Advertisement
Topics
Subscribe to Topics

The Lead

Have the UK police successfully broken anonymity on the internet? They certainly seemed to imply as much when the National Crime Agency proudly announced recently that it had made 660 arrests after an operation to identify people viewing indecent images o

Have Police Really Cracked Tor?

July 25, 2014 11:03 am | by Eerke Boiten and Julio Hernandez-Castro, The Conversation | News | Comments

Have the UK police successfully broken anonymity on the internet? They certainly seemed to imply as much when the National Crime Agency proudly announced recently that it had made 660 arrests after an operation to identify people viewing indecent images of children online. The announcement raises questions about just how anonymous it is possible to be online.

Hackers Only Need to Get It Right Once, Security Needs to Get It Right Every Time

July 25, 2014 10:46 am | by Chris Triolo, SC Magazine | News | Comments

Hackers only need to find one weak point to steal valuable information. On the flip side, you...

Internet Explorer is the 'Sweet Spot' for Cyber Criminals

July 25, 2014 10:25 am | by Lee Bell, the Inquirer | News | Comments

Microsoft's Internet Explorer (IE) has become the most patched software product, receiving...

File System Ops, Testing Phase 2

July 25, 2014 9:43 am | by Corey Harrell | Blogs | Comments

As I mentioned in my previous post on this topic, there were two other tests that I wanted to...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

Ever posted a picture of your cat online? Unless your privacy settings avoid making APIs publicly available on sites like Flickr, Twitpic, Instagram or the like, there's a cat stalker who knows where your liddl' puddin' lives, and he's totally pwned your

Cat Stalker Knows Where Your Kitty Lives (and It's Your Fault)

July 25, 2014 9:29 am | by Lisa Vaas | Blogs | Comments

Ever posted a picture of your cat online? Unless your privacy settings avoid making APIs publicly available on sites like Flickr, Twitpic, Instagram or the like, there's a cat stalker who knows where your liddl' puddin' lives, and he's totally pwned your pussy by geolocating it.

Realistically, Live RAM analysis has its limitations, lots of them. Many types of artifacts stored in the computer’s volatile memory are ephemeral.

Limitations of Volatile Memory Analysis

July 25, 2014 8:51 am | Articles | Comments

Realistically, Live RAM analysis has its limitations, lots of them. Many types of artifacts stored in the computer’s volatile memory are ephemeral. While information about running processes will not disappear until they are finished, remnants of recent chats, communications, and other user activities may be overwritten with other content any moment the operating system demands yet another memory block.

How Hackers Hid a Money-mining Botnet in Amazon's Cloud

July 24, 2014 11:11 am | by Andy Greenberg, Wired | News | Comments

Hackers have long used malware to enslave armies of unwitting PCs, but security researchers Rob Ragan and Oscar Salazar had a different thought: Why steal computing power from innocent victims when there’s so much free processing power out there for the taking?

Advertisement
Security experts are warning that tens of thousands of WordPress sites have been compromised thanks to a known vulnerability in the MailPoet plug-in, leading to mass defacements, spam and outages.

Up to 50,000 WordPress Users Hit by MailPoet Malware Attack

July 24, 2014 11:01 am | by Infosecurity | News | Comments

Security experts are warning that tens of thousands of WordPress sites have been compromised thanks to a known vulnerability in the MailPoet plug-in, leading to mass defacements, spam and outages.               

European Central Bank Suffers Security Breach, Personal Data Stolen

July 24, 2014 9:57 am | by Charlie Osborne | Blogs | Comments

The European Central Bank (ECB) admitted Thursday that a security breach has led to the theft of personal data.                                       

Some of the hottest tickets in town — to Broadway hits, Jay-Z and Justin Timberlake concerts, a New York Yankees-Boston Red Sox game — were snapped up by an international ring of cyber thieves who commandeered more than 1,000 StubHub users' accounts to ma

Cyber Thieves Sell $1.6M in StubHub Tickets

July 24, 2014 9:46 am | by Associated Press | News | Comments

Some of the hottest tickets in town — to Broadway hits, Jay-Z and Justin Timberlake concerts, a New York Yankees-Boston Red Sox game — were snapped up by an international ring of cyber thieves who commandeered more than 1,000 StubHub users' accounts to make big money by fraudulently buying tickets and reselling them, prosecutors said Wednesday.

I recently conducted some testing of different actions on a Windows 7 system, with the specific purpose of identifying artifacts within the file system (in this case, the MFT and the USN change journal), particularly within individual records.

File System Ops, Effects on MFT Records

July 24, 2014 8:17 am | by Corey Harrell | Blogs | Comments

I recently conducted some testing of different actions on a Windows 7 system, with the specific purpose of identifying artifacts within the file system (in this case, the MFT and the USN change journal), particularly within individual records. 

Last year two Darpa-funded security researchers spent months cracking into a Ford Escape and a Toyota Prius, terrifying each other with tricks. At the Black Hat security conference in Las Vegas next month, they’ll unveil a prototype intrusion-detection sy

Device Stops Hackers from Crashing Cars

July 23, 2014 11:20 am | by Andy Greenberg, Wired | News | Comments

Last year two Darpa-funded security researchers spent months cracking into a Ford Escape and a Toyota Prius, terrifying each other with tricks. At the Black Hat security conference in Las Vegas next month, they’ll unveil a prototype intrusion-detection system for automobiles. 

Advertisement
The early use of digital forensics proved invaluable in a company’s investigation and legal pursuit of a renegade employee, averting potentially large business losses. Such effective outcomes can be challenging due to constant advancment of technology.

Digital Forensics in the Mobile, BYOD, Cloud Era

July 23, 2014 10:59 am | by Kerry Francis and Matt Larson, Inside Counsel | News | Comments

The early use of digital forensics proved invaluable in a company’s investigation and legal pursuit of a renegade employee, averting potentially large business losses. Such effective outcomes can be challenging due to constant advancment of technology.

A pro-Russian fighter places a black box from the crashed Malaysia Airlines Flight 17 on a table while handing it over from Donetsk People's Republic officials to Malaysian representatives in the city of Donetsk, eastern Ukraine

British Experts to Analyze MH17 Black Boxes

July 23, 2014 10:42 am | by Associated Press | News | Comments

Black boxes from the Malaysia Airlines plane downed in eastern Ukraine will be examined by U.K. air accident investigators, Britain's prime minister said Tuesday.                         

The Wall Street Journal was forced to take systems offline following a security breach, as yet another online publication suffers cyber attack.

Hacker Worms His Way into WSJ Computer Systems

July 23, 2014 10:07 am | by Charlie Osborne | Blogs | Comments

The Wall Street Journal was forced to take systems offline following a security breach, as yet another online publication suffers cyber attack.                             

Nigeria’s 419 scammers are now more likely target businesses with information-stealing malware. Although experts in social engineering with their infamous advanced-fee fraud scams, the Nigerian cyber criminals are novices when it comes to launching malwar

Nigeria's 419 Abandoning Phishing for the Malware Hunt

July 23, 2014 10:01 am | by Infosecurity | News | Comments

Nigeria’s 419 scammers are now more likely target businesses with information-stealing malware. Although experts in social engineering with their infamous advanced-fee fraud scams, the Nigerian cyber criminals are novices when it comes to launching malware campaigns.

I put together a python script that parses out several plist files related to Safari Internet History. Since the iPhone also uses Safari, I decided to expand the script to parse some iPhone Safari artifacts.

Safari and iPhone Internet History Parser

July 23, 2014 9:32 am | by Mari DeGrazia | Blogs | Comments

I put together a python script that parses out several plist files related to Safari Internet History. Since the iPhone also uses Safari, I decided to expand the script to parse some iPhone Safari artifacts.            

Advertisement
A new, extremely persistent type of online tracking is shadowing visitors to thousands of top websites. This type of tracking, called canvas fingerprinting, works by instructing the visitor's Web browser to draw a hidden image. Because each computer draws

Meet the Online Tracking Device that is Virtually Impossible to Block

July 22, 2014 12:14 pm | by Julia Angwin, ProPublica | News | Comments

A new, extremely persistent type of online tracking is shadowing visitors to thousands of top websites. This type of tracking, called canvas fingerprinting, works by instructing the visitor's Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user's device a number that uniquely identifies it.

Speaking through an online link up from Russia at the Hope X hacker conference in New York, N.S.A. whistleblower Edward Snowden called on designers, developers and technologists across the globe to build communications systems which can shut out prying st

Snowden Urges Hackers to Make Spilling Secrets Safer

July 22, 2014 12:01 pm | by Infosecurity | News | Comments

Speaking through an online link up from Russia at the Hope X hacker conference in New York, N.S.A. whistleblower Edward Snowden called on designers, developers and technologists across the globe to build communications systems which can shut out prying state-sponsored surveillance.  

A talk scheduled to be given at the upcoming Black Hat security conference has been cancelled. The talk would have explained how to identify users of the Internet privacy service Tor.

Black Hat Tor Talk Cancelled

July 22, 2014 11:19 am | by Joseph Menn, Reuters | News | Comments

A talk scheduled to be given at the upcoming Black Hat security conference has been cancelled. The talk would have explained how to identify users of the Internet privacy service Tor.                   

Gmail Account is Fair Game, Says US Judge

July 22, 2014 9:49 am | by Lisa Vaas | Blogs | Comments

A New York court opened up our entire Gmail accounts to feds or cops with warrants, in spite of two recent decisions that went against similar requests.                           

Forensic Scientist Identifies 'Back Doors' Running on iOS

July 21, 2014 2:25 pm | by Jason O'Grady | Blogs | Comments

Forensic scientist and author Jonathan Zdziarski has posted the slides from his talk at the Hackers On Planet Earth (HOPE/X) conference in New York called Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices.  

Russia Caught Editing Wikipedia Entry about MH17

July 21, 2014 10:31 am | by Kadhim Shubber, Wired UK | News | Comments

Thanks to a Twitter bot that monitors Wikipedia edits made from Russian government IP addresses, someone from the All-Russia State Television and Radio Broadcasting Company (VGTRK) has been caught editing a Russian-language Wikipedia reference to MH17 in an article on aviation disasters.

The Dangers of Social Media in the Military

July 21, 2014 9:59 am | by Lance Cpl. Tyler Giguere, DVIDS | News | Comments

Common tactics of social media extortionists include relating to a service member’s interests and posting pictures of attractive females to lure them into chats. What may seem like a normal person wanting to video chat or meet with a Marine, can actually be an extortionist trying to deceive him for his money or information.

Criminal Software, Government-grade Protection

July 21, 2014 9:43 am | by Quentin Hardy | Blogs | Comments

Researchers at a software security company say they have found a popular type of criminal software inside an extremely sophisticated “evasion code,” which they say was previously used by Russia to spy on one or more Eastern European governments.

Computer Forensics Reveal Murderous Searches

July 21, 2014 9:04 am | by Andy Kravetz, Journal Star | News | Comments

Although they don’t have an eyewitness or the actual murder weapon, Peoria County, Illinois prosecutors believe they have the next best thing — a series of Internet searches on Nathan Leuthold’s computer about ways to kill someone.     

NIST's Future without the NSA

July 21, 2014 8:40 am | by Brian Robinson | Blogs | Comments

Will the National Institute of Standards and Technology break its close relationship with the National Security Agency in developing cryptographic and cybersecurity standards? That seems very likely following a recent report by an outside panel of experts, and it will have implications for federal agencies.

Computer Forensics with P2 Commander

July 18, 2014 9:42 am | by Pranshu Bajpai, Infosec Institute | News | Comments

Computer Forensics is the methodical series of procedures and techniques used for procuring evidence from computer systems and storage media. This evidence can then be analyzed for relevant information that is to be presented in a court of law. Computer Forensics has frequently been listed as one of the most intriguing computer professions, however beginners may find themselves overwhelmed quickly.

The Switch to Private Sector Digital Forensics

July 18, 2014 9:05 am | Articles | Comments

There is clearly a difference in the type of investigations and examinations being performed versus what are encountered in the public sector. The private sector examiner can be expected to provide evidence to private attorneys, corporations, private investigators, and corporate security departments.

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading