Investigations and Forensics

Investigations and Forensics news, information, and how-to advice

binary monitor tech digital moody hacker threat
Group of executives holding trophy photo winners people men woman award

hillary clinton florida campaign

Hillary Clinton might have been a pretty good president had she used Pretty Good Privacy

Had Presidential candidate Hillary Clinton employed basic email security techniques, she’d be President-elect.

shamed

Name and shame cybersecurity: a gift for cybercriminals?

Cybersecurity “name and shame” practice may significantly boost global cybercrime.

guccifer hillary clinton

Metadata wrecks Guccifer 2.0's claims of a Clinton Foundation hack

On Thursday, Scot Terban, a researcher known to many online as Dr. Krypt3ia, shared some forensics results with Salted Hash. After checking with FOCA, the metadata shows the recently leaked documents from Guccifer 2.0 didn't actually...

credit cards

Diversified supply chain helps 'Vendetta Brothers' succeed in criminal business

Even smaller criminal groups are using smarter business tactics to help insulate themselves from prosecution and to diversify their product supply.

sept11

Memories of 9/11: More than lost buildings

Like many, my memories of 9/11 are personal and still vivid. Here's my story plus some little-known information about lost evidence on that day.

security group team circuitry

Cyber incident response: Who does what?

“Who in the government will help me if we face a significant cyber incident?”

Identity and SDLC

Identity governance and admin: beyond basic access management

IGA solutions go beyond traditional identity management by allowing deep insight into access, providing data owners, auditors, and security teams with valuable information needed for timely management decisions and response.

voting sign

FBI: Common scanning tools used to target state election systems

An FBI memo citing information released by MS-ISAC says that foreign actors are using common scanning tools to locate vulnerable election systems. There is evidence to suggest, but not conclusively prove, that at least two incidents...

Fake attacks by insiders to fool companies

Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

unveil disclosure

Defining ransomware and data breach disclosure

Does a ransomware attack cause the “acquisition, access, use or disclosure” of ePHI?” No court decision has yet to address this issue, but expert commentators have taken either side of the argument.

LinkedIn logo

LinkedIn data breach blamed for multiple secondary compromises

The LinkedIn compromise has been linked to a number of confirmed incidents where data exfiltration has taken place. It's possible these incidents are only the tip of the iceberg though, as many of the organizations compromised are...

overloaded

How employees can share the IT security load

Security threats weigh heavily on IT and security professionals, and it is a responsibility that they should not bear alone. We all need to do our part to uphold the safeguarding of sensitive data.

hacker house

Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report.

04 insider threat

Mitigating insider threats from a people perspective

Mitigating insider threats is an ongoing effort that requires a holistic approach that encompasses technological as well as human solutions. Additionally, organizational and situational factors can help mitigate the threat posed by...

young executive at laptop being watched by hacker

Blackhole exploit kit author sent to jail: Pyrrhic victory for the cybersecurity industry

The imprisonment is rather a defeat than a victory for our industry if we carefully look into the details.

us eu handshake

The impact of the new Trans-Atlantic privacy law

After 20 years of relative calm regarding the handling of personal data of EU citizens by U.S. companies, events over the past six months have instigated widespread reform. While the resolution is yet to be confirmed, the building...

honey jar

This honeypot proves UX is essential to security solutions

Haroon Meer shares his insights on how to design security solutions that are delightful to use as they provide measureable value to security leaders

jennifer lawrence oscars

Celebgate: Social engineering used to steal celebrity nude photos

On Tuesday, the Department of Justice, U.S. Attorney’s Office, Central District of California announced that Ryan Collins, 36, of Lancaster, Pennsylvania, plead guilty to violation of the Computer Fraud and Abuse Act.

Load More