Investigations and Forensics

Investigations and Forensics news, information, and how-to advice

credit cards
sept11

dhs security

Cyber incident response: Who does what?

“Who in the government will help me if we face a significant cyber incident?”

Identity and SDLC

Identity governance and admin: beyond basic access management

IGA solutions go beyond traditional identity management by allowing deep insight into access, providing data owners, auditors, and security teams with valuable information needed for timely management decisions and response.

voting sign

FBI: Common scanning tools used to target state election systems

An FBI memo citing information released by MS-ISAC says that foreign actors are using common scanning tools to locate vulnerable election systems. There is evidence to suggest, but not conclusively prove, that at least two incidents...

Fake attacks by insiders to fool companies

Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

unveil disclosure

Defining ransomware and data breach disclosure

Does a ransomware attack cause the “acquisition, access, use or disclosure” of ePHI?” No court decision has yet to address this issue, but expert commentators have taken either side of the argument.

LinkedIn logo

LinkedIn data breach blamed for multiple secondary compromises

The LinkedIn compromise has been linked to a number of confirmed incidents where data exfiltration has taken place. It's possible these incidents are only the tip of the iceberg though, as many of the organizations compromised are...

overloaded

How employees can share the IT security load

Security threats weigh heavily on IT and security professionals, and it is a responsibility that they should not bear alone. We all need to do our part to uphold the safeguarding of sensitive data.

hacker house

Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report.

04 insider threat

Mitigating insider threats from a people perspective

Mitigating insider threats is an ongoing effort that requires a holistic approach that encompasses technological as well as human solutions. Additionally, organizational and situational factors can help mitigate the threat posed by...

young executive at laptop being watched by hacker

Blackhole exploit kit author sent to jail: Pyrrhic victory for the cybersecurity industry

The imprisonment is rather a defeat than a victory for our industry if we carefully look into the details.

us eu handshake

The impact of the new Trans-Atlantic privacy law

After 20 years of relative calm regarding the handling of personal data of EU citizens by U.S. companies, events over the past six months have instigated widespread reform. While the resolution is yet to be confirmed, the building...

honey jar

This honeypot proves UX is essential to security solutions

Haroon Meer shares his insights on how to design security solutions that are delightful to use as they provide measureable value to security leaders

jennifer lawrence oscars

Celebgate: Social engineering used to steal celebrity nude photos

On Tuesday, the Department of Justice, U.S. Attorney’s Office, Central District of California announced that Ryan Collins, 36, of Lancaster, Pennsylvania, plead guilty to violation of the Computer Fraud and Abuse Act.

verizon sign

Verizon releases first-ever data breach digest with security case studies

Verizon is known for its huge annual Data Breach Investigations Report, but this morning it released a less data-heavy digest organized by case study

foot race starting line competition sports

Starting out in cybersecurity? Read lessons learned and enter competitions

What you can learn from Fidelis Cybersecurity and RSA

ransom note

Are you prepared to respond to ransomware the right way?

Rob Gresham explains the evolution of ransomware and shares insights into smarter ways to prepare and respond

gavel court trial

Security negligence goes to court

The number of people whose data was breached in 2015 exceeded that of the previous year. How do we plan to regulate these cases? What should organizations be compelled to do in order to protect the sensitive information they store?...

police lineup identification

Does attribution matter to security leaders?

Levi Gundert shares his experience on when, how, and why attribution matters for security leaders

Load More