Investigations and Forensics

Investigations and Forensics news, information, and how-to advice

cia

sepia number 3 film reel top three

The 3 hidden costs of incident response

Every business function seeks to apply finite resources to maximum benefit, and to do that effectively in security, like threats, requires a keen understanding of those costs that are known and those that are hiding.

Atlanta skyline

Atlanta's recovery highlights the costly mistake of being unprepared

The Samsam attack against the city of Atlanta in March was chaotic and crippling. The ransomware, named for the group responsible for development and deployment, left the city scrambling to deal with critical systems that were forced...

security incident responders life preservers

Two incident response phases most organizations get wrong

It's important to remember: Incident response isn't a thing, it's a process.

customer feedback frustrated man speech bubbles social media

Customers describe the impact of the Allscripts ransomware attack

A ransomware attack against a SaaS provider hurts customers, but when it's a healthcare company that’s hit, patients suffer. Such was the case with January's attack against Allscripts, one of the largest electronic health record and...

Pills 168822677

Busted! Cops use fingerprint pulled from a WhatsApp photo to ID drug dealer

Police used a photo sent via WhatsApp and a “pioneering fingerprint technique” to ultimately secure drug convictions against 11 people.

allscripts health care ransomware bitcoin

Ransomware, healthcare and incident response: Lessons from the Allscripts attack

The actors behind SamSam launched a devastating attack against Allscripts in January, 2018. As Allscripts worked its incident response plan, things started to unravel. Here are the lessons learned.

detective with magnifying glass

The best cybersecurity analysts should play the part of detective

Today’s cybersecurity analysts need to be part detective, following their gut wherever it takes them and thinking like the very attackers.

b 52h stratofortress bomber

Keep those nuclear secrets secret. No problem, I'll hoard them in my attic

Weldon Marshall recently pled guilty to stealing U.S government secrets associated with the U.S. nuclear weapons systems and keeping them in his Texas home.

north korea statue pyongyang

North Korea hacking group is expanding operations, researchers say

A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.

computer forensics

4 reasons forensics will remain a pillar of cybersecurity

When protection fails, forensics can still prevail.

salted hash cms hero th3

Salted Hash Ep 15: The state of security now and the not too distant future

This week, Salted Hash is joined by Rob Lee, faculty fellow at the SANS Technology Institute, to talk about preventable IT security and the state of the industry as 2018 gets underway.

human weak link cybersecurity primary

Why incident response is the best cybersecurity ROI

Former White House CIO says unexpected breaches can wreak havoc on a company's bottom line. Proper incident response planning can mitigate damage costs.

Applied Materials, Inc.

4 Applied Materials executives fleece company and get indicted

U.S. Attorney for Northern California indicted four former executives for stealing intellectual property and trade secrets from Applied Materials.

11 hacker keyboard user laptop

Insider threat — Chemours employee steals trade secrets

Chemours' off-boarding process provided the evidence that Jerry Jindong Xu stole trade secrets and intellectual property and tried to monetize the information in China.

computer forensics

Do you really know what happened during that data breach?

Endpoint tool providers are redefining “forensics” based upon their own product’s capabilities. Make sure you understand the deep-dive forensic capabilities—and more importantly, the limitations—of any vendor’s platform before you buy....

eliminate insider threats 1

Insider information leads to fraud scheme, arrests and conviction

Employees at HSBC Bank plc used insider information to their benefit, defrauding a client and generating millions of dollars for themselves.

ermergency reponse siren

Policing in the future involves citizen detectives and a Pokémon Go-like app

Using the Automon app, a Dutch “police of the future” technology initiative, citizens can score points by finding stolen cars.

us capitol building

Trusted insider at the federal level raises concerns

Charged with bank fraud, Imran Awan provided IT services to the U.S. House of Representatives for 14 years. Is he a white-collar criminal or something more sinister?

Load More