Impersonation
Digital Natives, Digital Immigrants, Exo-Nationals and The Digital Lord of The Flies
March 29, 2013 Added by:Krypt3ia
There seems to be a disconnect within the psyche for kids where their actions are just not real because it happens online. Some of these kids that I tracked online due to recent events with the attacks on Brian Krebs that leads me to believe some of them may in fact be on the road to sociopathy.
Comments (1)
So APT Is China *snicker* Now What?
February 28, 2013 Added by:Krypt3ia
As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT, I find myself once again looking at the problem as opposed to the hype.
Comments (0)
New York Times Says It Was Infiltrated By Chinese Hackers
January 31, 2013 Added by:Infosec Island
The New York Times said it had fallen victim to hackers possibly connected to China's military, linking the sophisticated attacks to its expose of the vast wealth amassed by Premier Wen Jiabao's family.
Comments (0)
Credit Card Fraud Really Isn’t Identity Theft
January 23, 2013 Added by:Robert Siciliano
With the holiday shopping season and after holiday season sales over, it’s time to review our credit card statements and make sure that everything that is on there was something you purchased. With most of us using our card a lot more during this time, there’s more chance of fraud or identity theft...
Comments (0)
Identity Thieves Take a Bite Out of Apple
January 15, 2013 Added by:Kelly Colgan
Scammers are taking advantage of a product financing offer that presents identity thieves with the opportunity to fraudulently obtain instant credit approval to make online purchases. The crime is simple to carry out. All scammers need are the basic types of information commonly exposed in data breaches...
Comments (1)
Turkey – Another story on use of fraudulent digital certificates
January 04, 2013 Added by:Pierluigi Paganini
It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts.
Comments (0)
Do Better Technical Controls Increase People Focused Attacks?
December 16, 2012 Added by:Simon Moffatt
Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...
Comments (0)
Money Laundering Scenes In -The Digital World
November 20, 2012 Added by:gaToMaLo r. amores
By denying terrorist and criminals groups access to their money, authorities can stop them buying munitions and paying for suicide bombers. This approach has been highly successful in identifying and dismantling terrorist networks. Now they need to adapt and learn how this new DC works because it cannot be stopped...
Comments (1)
Why traditional approaches for securing Industrial Control Systems Fail
November 09, 2012 Added by:Mikko Jakonen
Criminals or 'adversaries' do not care about your papers. Period. Only a skilled set of controls, wisdom, and discipline in management secures the environment. Attackers will utilize every means to gain access your beloved environment...
Comments (2)
Russian Underground is just part of a global criminal network
November 01, 2012 Added by:Pierluigi Paganini
Programming services and software sales was the most common service in the criminal market, where it is possible to buy customized malware agents and any kind of applications to conduct a cyber attack such as spammers, brute-force tools and DDoS bots and exploit toolkits...
Comments (0)
Getting System the Lazy Way
October 31, 2012 Added by:f8lerror
We know all that many users are local administrators. We also know we can send or drop binaries to these users and they will run whatever we want them to. The problem lies in when they run the binary if they don’t run it as admin we may not be able to get system level access. To be honest that is the level I want...
Comments (0)
GrrCON: The Family Infosec Con
October 02, 2012 Added by:Philip Polstra
As always happens in a multi-track con, I was unable to attend every talk, so don't take offense if you spoke and your talk isn't listed here. I received many good reports from my students who attended different talks. None of my students complained about any bad talks...
Comments (2)
Four Defendants Charged in Credit Card Skimming Scheme
August 21, 2012 Added by:Headlines
Four men were arrested for their roles in an identity theft scheme involving the theft of credit card numbers used to fraudulently purchase fuel at gas stations in order to be sold, distributed, or otherwise used by the defendants in order to obtain criminal proceeds...
Comments (0)
FBI: More Arrests in International Cyber Crime Takedown
July 13, 2012 Added by:Headlines
"The FBI announced three more arrests arising from Operation Card Shop, an international operation aimed at sophisticated, highly organized cyber criminals involved in buying and selling stolen identities, exploited credit cards, counterfeit documents, and sophisticated hacking tools..."
Comments (0)
Updates: Rumors of Anonymous Hacking th3j35t3r's Accounts Overblown
July 11, 2012 Added by:ʞɔopuooq ʇuıɐs
About the twitter ‘takeover’. I have to say that was clever. Even though my account wasn’t actually breached per se. The folks behind this latest attempt found an auto-RSS/Email to tweet script that uses the Twitter API and worked out a way to post to my account without actually having any physical access. Kudos...
Comments (0)
Wanna Buy Some Dumps?
July 07, 2012 Added by:Robert Siciliano
“Dumps” are batches of stolen credit card numbers. This example of a criminal’s sales pitch for stolen dumps came to me through a comment on a blog post I wrote about credit card security. Go figure. If you scan the following message line by line, you’ll see there’s a great deal of thought put into the pitch...
Comments (1)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!