Advertisement
Topics
Subscribe to Topics

The Lead

For more than a decade, a powerful app called Metasploit has been the most important tool in the hacking world: An open-source Swiss Army knife of hacks that puts the latest exploits in the hands of anyone who’s interested, from random criminals to the th

FBI Uses Abandoned Code to Find Those Hiding behind Tor

December 17, 2014 10:47 am | by Kevin Poulsen, Wired | News | Comments

For more than a decade, a powerful app called Metasploit has been the most important tool in the hacking world: An open-source Swiss Army knife of hacks that puts the latest exploits in the hands of anyone who’s interested, from random criminals to the thousands of security professionals who rely on the app to scour client networks for holes. Now Metasploit has a new and surprising fan: the FBI. 

Quantum Physics Can Make Credit Cards Fraud-proof

December 17, 2014 10:31 am | by The Optical Society | News | Comments

Credit card fraud and identify theft are serious problems for consumers and industries. Though...

Apps, Not Malware, Should be Your Biggest Mobile Concern

December 17, 2014 10:02 am | by Patrick Marshall | Blogs | Comments

Network security would be relatively simple if it weren't for end users. But just when IT...

NYC Premiere of Sony Film Canceled after Threats

December 17, 2014 9:41 am | by Bernard Condon, Associated Press | News | Comments

Threats of violence against movie theaters. The New York premiere of "The Interview"...

View Sample

SUBSCRIBE TO FREE DFI News EMAIL NEWSLETTER

The Institute of Technology at the University of Washington Tacoma, in collaboration with the Tacoma Police Department, will offer a three-course sequence in mobile digital forensics beginning January 2015.

UW Tacoma Partners with Tacoma PD to Teach Mobile Digital Forensics

December 17, 2014 9:19 am | by University of Washington Tacoma | News | Comments

The Institute of Technology at the University of Washington Tacoma, in collaboration with the Tacoma Police Department, will offer a three-course sequence in mobile digital forensics beginning January 2015.           

Depending upon the nature of investigations, timely forensic examinations normally can expedite the apprehension of suspects. The use of a triage tool can identify the most likely evidentiary data sources. Ideally, the relevant evidence should then be sea

Streamlining the Digital Forensic Workflow: Part 3

December 17, 2014 8:49 am | by John J. Barbara | Digital Forensics Consulting, LLC | Articles | Comments

Depending upon the nature of investigations, timely forensic examinations normally can expedite the apprehension of suspects. The use of a triage tool can identify the most likely evidentiary data sources. Ideally, the relevant evidence should then be seamlessly exported and analyzed in-depth by another comprehensive forensic tool which can provide indexing and detailed analysis.

Dakota county is creating the first local Electronic Crimes Task Force based in Minnesota. Ten agencies — nine city police departments and the sheriff’s office — will participate in the group, which will begin operating next month.

Police Departments Join Forces, Bring Tech Analysis In-house

December 16, 2014 11:50 am | by Jessie Van Berkel, Star Tribune | News | Comments

Dakota county is creating the first local Electronic Crimes Task Force based in Minnesota. Ten agencies — nine city police departments and the sheriff’s office — will participate in the group, which will begin operating next month.     

Advertisement
Google has blacklisted more than 11,000 domains involved in the latest malware campaign from SoakSoak.ru. But, the impact is apparently much larger: it seems to be affecting most hosts across the WordPress hosting spectrum, according to researchers.

Wordpress Sites Serving SoakSoak

December 16, 2014 11:34 am | by Tara Seals, Infosecurity Magazine | News | Comments

Google has blacklisted more than 11,000 domains involved in the latest malware campaign from SoakSoak.ru. But, the impact is apparently much larger: it seems to be affecting most hosts across the WordPress hosting spectrum, according to researchers.

Criminal hackers are actively exploiting the critical shellshock vulnerability to install a self-replicating backdoor on a popular line of storage systems, researchers have warned.

Worm Exploits Shellshock to Take Over Network Storage Systems

December 16, 2014 11:20 am | by Dan Goodin, Ars Technica | News | Comments

Criminal hackers are actively exploiting the critical shellshock vulnerability to install a self-replicating backdoor on a popular line of storage systems, researchers have warned.                   

Seventy-six percent of organizations in the U.S. and U.K. have suffered a DNS   attack, with 49 percent experiencing one in the past 12 months, according to   Cloudmark.

DNS Attacks Plunder Organizations

December 16, 2014 11:03 am | by Help Net Security | News | Comments

Seventy-six percent of organizations in the U.S. and U.K. have suffered a DNS attack, with 49 percent experiencing one in the past 12 months, according to Cloudmark.                        

One year after the cybercrime underground slashed the price of a stolen identity by as much as 37 percent due to a glut in the black market, the price tag for a pilfered ID has inched upward again.

Price Tag Rises for Stolen Identities Sold in the Underground

December 16, 2014 10:45 am | by Kelly Jackson Higgins | Blogs | Comments

One year after the cybercrime underground slashed the price of a stolen identity by as much as 37 percent due to a glut in the black market, the price tag for a pilfered ID has inched upward again.               

This is the conclusion of our discusion with Jake Williams, Instructor at SANS Institute. We've discused North Korea's involvement, or lack of involvement, in the Sony breach, but who else might have been involved? And what is Sony doing to find out? Also

Some DFIR for Sony Cybersecurity

December 16, 2014 9:56 am | by Ernie Austin, Newsletter Editor | SANS Institute | Articles | Comments

This is the conclusion of our discussion with Jake Williams, Instructor at SANS Institute. We've discused North Korea's involvement, or lack of involvement, in the Sony breach, but who else might have been involved? And what is Sony doing to find out? Also, Jake lets us know from a digital-forensic perpective what could be done in situtations like this in the future.

Advertisement
The Federal Bureau of Investigation has warned U.S. businesses to be on the alert for a sophisticated Iranian hacking operation whose targets include defense contractors, energy firms and educational institutions, according to a confidential agency docume

FBI Warns Iran Hackers May Target US Firms

December 15, 2014 11:42 am | by Jim Finkle, Reuters | News | Comments

The Federal Bureau of Investigation has warned U.S. businesses to be on the alert for a sophisticated Iranian hacking operation whose targets include defense contractors, energy firms and educational institutions, according to a confidential agency document.

SiQuest was voted "Industry Innovator 2014" by SC Magazine under the category of Analysis and Testing for the evaluation and performance of their new Internet Examiner® Toolkit forensic software.

SiQuest Voted Industry Innovator 2014

December 15, 2014 11:27 am | SiQuest Corporation | News | Comments

SiQuest was voted "Industry Innovator 2014" by SC Magazine under the category of Analysis and Testing for the evaluation and performance of their new Internet Examiner® Toolkit forensic software.               

 It’s getting a lot harder to be impressed by the latest piece of malware or cyber threat that hits the streets, given the already formidable arsenal that has been created for hackers to choose from. The every day distributed denial of service (DDoS) thre

Cyberattack 'Platforms' Call for Defense in Depth – and Breadth

December 15, 2014 11:26 am | by Brian Robinson | Blogs | Comments

It’s getting a lot harder to be impressed by the latest piece of malware or cyber threat that hits the streets, given the already formidable arsenal that has been created for hackers to choose from. The every day distributed denial of service (DDoS) threat now seems almost quaint. Then along comes Regin.

Researchers from Universidad Carlos III de Madrid (UC3M) and the Universidad de Málaga (UMA) have collaborated with the consulting and technology company Indra on the development of a new advanced simulator of training in cybersecurity, a system that teac

New Simulator Provides Training in Cybersecurity

December 15, 2014 11:01 am | by Carlos III University of Madrid | News | Comments

Researchers from Universidad Carlos III de Madrid (UC3M) and the Universidad de Málaga (UMA) have collaborated with the consulting and technology company Indra on the development of a new advanced simulator of training in cybersecurity, a system that teaches users how to carry out computer forensics, prevent cyber attacks and learn techniques of cyber defense.

The Sony breach has given a great deal of attention on North Korea. Whether the   insular country was guilty of the attack or not, our continuing discusion with   SANS Instructor, Jake Williams, touched on its capabilities.

Questioning North Korean Sony Breach Involvement

December 15, 2014 10:29 am | by Ernie Austin, Newsletter Editor | SANS Institute | Articles | Comments

The Sony breach has given a great deal of attention to North Korea. Regardless of whether the insular country had a part in the attack or not, our continuing discussion with SANS Instructor, Jake Williams, touched on its capabilities.     

Advertisement
At first glance, it would seem that the most logical and obvious way to increase storage capacity would be to add more platters to a hard drive. However, this raises a number of inherent problems, such as having to increase the size beyond the current for

More Bits about Areal Density

December 12, 2014 11:55 am | Articles | Comments

At first glance, it would seem that the most logical and obvious way to increase storage capacity would be to add more platters to a hard drive. However, this raises a number of inherent problems, such as having to increase the size beyond the current form factors (3.5”, 2.5”, etc.), escalating the cost per hard drive, having to have more read/write heads per hard drive, and so forth.

Phyllis Schneck's job as deputy undersecretary for cybersecurity at the Department of Homeland Security should get a bit easier when President Obama, as expected, signs FISMA reform legislation that passed Congress this week.

DHS Wins in Congressional Cybersecurity Vote

December 12, 2014 11:25 am | by Eric Chabrow, Gov Info Security | News | Comments

Phyllis Schneck's job as deputy undersecretary for cybersecurity at the Department of Homeland Security should get a bit easier when President Obama, as expected, signs FISMA reform legislation that passed Congress this week.       

The UK Government is launching a Child Abuse Image Database. It is a landmark project for law enforcement. Never before has UK law enforcement had such a sophisticated method of sharing and matching critical case data, logging visual evidence and analyzin

UK Launching Child Abuse Image Database

December 12, 2014 11:05 am | News | Comments

The UK Government is launching a Child Abuse Image Database. It is a landmark project for law enforcement. Never before has UK law enforcement had such a sophisticated method of sharing and matching critical case data, logging visual evidence and analyzing digital media.

In an attempt to understand what has happened during the breach of Sony   Picture's computers, DFI News has contacted SANS Institute's DFIR team. In an   email interview, Jake Williams, an Instructor at SANS, provides his insights into the complex digital

The Damage and the Malware at Sony

December 12, 2014 10:30 am | by Ernie Austin, Newsletter Editor | SANS Institute | Articles | Comments

In an attempt to understand what has happened during the breach of Sony Picture's computers, DFI News has contacted SANS Institute's DFIR team. In an email interview, Jake Williams, an Instructor at SANS, provides his insights into the complex digital forensic story unfolding at Sony.

A highly advanced, multi-layered advanced persistent threat (APT) is targeting individuals in strategic positions: Executives in important businesses such as oil, finance and engineering, military officers, embassy personnel and government officials. And

Advanced Inception APT Malware Likely State-sponsored

December 11, 2014 11:44 am | by Tara Seals, Infosecurity Magazine | News | Comments

A highly advanced, multi-layered advanced persistent threat (APT) is targeting individuals in strategic positions: Executives in important businesses such as oil, finance and engineering, military officers, embassy personnel and government officials. And it’s spreading.

Area 1 Security, a security startup created by three ex-NSA agents and pros from Disney and MIT, landed $8.5 million in its first round of funding. The company launched in May with $2.5 million in seed funding.

Ex-NSA Agents' Security Startup Lands $8 Million in Funding

December 11, 2014 9:45 am | by Sara Peters | Blogs | Comments

Area 1 Security, a security startup created by three ex-NSA agents and pros from Disney and MIT, landed $8.5 million in its first round of funding. The company launched in May with $2.5 million in seed funding.           

Two new surveys show how easy enterprises make it for attackers to steal vast quantities of data with just a few successful breaches of employee machines: Employees typically are given far more access to sensitive data than they need to get their jobs don

Employees Still Get More Access than They Need

December 10, 2014 11:13 am | by Ericka Chickowski | Blogs | Comments

Two new surveys show how easy enterprises make it for attackers to steal vast quantities of data with just a few successful breaches of employee machines: Employees typically are given far more access to sensitive data than they need to get their jobs done, and enterprises don't do enough to track access behavior.

The popular file-sharing service Pirate Bay was taken down following a raid in Sweden by police who seized servers and computers.

Pirate Bay Taken Down Again

December 10, 2014 10:44 am | by Kim Zetter, Wired | News | Comments

The popular file-sharing service Pirate Bay was taken down following a raid in Sweden by police who seized servers and computers.                                   

Not long ago, mobile device forensics was a relatively straightforward process. Contact lists, SMS messages, and call logs were obtained and examined for evidence using specialized forensic technology. But with the blistering rate of advances in mobile te

5 Key Challenges for Keeping Up with Advancements in Mobile

December 10, 2014 10:24 am | by Lee Reiber | Articles | Comments

Not long ago, mobile device forensics was a relatively straightforward process. Contact lists, SMS messages, and call logs were obtained and examined for evidence using specialized forensic technology. But with the blistering rate of advances in mobile technology, the explosion of mobile data and devices, times have drastically changed. 

The spies had come without warning. They plied their craft silently, stealing secrets from the world’s most powerful military. They were at work for months before anyone noticed their presence. And when American officials finally detected the thieves, the

Intelligence Mishap Turns Government and Private Companies into Cyberwarfare Partners

December 9, 2014 12:49 pm | by Shane Harris, PRI | News | Comments

The spies had come without warning. They plied their craft silently, stealing secrets from the world’s most powerful military. They were at work for months before anyone noticed their presence. And when American officials finally detected the thieves, they saw that it was too late. The damage was done.

A newly published guidebook provides correctional administrators with a brief, yet comprehensive and informative, view of cell phone forensic technologies.

Guide Details Cell Phone Forensic Technologies for Corrections

December 9, 2014 10:00 am | by NIJ | News | Comments

A newly published guidebook provides correctional administrators with a brief, yet comprehensive and informative, view of cell phone forensic technologies.                           

Everyone has the right to privacy, said Troels Oerting, head of the Europol’s   European Cybercrime Center (EC3), at Georgetown Law’s Cybercrime2020 conference.   However, he went on, if you break your contract with society, that right can be   taken away

EC3 Head Paints Bleak Cybercrime Picture

December 8, 2014 10:39 am | by Editor | Blogs | Comments

Everyone has the right to privacy, said Troels Oerting, head of the Europol’s European Cybercrime Center (EC3), at Georgetown Law’s Cybercrime2020 conference. However, he went on, if you break your contract with society, that right can be taken away.

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading