Digital Forensics

  • Most Topular Stories

  • Windows Phone 8 and RegRipper

    Windows Incident Response
    Harlan Carvey
    7 Sep 2014 | 1:23 pm
    Last week, Cindy Murphy (@cindymurph) sent me some Registry hive files...from a Windows Phone 8.  This was pretty fascinating, and fortunate, because I'd never seen a Windows phone, and had no idea if it had a Registry.  Well, thanks to Cindy, I now know that it does!Looking at the hive files was pretty fascinating.  The first thing I did was open one of the smaller hive files in UltraEdit, and I could clearly see that it followed the basic structure of a Registry hive file (see chapter 2 of Windows Registry Forensics).  Next, I opened one of the hives in a viewer, and saw…
  • We Need More Than Penetration Testing

    TaoSecurity
    Richard Bejtlich
    16 Sep 2014 | 9:47 am
    Last week I read an article titled  People too trusting when it comes to their cybersecurity, experts say by Roy Wenzl of The Wichita Eagle. The following caught my eye and prompted this post:[Connor] Brewer is a 19-year-old sophomore at Butler Community College, a self-described loner and tech geek...Today he’s what technologists call a white-hat hacker, hacking legally for companies that pay to find their own security holes. When Bill Young, Butler’s chief information security officer, went looking for a white-hat hacker, he hired Brewer, though Brewer has yet to complete…
  • Are you really anonymous on the TOR network? Federal Cybersecurity Director Found Guilty on Child Porn Charges

    Ex Forensis
    27 Aug 2014 | 10:13 am
    Federal Cybersecurity Director Found Guilty on Child Porn Charges BY KIM ZETTER WIRED MAGAINZE. "Tor is free software that lets users surf the web anonymously. Using the Tor browser, the traffic of users is encrypted and bounced through a network of computers hosted by volunteers around the world before it arrives at its destination, thus masking the IP address from which the visitor originates
  • Metrics For Your Information Security Solutions

    Checkmate
    K K Mookhey
    14 Sep 2014 | 8:58 am
    Recently, on one of the security mailing lists a query was posted as to what metrics should be produced from a Data Leakage Prevention Solution, an Intrusion Prevention System, and from the Firewalls being managed by the security team. Here’s the response I sent in which is being shared for a larger audience: Basically, what management Read More... The post Metrics For Your Information Security Solutions appeared first on Checkmate.
  • Oxygen Forensic Suite 2014 Adds New Mobile Device Acquisition Methods

    Forensic Focus
    19 Sep 2014 | 4:02 am
    Oxygen Forensics has updated its flagship mobile evidence discovery solution, Oxygen Forensic Suite 2014, with additional extraction options. The new release adds or expands acquisition support for Apple iOS 8.0 including the brand new iPhone 6/6Plus, Windows Phone and BlackBerry 10 devices, Nokia NBU backups and Android 4.4.4 ADB backups. “Acquisition is a major stage in mobile forensics”, says Oleg Fedorov, Oxygen CEO. “This release adds extended acquisition support for several ranges of mobile devices. We are committed to keeping our product at the cutting edge of technology,…
  • add this feed to my.Alltop

    Windows Incident Response

  • Windows Phone 8 and RegRipper

    Harlan Carvey
    7 Sep 2014 | 1:23 pm
    Last week, Cindy Murphy (@cindymurph) sent me some Registry hive files...from a Windows Phone 8.  This was pretty fascinating, and fortunate, because I'd never seen a Windows phone, and had no idea if it had a Registry.  Well, thanks to Cindy, I now know that it does!Looking at the hive files was pretty fascinating.  The first thing I did was open one of the smaller hive files in UltraEdit, and I could clearly see that it followed the basic structure of a Registry hive file (see chapter 2 of Windows Registry Forensics).  Next, I opened one of the hives in a viewer, and saw…
  • What Does That Look Like, Pt II

    Harlan Carvey
    4 Sep 2014 | 5:57 pm
    In my last post, I talked about sharing what things "look like" on a system, and as something of a follow up to that post, this article was published on the Dell SecureWorks blog, illustrating indicators of the use of lateral movement via the 'at.exe' command.  I wanted to take a moment to provide some additional insight into that post, with a view towards potentially-available indicators that did not make it into the article, simply because I felt that they didn't fit with the focus of the article.TerminologySome definitions before moving on...I'm providing these as living,…
  • What does that "look like"?

    Harlan Carvey
    21 Aug 2014 | 5:43 pm
    We've heard this question a lot, haven't we? I attended a conference about 2 1/2 years ago, and the agenda for that conference had about half a dozen or more presentations that contained "APT" in their title.  I attended several of them, and I have to say...I walked out of some of them.  However, hearing comments from other attendees, many folks felt exactly the same way; not only were they under-whelmed, but I heard several attendees express their disappointment with respect to the content of these presentations.  During one presentation, the speaker stated that the bad guys,…
  • Book Review: "The Art of Memory Forensics"

    Harlan Carvey
    30 Jul 2014 | 9:42 am
    I recently received a copy of The Art of Memory Forensics (thanks, Jamie!!), with a request that I write a review of the book.  Being a somewhat outspoken proponent of constructive and thoughtful feedback within the DFIR community, I agreed. This is the seminal resource/tome on memory analysis, brought to you by THE top minds in the field.  The book covers Windows, Linux, and Mac memory analysis, and as such must be part of every DFIR analyst's reading and reference list.  The book is 858 pages (not including the ToC, Introduction, and index), and is quite literally packed with…
  • File system ops, testing phase 2

    Harlan Carvey
    24 Jul 2014 | 1:11 pm
    As I mentioned in my previous post on this topic, there were two other tests that I wanted to conduct with respect to file system operations and the effects an analyst might expect to observe within the MFT, and the USN change journal.  My thoughts were that if an intruder were accessing a system via RDP, they might not do the drag-and-drop method to move files, or if they were accessing the system via a RAT and they only had command line access, they might use native, command line tools to conduct file operations.Testing ProtocolAll of the same conditions exist from the previous tests,…
 
  • add this feed to my.Alltop

    TaoSecurity

  • We Need More Than Penetration Testing

    Richard Bejtlich
    16 Sep 2014 | 9:47 am
    Last week I read an article titled  People too trusting when it comes to their cybersecurity, experts say by Roy Wenzl of The Wichita Eagle. The following caught my eye and prompted this post:[Connor] Brewer is a 19-year-old sophomore at Butler Community College, a self-described loner and tech geek...Today he’s what technologists call a white-hat hacker, hacking legally for companies that pay to find their own security holes. When Bill Young, Butler’s chief information security officer, went looking for a white-hat hacker, he hired Brewer, though Brewer has yet to complete…
  • A Brief History of Network Security Monitoring

    Richard Bejtlich
    16 Sep 2014 | 9:07 am
    Last week I was pleased to deliver the keynote at the first Security Onion Conference in Augusta, GA, organized and hosted by Doug Burks. This was probably my favorite security event of the year, attended by many fans of Security Onion and the network security monitoring (NSM) community.Doug asked me to present the history of NSM. To convey some of the milestones in the development of this operational methodology, I developed these slides (pdf). They are all images, screen captures, and the like, but I promised to post them. For example, the image at left is the first slide from a…
  • Bejtlich Teaching at Black Hat Trainings 8-9 Dec 2014

    Richard Bejtlich
    4 Sep 2014 | 8:41 am
    I'm pleased to announce that I will be teaching one class at Black Hat Trainings 2014 in Potomac, MD, near DC, on 8-9 December 2014. The class is Network Security Monitoring 101. I taught this class in Las Vegas in July 2013 and 2014, and Seattle in December 2013. I posted Feedback from Network Security Monitoring 101 Classes last year as a sample of the student commentary I received.This class is the perfect jumpstart for anyone who wants to begin a network security monitoring program at their organization. You may enter with no NSM knowledge, but when you leave…
  • Air Force Leaders Should Read This Book

    Richard Bejtlich
    21 Aug 2014 | 6:56 pm
    I just finished reading The Icarus Syndrome: The Role of Air Power Theory in the Evolution and Fate of the U.S. Air Force by Carl Builder. He published this book in 1994 and I wish I had read it 20 years ago as a new Air Force second lieutenant. Builder makes many interesting points in the book, but in this brief post I'd like to emphasize one of his concluding points: the importance of a mission statement.Builder offers the following when critiquing the Air Force's mission statement, or lack thereof, around the time of his study:[Previous] Air Force of Staff, General John P. McConnell,…
  • On the Twenty Years Since My USAFA Graduation

    Richard Bejtlich
    1 Jun 2014 | 4:00 pm
    Twenty years ago today, on 1 June 1994, 1024 of us graduated from the United States Air Force Academy, commissioned as brand new second lieutenants. As of September 2012, over 600 members of the class of 1994 were still in uniform. I expect that number is roughly the same today. Reaching the 20 year mark entitles my classmates still in uniform to retire with lifetime benefits, should they choose to do so. I expect some will, but based on patterns from earlier classes I do not expect a massive exodus. The economy is still in rough shape, and transitioning from the military to the private…
  • add this feed to my.Alltop

    Ex Forensis

  • Are you really anonymous on the TOR network? Federal Cybersecurity Director Found Guilty on Child Porn Charges

    27 Aug 2014 | 10:13 am
    Federal Cybersecurity Director Found Guilty on Child Porn Charges BY KIM ZETTER WIRED MAGAINZE. "Tor is free software that lets users surf the web anonymously. Using the Tor browser, the traffic of users is encrypted and bounced through a network of computers hosted by volunteers around the world before it arrives at its destination, thus masking the IP address from which the visitor originates
  • Computer investigator pleads guilty to misrepresenting credentials

    7 Feb 2014 | 11:11 am
    http://www.concordmonitor.com/home/10505029-95/computer-investigator-pleads-guilty-to-misrepresenting-credentials " A Rye private investigator who has received $23,000 from the state since 2006 to do computer forensic investigations for indigent defendants pleaded guilty last week to misrepresenting some of her investigative certifications on her company’s website. Judith Gosselin, owner and
  • Anal probes? A new kind of abduction scenario that started with clinched butt cheeks.

    6 Nov 2013 | 6:56 am
    Forget about aliens and UFOs.  Instead of watching the sky, apparently we need to be watching the police. "The incident began January 2, 2013 after David Eckert finished shopping at the Wal-Mart in Deming.  According to a federal lawsuit, Eckert didn't make a complete stop at a stop sign coming out of the parking lot and was immediately stopped by law enforcement.     Eckert's attorney,
  • Is Your GPS Bracelet Listening?

    28 Oct 2013 | 11:30 am
    Here is an article from The Crime Report about some GPS bracelets that have a cellular telephone capability built into the bracelet. The implications are interesting, to say the least. Caution: Your GPS Ankle Bracelet Is Listening Thanks to Sarah R. Olson at the NC Indigent Services for sharing this link with me.
  • Computer Forensics Job Opening

    22 Oct 2013 | 10:55 am
    The Baltimore Police Department has an opening for a Computer Forensics examiner. The link to the post is here: Computer Forensic Examiner Opening Job Title:Computer Forensic Examiner I Closing Date/Time:Fri. 11/08/13 4:30 PM Eastern Time Salary:$25.07 - $31.23 Hourly $45,630.00 - $56,836.00 Annually Job Type:MERIT Location:Towson, Maryland
 
  • add this feed to my.Alltop

    Checkmate

  • Metrics For Your Information Security Solutions

    K K Mookhey
    14 Sep 2014 | 8:58 am
    Recently, on one of the security mailing lists a query was posted as to what metrics should be produced from a Data Leakage Prevention Solution, an Intrusion Prevention System, and from the Firewalls being managed by the security team. Here’s the response I sent in which is being shared for a larger audience: Basically, what management Read More... The post Metrics For Your Information Security Solutions appeared first on Checkmate.
  • Authorization Vulnerability in Yahoo! Pipes

    Vinesh Redkar
    2 Jul 2014 | 10:51 pm
    Recently, I found an interesting issue qualifying on Yahoo! Pipes. But before going into the details of this specific issue, let’s understand some basic points. What does Authorization mean? In general, authorization relates to the set of activities which a user can perform once logged on to a particular system. This is typically divided into Read More... The post Authorization Vulnerability in Yahoo! Pipes appeared first on Checkmate.
  • LinkedIn Cross-Site-Scripting (XSS) & Content Spoofing Vulnerability

    Sunil Yadav
    30 Jun 2014 | 8:47 pm
    Couple of days back, I reported XSS and Content Spoofing on LinkedIn. Here are the details of the issues. Cross Site Scripting: What is Cross Site Scripting? XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session Read More... The post LinkedIn Cross-Site-Scripting (XSS) & Content Spoofing Vulnerability appeared first on Checkmate.
  • IT Act 2000 – Penalties, Offences With Case Studies

    checkmate
    24 Jun 2014 | 2:57 am
    Objectives of IT legislation in India The Government of India enacted its Information Technology Act 2000 with the objectives stating officially as: “to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to Read More... The post IT Act 2000 – Penalties, Offences With Case Studies appeared first on Checkmate.
  • Owning The Enterprise With HTTP PUT

    Omair
    30 Apr 2014 | 3:35 am
    During a routine penetration testing engagement, we found an IIS webserver with HTTP methods (verbs) like PUT and DELETE enabled on it. During enumeration of the web server we figured it was configured to run PHP as well. The PUT method allows an attacker to place a file on the server. Uploading a web shell Read More... The post Owning The Enterprise With HTTP PUT appeared first on Checkmate.
  • add this feed to my.Alltop

    Forensic Focus

  • Oxygen Forensic Suite 2014 Adds New Mobile Device Acquisition Methods

    19 Sep 2014 | 4:02 am
    Oxygen Forensics has updated its flagship mobile evidence discovery solution, Oxygen Forensic Suite 2014, with additional extraction options. The new release adds or expands acquisition support for Apple iOS 8.0 including the brand new iPhone 6/6Plus, Windows Phone and BlackBerry 10 devices, Nokia NBU backups and Android 4.4.4 ADB backups. “Acquisition is a major stage in mobile forensics”, says Oleg Fedorov, Oxygen CEO. “This release adds extended acquisition support for several ranges of mobile devices. We are committed to keeping our product at the cutting edge of technology,…
  • New Forensic Subcommittee on Digital Evidence Added to NIST OSAC

    17 Sep 2014 | 3:46 am
    Digital evidence, one of the fastest growing areas of forensic science, will now have its own subcommittee in the National Institute of Standards and Technology (NIST)-administered Organization of Scientific Area Committees (OSAC). NIST is establishing the OSAC to identify and develop national standards and guidelines for forensic science practitioners to strengthen forensic science in the United States. Forensic science practitioners, academic researchers and others with expertise in digital evidence are encouraged to apply for one of up to 20 voting positions on the new Digital Evidence…
  • Forensic Focus Forum Round-Up

    16 Sep 2014 | 6:42 am
    Welcome to this round-up of recent posts to the Forensic Focus forums. Where to start with audio forensics training? Add your thoughts in the forum. Forum members discuss how to extract data from an ICC card. Does non-compliance with ACPO guidelines mean that evidence will be rejected? How can a pattern lock be removed from an Android device when USB debugging is not enabled? Forum members give their recommendations for social media collections tools. Is it possible to pull data from anonymous chat apps such as Telegram and Line? Which mouse would you recommend for digital forensics work?
  • Webinar tomorrow: Getting to Know Oxygen Forensic Passware Analyst

    15 Sep 2014 | 7:47 am
    Date/Time: Tuesday, September 16, 2014 7am PT / 10am ET / 2pm GMT Duration: 60 minutes Presenter: Tatiana Pankova, Oxygen Forensics This free webinar, hosted by Tatiana Pankova of Oxygen Forensics, aims to provide a brief but comprehensive overview of Oxygen Forensic Passware Analyst. Learn how to acquire data from a wide range of mobile platforms, device images and cloud storage as well as decrypt and analyze information from password-protected and encrypted sources in a single smooth workflow. Register today at https://www3.gotomeeting.com/register/655143102
  • Recovering Kik Messenger Forensic Artifacts

    15 Sep 2014 | 3:44 am
    In today’s world, where mobile phones are the technology of choice used by millions to communicate, chat applications like Kik Messenger are often used in the commission of crimes like online harassment, or to plan or facilitate crimes like drug trafficking, robbery or murder. More and more digital forensics examiners are seeing the need to investigate Kik Messenger as a vital source of evidence, and the ability to recover data from this app is becoming critical to their investigations. Find out how to retrieve Kik contact, message and chat data from iOS and Android devices... Read More…
 
  • add this feed to my.Alltop

    (ISC)2 Blog

  • Moving Beyond the Dangerous Denial Phase as Individuals and Organizations

    David Shearer
    10 Sep 2014 | 7:59 am
    I spent 25 years in the Washington, DC area, and during that time I became a National Public Radio junkie. I guess I still am. I recently listened to a report on a comprehensive study about how people in the workplace react to the news about a coworker that’s been diagnosed with breast cancer.[i] The results of the study shocked me. The worse the diagnoses and the closer employees physically worked to the diagnosed coworker, the less likely those working in close proximity were to seek cancer screening. Similarly, as the conversation about the complexities, costs, and potential breaches is…
  • Home Depot Breach Comments from (ISC)² Leadership

    (ISC)² Management
    3 Sep 2014 | 12:14 pm
    Consumers with a Home Depot credit account should log in to their account, change their password, and check the “Account Activity” section for any suspicious transactions. They should also verify that their account communication preferences (email address, cell phone number for SMS, etc.) are on file and accurate. Home Depot and other online retailers should augment their alerting service by adding an option to notify users every time a transaction is made on their account. This would help consumers learn about fraudulent charges quicker, while also saving retailers the hassle of…
  • Where does Traditional Security Begin and Logical Security End?

    (ISC)² Management
    2 Sep 2014 | 8:39 am
    By W. Hord Tipton, CISSP, Executive Director, (ISC)² and Michael Stack, Chief Executive Officer, ASIS International The mass migration of everyday objects becoming interconnected, or the “Internet of Things (IoT)” as the industry has coined it, exemplifies the merger between traditional and logical security. With the IoT, we must ask ourselves where traditional security begins and logical security ends. From security cameras to cars to medical devices and now even home appliances like refrigerators, what, if anything, can be identified as only traditional or logical security anymore?
  • Logging in: They Shall not Pass

    David Harley
    30 Aug 2014 | 9:44 am
    Recently, one of my colleagues forwarded one of those memes currently circulating through social media about the joys of password authentication, with the thought that it might offer a way of mixing advice and humour. In this case, the meme takes the form – slightly exaggerated, but maybe all too close to reality in some cases – of a service user’s attempts to create a password acceptable to the service's authentication mechanism, with the user’s increasing frustration expressed through the increasingly vulgar passwords he tries to create in order to meet…
  • JP Morgan Chase Security Breach Comments from (ISC)² Leadership

    (ISC)² Management
    28 Aug 2014 | 1:29 pm
    Continuous monitoring is the key to thwarting these types of breaches. With cyberattacks becoming commonplace in every sector, companies must continuously protect their most valuable information. Cyber guns fire at us all the time, but the notion of catching and stopping every cybercriminal simply isn’t realistic in today’s burgeoning threat environment. I liken it to aspiring to completely eliminate common street crime. It’s just not realistic. Flaws will always exist, even within the most ideal protective structures. Every company should assume they’ll be breached, and focus efforts…
  • add this feed to my.Alltop

    viaForensics

  • viaTalks en español con Pau Oliva: demostración de análisis de aplicaciones móviles utilizando viaLab

    Linnea
    17 Sep 2014 | 1:14 pm
    El jueves 18 de septiembre nuestro ingeniero de seguridad móvil Pau Oliva (@pof) dará una viaTalks a las 11 de la mañana CDT donde se discutirá viaLab y dará una demostración. Regístrese El programa Él describirá viaLab y sus usos. Así, mostrará cómo se puede usar viaLab para analizar una aplicación móvil. Hablará sobre las opciones y explicará y los resultados de un análisis forense con viaLab. Para ver toda la demostración, no dude en inscribirse a esta viaTalks. Si tiene alguna pregunta o comentario para Pau, por favor hágalo a través de un comentario en este blog o a…
  • viaForensics one of “next 10 emerging growth companies”

    Linnea
    15 Sep 2014 | 9:28 am
    “From World Business Chicago: The Oak Park, Ill. company offers a suite of mobile device security products that provide BYOD and mobile app security as well as Android forensics.” -September 11, 2014Read the full article
  • Corporate Wellness Recommends viaProtect to Secure Health Data

    Linnea
    15 Sep 2014 | 9:27 am
    “All it takes is one unsecured Angry Birds knock-off to put your entire enterprise at risk… Whatever your employees can access from their tablet or smartphone [is] also potentially accessible to hackers.”-July 10, 2014 Read the full article
  • viaForensics Helps Make “Informed Choices”

    Linnea
    15 Sep 2014 | 9:26 am
    “viaProtect is “a mobile app that allows you to see exactly what is happening with your data so you can make more informed choices.” -HealthNewsDigest, June 16, 2014 Read the full article
  • Realty Times: viaProtect Guards Against Danger

    Linnea
    15 Sep 2014 | 9:24 am
    “Apps are a booming business and in the rush to compete, security testing often takes a backseat to speed-to-market…  exposing your company to loss of data, customer trust… and ultimately, loss of revenue.”
  • add this feed to my.Alltop

    DFI News All

  • US Military in the Dark on Cyber Attacks against Contractors

    eaustin
    19 Sep 2014 | 9:42 am
    Communication is the key to any good relationship. Yet a new report from the US Senate Armed Services Committee shows that a lack of communication has left the US Transportation Command (Transcom) in the dark about threats to cyber security.Read more about US Military in the Dark on Cyber Attacks against ContractorsComments
  • In Home Depot Breach, Investigation Focuses on Self-Checkout Lanes

    eaustin
    19 Sep 2014 | 8:23 am
    The malicious software that unknown thieves used to steal credit and debit card numbers in the data breach at Home Depot this year was installed mainly on payment systems in the self-checkout lanes at retail stores, according to sources close to the investigation. The finding could mean thieves stole far fewer cards during the almost five-month breach than they might have otherwise.Read more about In Home Depot Breach, Investigation Focuses on Self-Checkout LanesComments
  • New Androids to Offer Default Encryption, Blocking Police

    eaustin
    19 Sep 2014 | 7:59 am
    The next generation of Google’s Android operating system, due for release next month, will encrypt data by default for the first time, the company said Thursday, raising yet another barrier to police gaining access to the troves of personal data typically kept on smartphones.Read more about New Androids to Offer Default Encryption, Blocking PoliceComments
  • You Can Still Pull Data Off a Locked iPhone

    eaustin
    19 Sep 2014 | 7:46 am
    A reminder to iPhone owners cheering Apple’s latest privacy win: Just because Apple will no longer help police to turn your smartphone inside out doesn’t mean it can prevent police from vivisecting the device on their own.Read more about You Can Still Pull Data Off a Locked iPhoneComments
  • Retrieving Obscured Files

    eaustin
    19 Sep 2014 | 7:00 am
    One should not expect to find all user information sitting in the default folder or default location for a given type of file (e.g. Application Data or similar folder). Searching the entire hard disk is required in order to locate all unencrypted log and history files. This may produce a certain number of false positives (e.g. not every XML file is an MSN history file), so additional checks are often required (e.g.Read more about Retrieving Obscured Files Comments
 
  • add this feed to my.Alltop

    Secure Hunter Anti-Malware » Secure Hunter Blog

  • Dyre Trojan Caught In The Cookie Jar Secure Hunter

    shadmin
    18 Sep 2014 | 5:51 pm
    Researchers at Adallom analyzed a sample of the Dyre banking Trojan that was found to be targeting Salesforce.com credentials. Threatpost | The first stop for security news Secure Hunter Anti -Malware The post Dyre Trojan Caught In The Cookie Jar Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Citadel Variant Used in Attacks Against Middle Eastern Petrochemical Companies Secure Hunter

    shadmin
    16 Sep 2014 | 5:56 pm
    IBM reports a variant of the Citadel banking Trojan was spotted in APT-style targeted attacks against petrochemical companies in the Middle East. Threatpost – English – Global – threatpost.com » Malware Secure Hunter Anti -Malware The post Citadel Variant Used in Attacks Against Middle Eastern Petrochemical Companies Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Key Flaw Enables Recovery of Files Encrypted by TorrentLocker Secure Hunter

    shadmin
    11 Sep 2014 | 5:53 pm
    Crypto ransomware, a relatively unknown phenomenon a couple of years ago, has exploded into one of the nastier malware problems for Internet users. Variants such as CryptoLocker and CryptoWall have been siphoning money from victims for some time, and now researchers have dissected a newer variant known as TorrentLocker and found that the creators made […] Threatpost – English – Global – threatpost.com » Malware Secure Hunter Anti -Malware The post Key Flaw Enables Recovery of Files Encrypted by TorrentLocker Secure Hunter appeared first on Secure Hunter Anti-Malware.
  • Download at your own risk: Bitcoin miners bundled with game repacks

    shadmin
    9 Sep 2014 | 6:53 pm
    Recently we have seen an emerging trend among malware distributors – Bitcoin miners being integrated into installers of game repacks. This type of system hijacking is just one of the many ways to exploit a user by utilizing their system's computing resources to earn more cash. Malware is easily bundled with game installers that are then uploaded and shared with unsuspecting users using torrent download sites. Once a machine is infected, a downloaded Bitcoin miner silently carries out mining operations without the user's consent. We have seen this technique used by…
  • ‘Kyle and Stan’ Malvertising Network Targets Windows and Mac Users Secure Hunter

    shadmin
    9 Sep 2014 | 5:52 pm
    A malvertising network that has been operating since at least May has been able to place malicious ads on a number of high-profile sites, including Amazon and YouTube and serves a unique piece of malware to each victim. The network, dubbed Kyle and Stan by the Cisco researchers who analyzed its activities and reach, comprises […] Threatpost – English – Global – threatpost.com » Malware Secure Hunter Anti -Malware The post ‘Kyle and Stan’ Malvertising Network Targets Windows and Mac Users Secure Hunter appeared first on Secure Hunter Anti-Malware.
Log in