Advertisement
Topics
Subscribe to Topics

The Lead

How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and fo

Hacker or Military? Best of Both in Cyber Security

August 22, 2014 9:06 am | by John Dickson | Blogs | Comments

How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and formal recognition that one would expect from a military person.

What does that 'look like'?

August 22, 2014 8:52 am | by Harlan Carvey | Blogs | Comments

We've heard this question a lot, haven't we? I attended a conference about 2 1/2 years ago, and...

Data Search Character Classes

August 21, 2014 4:01 pm | Articles | Comments

One important basic concept to grasp is working with character classes, or sets. A character...

Heartbleed Not Only Reason for Health Systems Breach

August 21, 2014 10:51 am | by Sara Peters, Dark Reading | News | Comments

A security researcher has announced that the notorious OpenSSL bug, Heartbleed, was the initial...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

Computer security researchers TU Darmstadt/CASED in Germany and North Carolina State University in USA have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Androi

Researchers Develop Framework to Facilitate New Android Security Modules

August 21, 2014 10:41 am | by CASED | News | Comments

Computer security researchers from TU Darmstadt/CASED in Germany and North Carolina State University in USA have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Android Security Modules (ASM) framework aims to eliminate the bottleneck that prevents developers and users from taking advantage of new security tools.

Man-in-the-middle (MITM) attacks are “wreaking havoc” on Android users because over two-thirds of the most popular apps on Google Play contain SSL vulnerabilities, according to new research from FireEye.

SSL Vulnerabilities Found in Most Popular Android Apps

August 21, 2014 10:22 am | by Infosecurity Magazine | News | Comments

Man-in-the-middle (MITM) attacks are “wreaking havoc” on Android users because over two-thirds of the most popular apps on Google Play contain SSL vulnerabilities, according to new research from FireEye.             

FBI Warns Healthcare Firms They are Targeted by Hackers

August 21, 2014 10:03 am | by Jim Finkle, Reuters | News | Comments

The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.   

Advertisement
Dealing with insider threats, as in dealing with any threat to your network, requires a plan for incident response. An effective response includes forensics, and forensics and storage go hand in hand. With the window of time between a compromise and its d

Incident Response Requires Forensics and Storage

August 21, 2014 9:49 am | by William Jackson, GCN | News | Comments

Dealing with insider threats, as in dealing with any threat to your network, requires a plan for incident response. An effective response includes forensics, and forensics and storage go hand in hand. With the window of time between a compromise and its discovery widening, the amount of storage needed to accommodate data is becoming greater.

I've been an adjunct professor at NYU Poly for almost two years now. It's been a great experience for a number of reasons, one of which is because I'm teaching a hot topic: Vulnerability Analysis and Exploitation.

Learning Exploitation with FSExploitMe

August 21, 2014 9:28 am | by Brad Antoniewicz | Blogs | Comments

I've been an adjunct professor at NYU Poly for almost two years now. It's been a great experience for a number of reasons, one of which is because I'm teaching a hot topic: Vulnerability Analysis and Exploitation.           

The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures.

The Security of al Qaeda Encryption Software

August 20, 2014 11:32 am | by Bruce Schneier | Blogs | Comments

The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures.                           

The GameOver Zeus botnet, disrupted only two months ago by an international joint operation, continues to echo throughout the cybercrime landscape.

Bugat Malware Adds GameOver Functionality

August 20, 2014 11:08 am | by Tara Seals, Infosecurity Magazine | News | Comments

The GameOver Zeus botnet, disrupted only two months ago by an international joint operation, continues to echo throughout the cybercrime landscape.                             

The significant information breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.

Today's Biggest Security Gap? Identity

August 20, 2014 10:47 am | by Travis Greene, Security Week | News | Comments

The significant information breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.                       

Advertisement

Agencies Stalk the Insider Threat

August 20, 2014 10:25 am | by William Jackson, GCN | News | Comments

With cyber war comes the threat of new forms of espionage, as well as sabotage conducted within both the information systems and control systems that form the interface between the physical and cyber worlds. Security, both physical and cyber, traditionally has been outward facing. But espionage and sabotage often are the domains of the trusted insider, the agent operating from within.

auto_rip is a wrapper script for Harlan Carvey's RegRipper and the script has a few updates. The script's home has always been on the RegRipper Google Code site but Google dropped support for adding new downloads. As a result, I thought it might be helpfu

auto_rip, tr3secure_collection & DFS Updates

August 20, 2014 10:09 am | by Corey Harrell | Blogs | Comments

auto_rip is a wrapper script for Harlan Carvey's RegRipper and the script has a few updates. The script's home has always been on the RegRipper Google Code site but Google dropped support for adding new downloads. As a result, I thought it might be helpful to make newer versions available at different places since Google Code can no longer be used.

CCL will be demonstrating the social media monitoring tool Signal at the UK’s first international social media law enforcement conference.

CCL to Showcase Social Media Tools for Law Enforcement at Smile Conference

August 20, 2014 8:08 am | CCL-Forensics Limited | News | Comments

CCL will be demonstrating the social media monitoring tool Signal at the UK’s first international social media law enforcement conference.                               

The new digital forensics program at the University at Albany is designed to educate and prepare students to work in a fast-growing, billion-dollar market with high, long-term projected demand for trained professionals.

Digital Forensics Program Prepares Students to Tackle Cyber Crime

August 20, 2014 8:07 am | by Univ. of Albany | News | Comments

The new digital forensics program at the University at Albany is designed to educate and prepare students to work in a fast-growing, billion-dollar market with high, long-term projected demand for trained professionals.         

Community Health Systems, one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.

Community Health Data Stolen in Cyber Attack from China

August 19, 2014 11:08 am | by Jim Finkle and Caroline Humer, Reuters | News | Comments

Community Health Systems, one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.   

Advertisement
If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though n

How will you pay for the internet of the future?

August 19, 2014 10:58 am | by Lisa Vaas | Blogs | Comments

If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though not with money.

A recently unearthed targeted attack campaign suggests that Pakistan is evolving from hacktivism to cyber espionage.

Pakistan the Latest Cyberspying Nation

August 19, 2014 10:47 am | by Kelly Jackson Higgins | Blogs | Comments

A recently unearthed targeted attack campaign suggests that Pakistan is evolving from hacktivism to cyber espionage.                                      

Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.

Nuclear Regulator Hacked by Suspected Foreign Powers

August 19, 2014 10:37 am | by Aliya Sternstein, Nextgov | News | Comments

Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.               

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new org

A CDC for Cyber Crime

August 19, 2014 10:23 am | by Peter Singer, Wired | News | Comments

Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new organization for the cyber age. And it can do so by taking inspiration from one of the most successful agencies created in the past.

There are striking similarities between a crime scene investigation and cybercrime forensics. With IBM reporting 1.5 million U.S. cyber attacks monitored in 2013, IT and security professionals can take a few tips from law enforcement about securing, asses

Cyber Forensics: Taking Tips from a Detective's Playbook

August 18, 2014 3:50 pm | by Jayne Friedland Holland, GSN Magazine | News | Comments

There are striking similarities between a crime scene investigation and cybercrime forensics. With IBM reporting 1.5 million U.S. cyber attacks monitored in 2013, IT and security professionals can take a few tips from law enforcement about securing, assessing and reporting at a cyberattack crime scene.

Cybersecurity experts raise doubts whether the National Security Agency has successfully deployed an automated hack-back system known as MonsterMind, as revealed by former NSA contractor Edward Snowden in an interview with Wired.

Experts Raise Doubts about MonsterMind

August 18, 2014 10:23 am | by Eric Chabrow, Gov Info Security | News | Comments

Cybersecurity experts raise doubts whether the National Security Agency has successfully deployed an automated hack-back system known as MonsterMind, as revealed by former NSA contractor Edward Snowden in an interview with Wired.     

Security researchers have uncovered evidence of escalating cyber attacks emanating from Syria which use tried and tested techniques to download remote access trojans (RATs) onto victim PCs.

Syrian Hackers Ramp Up RAT Attacks

August 18, 2014 10:07 am | by Phil Muncaster, Infosecurity Magazine | News | Comments

Security researchers have uncovered evidence of escalating cyber attacks emanating from Syria which use tried and tested techniques to download remote access trojans (RATs) onto victim PCs.                 

German Spies Capture Kerry, Clinton Conversations

August 18, 2014 9:40 am | by Michael Nienaber, Reuters | News | Comments

Germany's foreign intelligence agency recorded at least one phone conversation held by U.S. Secretary of State John Kerry, a German magazine said on Saturday, potentially embarrassing Berlin which has reprimanded Washington for its surveillance.

Imagine discovering a secret language spoken only online by a knowledgeable and learned few. Over a period of weeks, as you begin to tease out the meaning of this curious tongue and ponder its purpose, the language appears to shift in subtle but fantastic

Lorem Ipsum: Of Good & Evil, Google & China

August 18, 2014 9:28 am | by Editor | Blogs | Comments

Imagine discovering a secret language spoken only online by a knowledgeable and learned few. Over a period of weeks, as you begin to tease out the meaning of this curious tongue and ponder its purpose, the language appears to shift in subtle but fantastic ways, remaking itself daily before your eyes. And just when you are poised to share your findings with the rest of the world, the entire thing vanishes.

A group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use

Researchers Develop Defense Software 'TCP Stealth'

August 18, 2014 9:00 am | by TUM | News | Comments

A group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

The FBI's premier cybersquad has focused attention on computer-based crime in recent months by helping prosecutors charge five Chinese army intelligence officials with stealing trade secrets from major companies and by snaring a Russian-led hacking ring t

Premier FBI Cybersquad in Pittsburgh to Add Agents

August 18, 2014 8:46 am | by Joe Mandak, Associated Press | News | Comments

The FBI's premier cybersquad has focused attention on computer-based crime in recent months by helping prosecutors charge five Chinese army intelligence officials with stealing trade secrets from major companies and by snaring a Russian-led hacking ring that pilfered $100 million from bank accounts worldwide.

Cybersecurity Remains a Gray Area for NATO

August 15, 2014 11:41 am | by Tom Risen, U.S. News & World Report | News | Comments

The North Atlantic Treaty Organization is expected to update its charter in September to address cybersecurity while leaving open the question of whether hacks count as an attack on its member states that could start a war. Leaving the definition open could cool fears about whether hackers could start a war.

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading