jim Finkle | News | CommentsMicrosoft Corp and the FBI, aided by authorities in more than 80 countries, have launched a major assault on one of the world's biggest cyber crime rings, believed to have stolen more than $500 million from bank accounts over the past 18 months.
Cyber Command Redefines the Art
June 6, 2013 9:22 am | by Robert Ackerman | News | CommentsThe U.S. Cyber Command is developing a strategy that acknowledges the convergence of network systems by empowering a similar convergence of military disciplines to help place U.S. cyberspace operators on a level field with their malevolent counterparts.
Some Companies Look to Retaliate against Cyber Attackers
May 31, 2013 2:49 pm | by Paresh Dave | News | CommentsFrustrated by their inability to stem an onslaught of computer hackers, some companies are considering adopting the standards of the Wild West to fight back against online bandits. In taking an eye-for-an-eye approach, some of the companies that have been attacked are looking at retaliating against the attackers, covertly shutting down computers behind the cyber assaults or even spreading a new virus to stymie the hackers.
The Case for Teaching Network Protocols to Computer Forensics Examiners: Part 1
May 28, 2013 11:09 am | by Gary C. Kessler and Matt Fasulo | Articles | CommentsMost computer forensics experts are well-versed in basic computer hardware technology, operating systems, common software applications, and computer forensics tools. And while many have rudimentary knowledge about the Internet and simple network-lookup tools, they are not trained in the analysis of network communication protocols and the use of packet sniffers.
Active Cloud Archive
May 23, 2013 8:15 am | Product Releases | CommentsInfoPreserve Inc. and dtSearch Corp. announce the addition of new Active Cloud Archive features to InfoPreserve’s existing cloud-based software offering. The InfoPreserve platform leverages the dtSearch Engine’s broad data support and full-text search capabilities to optimize searching of documents and metadata, e-mails and attachments, and other enterprise data.
Cyber-espionage Campaign Uses Professionally-made Malware
May 22, 2013 2:38 pm | News | CommentsTrend Micro researchers have discovered a new, massive cyber espionage campaign that has been hitting as many as 71 victims each day, including government ministries, technology companies, academic research institutions, nongovernmental organizations and media outlets.
Large Attacks Hide More Subtle Threats in DDoS Data
May 21, 2013 4:37 pm | by Robert Lemos | News | CommentsLarge attacks are not the most significant denial-of-service (DoS) threat for most companies, according to DDoS mitigation experts. While approximately three-quarters of all DoS attacks are bandwidth-clogging floods of network packets, the remaining quarter are application-layer attacks.
Conversations with a Bulletproof Hoster
May 21, 2013 2:07 pm | by Editor | Blogs | CommentsCriminal commerce on the Internet would mostly grind to a halt were it not for the protection offered by so-called “bulletproof hosting” providers — the online equivalent of offshore havens where shady dealings go ignored. Last month I had an opportunity to interview a provider of bulletproof services for one of the Web’s most notorious cybercrime forums.
