Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

Forensic Fails 5: Wrongfully Accused

This part covers the presentation’s final forensic case where charges against a person got dropped in the long run owing to examiners’ scrupulous analysis. Eric: Alright, the last story is a little bit different than the others. This is the “Epic Porno Fail”. The difference in this one is...

Forensic Fails 4: The RDP Bounce Story

The forensic examiners share another real-world exposure story where the Remote Desktop Protocol was used to get hold of a company’s confidential documents. Michael: This next case (see right-hand image) was probably one of the most fun cases that I have worked on. Right from the start I could tell that...

Forensic Fails 3: Smoking Gun.txt and Hiding in the Cloud

Michael Perklin and Eric Robi recall two more non-trivial cases about fails due to no or little effort hiding insider activities, including IE history. Michael: I call the next one “Smoking Gun.txt” (see right-hand image). If you work in the forensic arena, you’ve probably heard the term...

Forensic Fails 2: “The Nickelback Guy” and “Just Bill Me Later” Cases

This part covers two stories where an insufficiently vigilant ill-minded ex-employee and an overinflated billing scam got exposed via forensic analysis. Michael: Alright, this case (see right-hand image) was a lot of fun. I didn’t expect it to be fun when I started out but it ended up being a lot of fun....

Forensic Fails: Shift + Delete Won’t Help You Here

While presenting at Defcon, forensic examiners Eric Robi and Michael Perklin tell some hilarious stories about data destruction fails they’ve come across. Eric Robi: Our talk is about forensic fails. I’m this guy over here (see right-hand image). I founded Elluma Discovery Company about 11 years...

The Rise of Hacktivism and Insiders 4: Mitigating the Risks

Security software, appropriate corporate policies and staff education are highlighted by Andrew Horbury as mitigations for insider and hacktivist risks. What can you do about it? Well, you can never entirely eliminate the risks from hacktivists and insiders, but you can certainly mitigate them by enhancing...

The Rise of Hacktivism and Insiders 3: Profile of a Culprit

Andrew Horbury outlines the typical insider activities and the related threats to businesses, and dwells on the profile for the average insider and hacktivist. Did you know that insider theft makes up between 8-14% of confirmed data breaches, compared to the 88-92% attributed to external actors? Those...

The Rise of Hacktivism and Insiders 2: Targeted Attacks Breakdown

Symantec’s Andrew Horbury provides detailed website security statistics globally and elaborates on targeted attacks by company size, industry and job function. So, let’s take a quick look at BlackHole which works in the following way: it is an exploit kit used to inject malware when a potential victim is...

The Rise of Hacktivism and Insiders: New Tactics, New Motives

Andrew Horbury, Senior Product Marketing Manager at Symantec, provides a comprehensive overview of hacktivists’ and insiders’ activities and the related risks. Hi and thank you, wherever you may be today. I’d like to welcome you all to this webinar which is part of BrightTALK’s Next Generation...

How to Disclose or Sell an Exploit without Getting in Trouble 4: Selling Tips

At the end of his presentation Jim Denaro highlights the aspects, including the respective legislation, to take into account when selling an exploit. We should now turn to selling very quickly. Right now there is no law in the U.S. that prohibits the selling of an exploit, and that is a situation that is...