Some of those who have lost bitcoins in the collapse of Mt. Gox have turned to internet sleuthing to find out where their money has gone — but they're unlikely to have much luck.
Police may soon have a new way to catch pedophiles who distribute child abuse photos anonymously...
Researchers have developed attack code that completely bypasses Microsoft's zero-day prevention...
Men who have seen and suffered the horrors of combat steel themselves each day for a job some find just as wrenching: fighting child sex crimes back home.
Popular domain registrar and web hosting service Namecheap has been having trouble with an unexpected DDoS attack targeting 300 or so domains on two of their DNS nameservers.
Building a botnet typically involves infecting a PC. But at the upcoming RSA Conference, two researchers plan to show how to build one with free cloud services.
A distributed denial-of-service attack targeting a client of the content delivery network Cloudflare reached new highs in malicious traffic today, striking at the company’s data centers in Europe and the US. According to a Twitter post by Cloudflare CEO Matthew Prince, the full volume of the attack exceeded 400 gigabits per second—making it the largest DDoS attack ever recorded.
Prolexic Technologies has issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.
Stepping up to fight the cyber war, Microsoft unveiled a new state of the art Cybercrime Center specifically designed to battle botnets, malware and other various forms of internet crime. Inside its new headquarters, Microsoft’s Digital Crimes Unit (DCU) is actively disrupting some of the most serious cybercrime threats currently facing modern society.
Researchers have uncovered a piece of botnet malware that is capable of infecting computers running Windows, Mac OS X, and Linux that have Oracle's Java software framework installed. The cross-platform HEUR:Backdoor.Java.Agent.a, takes hold of computers by exploiting CVE-2013-2465, a critical Java vulnerability that Oracle patched in June.
It's one of the more crude and old-school cyber attacks, but the distributed denial-of-service (DDoS) attack just keeps getting stronger, faster, and harder to deflect: new data shows the largest attack last year registered three times the volume of DDoS attacks in previous years, and attacks against SSL-protected websites jumped nearly 20 percent.
Aleksandr Andreevich Panin, aka "Gribodemon" and "Harderman," has pled guilty to charges accusing him of being the primary developer and distributor of the SpyEye banking trojan, according to the FBI. SpyEye, a derivative of Zeus was, before his arrest in July 2013, the world's foremost banking malware, having infected a reputed 1.4 million computers.
Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users. In fact, it was somewhat more than that: it was one of those "undelivered courier item" emails linking to a dodgy web server that guessed whether you were running Windows or OS X, and targeted you accordingly.
The fundamental tenets of an investigation remain consistent regardless of the domain being examined. Network forensics provides even greater evidence collection potential, but introduces some unique challenges that an investigator must understand and address to provide meaningful findings.
Facebook, Apple, Wal-Mart and other companies that plan to use facial-recognition scans for security will be helping to write the rules for how images and online profiles can be used. The US Department of Commerce will start meeting with industry and privacy advocates in February to draft a voluntary code of conduct for using facial recognition products, according to a public notice.
Bots account for 61.5 percent of all Internet traffic, according to online data security company Incapsula. This represents a 21 percent increase over the past year, and it signifies not only an increase in automated web traffic, but a significant increase in activity by the bad bots — those out to skim information and infiltrate databases and computers everywhere.
An unusual botnet that has ensnared more than 12,500 systems disguises itself as a legitimate add-on for Mozilla Firefox and forces infected PCs to scour websites for security vulnerabilities, an investigation by KrebsOnSecurity has discovered.
When the man who called himself “Mo” made a series of threats to detonate bombs last year, police had to scramble every time. Mo remained elusive for months, communicating via email, video chat and an Internet-based phone service without revealing his true identity or location, court documents show. So with no house to search or telephone to tap, investigators turned to a new kind of surveillance tool delivered over the Internet.
Thirteen defendants pleaded guilty in federal court in San Jose on Friday to charges related to their involvement in the cyber attack of PayPal’s website as part of the group Anonymous. One of the defendants also pleaded guilty to the charges arising from a separate cyber attack on the website of Santa Cruz County.
The Microsoft Digital Crimes Unit has successfully disrupted a rampant botnet in collaboration with Europol’s European Cybercrime Centre (EC3), the Federal Bureau of Investigation (FBI) and leaders in the technology industry, including A10 Networks Inc.
By downloading and using ESEA's proprietary anti-cheating client software, you effectively join a walled garden, or "fairness bubble," from which dodgy players are meant to be excluded. That means you can get down to genuine mano-a-mano contests (or perhaps, in multiplayer games, I mean mano-a-mano-a-mano-a-mano), without the disappointment of finding you are up against some sort of inhuman programmatic shooter-bot.
Every now and then, security researchers come across a server used by hackers to store stolen account credentials. The latest instance of this has been flagged by Daniel Chechik and Anat (Fox) Davidi of Trustwave’s SpiderLabs, who have discovered a stash login credentials for nearly two million online accounts.
BIPS, based in Copenhagen, Denmark and one of Europe's largest bitcoin payment processors, was breached last week. 1,295 bitcoins, worth around $1,000,000, were stolen. It is thought a two-stage attack — DDoS followed by hack — was employed.
Adam Lanza may have hinted at his deadly plans online in the days before last year's Sandy Hook Elementary School massacre. In documents that were part of a report released Monday, authorities say a Texas woman contacted Hartford police the day of the December 14 attack to say her son had interacted with someone while playing a videogame 20 hours earlier who said there would be a school shooting.
The courts have generally accepted evidence collected from the Internet as long as its authenticity can be established. Commonly accepted digital forensic methodologies can all be used to identify a three-pronged approach to Internet forensics.
This year has seen a few high-profile wins for the good guys in the form of botnet takedowns, especially those by Microsoft and Symantec earlier this year. But at least one security researcher is warning against rejoicing too heartily: the takedowns, he said, do little to make an impact on web safety for end users — and actually point out ongoing industry weakness in being able to mitigate bots.
A worm-like type of malicious software has been found targeting Apache Tomcat, an open-source Web server application, according to Symantec. The malware, which Symantec calls "Java.Tomdep," differs from other server malware in that it's not written in the PHP scripting language.
Huge chunks of Internet traffic belonging to financial institutions, government agencies, and network service providers have repeatedly been diverted to distant locations under unexplained circumstances that are stoking suspicions the traffic may be surreptitiously monitored or modified before being passed along to its final destination.
- Page 1