How are ex-military and ex-hackers different? For starters, security guys with a military background are more likely to have a “traditional career.” This typically includes a degree from a four-year university, a series of jobs with certifications, and formal recognition that one would expect from a military person.
We've heard this question a lot, haven't we? I attended a conference about 2 1/2 years ago, and...
One important basic concept to grasp is working with character classes, or sets. A character...
A security researcher has announced that the notorious OpenSSL bug, Heartbleed, was the initial...
Computer security researchers from TU Darmstadt/CASED in Germany and North Carolina State University in USA have developed a modification to the core Android operating system that allows developers and users to plug in new security enhancements. The new Android Security Modules (ASM) framework aims to eliminate the bottleneck that prevents developers and users from taking advantage of new security tools.
Man-in-the-middle (MITM) attacks are “wreaking havoc” on Android users because over two-thirds of the most popular apps on Google Play contain SSL vulnerabilities, according to new research from FireEye.
The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.
Dealing with insider threats, as in dealing with any threat to your network, requires a plan for incident response. An effective response includes forensics, and forensics and storage go hand in hand. With the window of time between a compromise and its discovery widening, the amount of storage needed to accommodate data is becoming greater.
I've been an adjunct professor at NYU Poly for almost two years now. It's been a great experience for a number of reasons, one of which is because I'm teaching a hot topic: Vulnerability Analysis and Exploitation.
The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures.
The GameOver Zeus botnet, disrupted only two months ago by an international joint operation, continues to echo throughout the cybercrime landscape.
The significant information breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.
With cyber war comes the threat of new forms of espionage, as well as sabotage conducted within both the information systems and control systems that form the interface between the physical and cyber worlds. Security, both physical and cyber, traditionally has been outward facing. But espionage and sabotage often are the domains of the trusted insider, the agent operating from within.
auto_rip is a wrapper script for Harlan Carvey's RegRipper and the script has a few updates. The script's home has always been on the RegRipper Google Code site but Google dropped support for adding new downloads. As a result, I thought it might be helpful to make newer versions available at different places since Google Code can no longer be used.
CCL will be demonstrating the social media monitoring tool Signal at the UK’s first international social media law enforcement conference.
The new digital forensics program at the University at Albany is designed to educate and prepare students to work in a fast-growing, billion-dollar market with high, long-term projected demand for trained professionals.
Community Health Systems, one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.
If you have an account and were asked to put a price on a monthly service fee, how much money would you pay to be inspired, to keep up with news events, or to stay in touch with family, friends and colleagues? You're paying for it now, of course, though not with money.
A recently unearthed targeted attack campaign suggests that Pakistan is evolving from hacktivism to cyber espionage.
Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.
Discussions of what government should do about the state of poor cyber defenses tend to focus on some kind of change in the law to raise regulations and/or lower liabilities. That is well and good, but government should also think about building a new organization for the cyber age. And it can do so by taking inspiration from one of the most successful agencies created in the past.
There are striking similarities between a crime scene investigation and cybercrime forensics. With IBM reporting 1.5 million U.S. cyber attacks monitored in 2013, IT and security professionals can take a few tips from law enforcement about securing, assessing and reporting at a cyberattack crime scene.
Cybersecurity experts raise doubts whether the National Security Agency has successfully deployed an automated hack-back system known as MonsterMind, as revealed by former NSA contractor Edward Snowden in an interview with Wired.
Security researchers have uncovered evidence of escalating cyber attacks emanating from Syria which use tried and tested techniques to download remote access trojans (RATs) onto victim PCs.
Germany's foreign intelligence agency recorded at least one phone conversation held by U.S. Secretary of State John Kerry, a German magazine said on Saturday, potentially embarrassing Berlin which has reprimanded Washington for its surveillance.
Imagine discovering a secret language spoken only online by a knowledgeable and learned few. Over a period of weeks, as you begin to tease out the meaning of this curious tongue and ponder its purpose, the language appears to shift in subtle but fantastic ways, remaking itself daily before your eyes. And just when you are poised to share your findings with the rest of the world, the entire thing vanishes.
A group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.
The FBI's premier cybersquad has focused attention on computer-based crime in recent months by helping prosecutors charge five Chinese army intelligence officials with stealing trade secrets from major companies and by snaring a Russian-led hacking ring that pilfered $100 million from bank accounts worldwide.
The North Atlantic Treaty Organization is expected to update its charter in September to address cybersecurity while leaving open the question of whether hacks count as an attack on its member states that could start a war. Leaving the definition open could cool fears about whether hackers could start a war.
- Page 1