Computer Forensics, Cyber Intelligence
165 views | +0 today
Your new post is loading...
Your new post is loading...
Rescooped by Alina Bortkevič from Cyber Security & Digital Forensics
Scoop.it!

How NSA successfully Broke Trillions of Encrypted Connections

How NSA successfully Broke Trillions of Encrypted Connections | Computer Forensics, Cyber Intelligence | Scoop.it
How National Security Agency (NSA) successfully Broke Trillions of Encrypted Connections

Via Constantin Ionel Milos / Milos Constantin
more...
Richard Platt's curator insight, November 30, 2015 12:20 AM

Computer Scientists Alex Halderman and Nadia Heninger have presented a paper at the ACM Conference on Computer and Communications Security that advances the most plausible theory as to how the NSA broke some of the most widespread encryption used on the Internet. According to the paper, the NSA has exploited common implementations of the Diffie-Hellman key exchange algorithm – a common means of exchanging cryptographic keys over untrusted channels – to decrypt a large number of HTTPS, SSH, and VPN connections.  Diffie-Hellman – the encryption used for HTTPS, SSH, and VPNs – helps users communicate by swapping cryptographic keys and running them through an algorithm that nobody else knows except the sender and receiver.  It is described as secure against surveillance from the NSA and other state-sponsored spies, as it would take hundreds or thousands of years and by them and a nearly unimaginable amount of money to decrypt directly.

However, a serious vulnerability in the way the Diffie-Hellman key exchange is implemented is allowing the intelligence agencies and spies to break and eavesdrop on trillions of encrypted connections.
To crack just one of the extremely large prime numbers of a Diffie-Hellman in the most commonly used 1024-bit Diffie-Hellman keys would take about a year and cost a few hundred Million dollars.
 However, according to researchers, only a few prime numbers are commonly used that might have fit well within the agency's $11 Billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities." Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," said Alex Halderman and Nadia Heninger in a blog post published Wednesday.

Scooped by Alina Bortkevič
Scoop.it!

Lithuania has officially become an Internet oligarch | GeekTime

Lithuania has officially become an Internet oligarch | GeekTime | Computer Forensics, Cyber Intelligence | Scoop.it
The Lithuanian Parliament voted for geo-blocking and Internet filtering on Thursday - this is why the rest of the world should be outraged
Alina Bortkevič's insight:

Lithuania would create a precedent in the EU of full Internet tracking.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Bringing Big Data to the Fight Against Benefits Fraud

Bringing Big Data to the Fight Against Benefits Fraud | Computer Forensics, Cyber Intelligence | Scoop.it
To detect possible abuse of programs or benefits, state and local governments are turning to data-mining techniques long used by financial services companies.
more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Fake "The Interview" app is really an Android banking trojan

Fake "The Interview" app is really an Android banking trojan | Computer Forensics, Cyber Intelligence | Scoop.it
An Android app claims to download a copy of "The Interview" but instead installs a two-stage banking Trojan onto victims' devices.
more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Watch how hackers get inside Ohio woman's computer and steal personal data

Watch how hackers get inside Ohio woman's computer and steal personal data | Computer Forensics, Cyber Intelligence | Scoop.it
One of the nation's leading cyber security experts is warning consumers that personal and financial information stored on their computers is much more vulnerable than most believe.
Alina Bortkevič's insight:

A woman volunteered to be hacked.  Watch the video.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

OCC: Retailers Accountable for Breaches

OCC: Retailers Accountable for Breaches | Computer Forensics, Cyber Intelligence | Scoop.it
Comptroller of the Currency Thomas Curry says “it’s only fair” that merchants should be responsible for some of the expenses that result when their systems
Alina Bortkevič's insight:

"The same expectations for security of customer information and customer notification when breaches occur should apply to all institutions," Curry added. "And when breaches occur in merchant systems, it seems only fair to me that they should be responsible for some of the expenses that result."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

World's Biggest Data Breaches & Hacks - Information Is Beautiful

World's Biggest Data Breaches & Hacks - Information Is Beautiful | Computer Forensics, Cyber Intelligence | Scoop.it
Data visualization of the world biggest data breaches, leaks and hacks. Constantly updated. Powered by VizSweet.
Alina Bortkevič's insight:

World's Biggest Data Breaches

Selected losses greater than 30,000 records

 
more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Cyber Incidents Under Control - DFLabs

Cyber Incidents Under Control - DFLabs | Computer Forensics, Cyber Intelligence | Scoop.it
Automated Incident Response Software for SOC and CSIRT. Security Operation Centers and Incident Response Team.
Alina Bortkevič's insight:

DFLabs, the leader in CyberSecurity Incident and Data Breach Response, launches new version of IncMan Suite, the collaborative realtime Incident Management and Data Breach Response Software, adopted by many CSIRTs and SOCs worldwide.
The new version, now called IncMan NG, has over 50 new features, including but not limited to: fully redesigned GUI, big data Incident Analytics and predictive analysis. With IncMan NG, customers are now able to increase their visibility on their security incidents, including; remote system investigation, incident prioritization, and dynamic correlation.
IncMan Suite has now 4 modules, which can run jointly or separately:

IMAN: for Cyber Security incident and Data Breach collaborative responsePTK: for Computer and System investigation, both locally and remotelyDIM: for computer forensics and evidence case managementCoRM, for IT GRC controls and Risk Management in Incident Response.

With IncMan NG, customers are now able to interact with over 70 third parties and automatically handle artifacts for advanced correlation. In Fact, IncMan NG can automatically correlate Artifacts and IOCs between current and past incidents, in order to support faster incident response and SOC Management, plus predicting similar events. Users are also able to interact with IncMan’s dynamic knowledge base which, in case of incident, can automatically show the users the most appropriate policies and procedures to react to a particular incident.


UAB "Frauditoriai" is the partner of DFLabs in Lithuania, Latvia, and Estonia.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Infographic: 2014's Top Breaches So Far

Infographic: 2014's Top Breaches So Far | Computer Forensics, Cyber Intelligence | Scoop.it
Starting with the high-profile Target breach last December, a string of major data breaches has affected every major business sector. Here's a timeline of some of
Alina Bortkevič's insight:

A string of major data breaches has already affected every major business sector in 2014.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Breach Prevention: The Missing Link

Breach Prevention: The Missing Link | Computer Forensics, Cyber Intelligence | Scoop.it
As the workforce increasingly relies on mobile devices, corporate privacy and security policies aren’t keeping pace. And that’s leaving a large gap in
Alina Bortkevič's insight:

"Enterprise are having difficulty in identifying what 'shadow IT' services and BYOD mobile devices are in use ... let alone getting a handle on the security and privacy aspects required to approve specific offerings."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

UK’s spy agency approves universities to teach next generation of cyber spies by SRMTi

UK’s spy agency approves universities to teach next generation of cyber spies by SRMTi | Computer Forensics, Cyber Intelligence | Scoop.it
GCHQ, the UK government surveillance agency, has given its stamp of approval to six universities to train cyber spies and experts hoping to combat rising levels of cybercrime.

The list of accredited universities now offering GCHQ-approved programers in cyber security includes Lancaster University...
Alina Bortkevič's insight:

The cooperation between the GCHQ and private sector and academia will help to counter threats.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

New Cridex Banking Trojan variant Surfaces with Self-Spreading Functionality

New Cridex Banking Trojan variant Surfaces with Self-Spreading Functionality | Computer Forensics, Cyber Intelligence | Scoop.it
Geodo, a new version of the infamous Cridex banking information stealing Trojan that sends out emails automatically to continue its self-spreading infection method.
Alina Bortkevič's insight:
FYI:  Hackers target banks with new Geodo Trojan
more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Filtering criminal dDOS attacks

Filtering criminal dDOS attacks | Computer Forensics, Cyber Intelligence | Scoop.it
A new hybrid filtering system to protect cloud computing services from distributed denial of service (dDOS) attacks has been developed by US and Indian researchers. They provide details in the latest issue of the International Journal of Grid and Utility Computing.
more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Hackers Remotely Kill a Jeep on the Highway—With Me in It

Hackers Remotely Kill a Jeep on the Highway—With Me in It | Computer Forensics, Cyber Intelligence | Scoop.it
I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
Alina Bortkevič's insight:

#wireless_carjackers

more...
No comment yet.
Rescooped by Alina Bortkevič from Fraud and Risk Management
Scoop.it!

DFLabs ranked 17th on the 'Cybersecurity 500' Cyber Incidents Under Control: DFLabs

2nd in Europe on the ‘Cybersecurity 500′; the 500 Most Innovative Cyber Security Companies to Watch in 2015
Alina Bortkevič's insight:

UAB Frauditoriai is proud to represent DFLABS, the company specialised in automated incident response management, ranked 2nd in Europe (17th globally) on the ‘Cybersecurity 500′; the 500 Most Innovative Cyber Security Companies to Watch in 2015.

more...
Alina Bortkevič's curator insight, March 18, 2015 4:15 PM

UAB Frauditoriai is proud to represent DFLABS, the company specialised in automated incident response management, ranked 2nd in Europe (17th globally) on the ‘Cybersecurity 500′; the 500 Most Innovative Cyber Security Companies to Watch in 2015.

Scooped by Alina Bortkevič
Scoop.it!

How to Disappear Online at WhoIsHostingThis.com

How to Disappear Online at WhoIsHostingThis.com | Computer Forensics, Cyber Intelligence | Scoop.it
Have you ever wanted to disappear online? Simply vanish from the electronic realm? Read on to discover how to remove your private info from the Internet.
Alina Bortkevič's insight:

"Disappearing from the Internet isn’t for everyone. But if you’re serious about your privacy, your security, and your reputation, taking the time to make yourself invisible online is worth the time and trouble."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Artificial Intelligence Can’t Replace Hard-Earned Knowledge – Yet

Artificial Intelligence Can’t Replace Hard-Earned Knowledge – Yet | Computer Forensics, Cyber Intelligence | Scoop.it
for the foreseeable future it remains necessary for human experts to weigh the recommendations, recognize patterns from past experience, and make the final decision.
Alina Bortkevič's insight:

"[...]for the foreseeable future it remains necessary for human experts to weigh the recommendations, recognize patterns from past experience, and make the final decision."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Authorities Seize 'Darknet' Drug Sites

Authorities Seize 'Darknet' Drug Sites | Computer Forensics, Cyber Intelligence | Scoop.it
U.S. and European law enforcement officials have arrested 17 alleged vendors and operators of illegal "Darknet" online marketplaces, shuttered 410
Alina Bortkevič's insight:

Law enforcement officials in Europe and the United States on Nov. 7 announced that they have arrested 17 vendors and operators of "Darknet" online marketplaces selling narcotics, weapons and other items. They shuttered 410 hidden online services and seized more than $1 million in bitcoinsas well as more than $220,000 in cash, drugs, gold and silver as part of an investigation code-named "Operation Onymous."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Espionage Hacks Tied to Russians

Espionage Hacks Tied to Russians | Computer Forensics, Cyber Intelligence | Scoop.it
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
Alina Bortkevič's insight:

Multiple information security researchers say the attackers have relied on malware that's been labeled Sednit, Sofacy, Sourface and Coreshell. Targets have included U.S. government contractors, NATO, European security organizations and governments, as well as the U.S. State Department

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

DFLabs launches a new version of IncMan Suite

DFLabs, the leader in CyberSecurity Incident and Data Breach Response, launches a new version of IncMan Suite, the collaborative realtime Incident Management and Data Breach Response Software, adopted by many CSIRTs and SOCs worldwide
Alina Bortkevič's insight:

Prevention is better than cure.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Russians Suspected in Ukraine Hack

Russians Suspected in Ukraine Hack | Computer Forensics, Cyber Intelligence | Scoop.it
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during
Alina Bortkevič's insight:

"The breach occurred during September's NATO summit in Wales, where leaders addressed Russia's seizure of Ukrainian territory.

A report issued by iSight Partners on Oct. 14 about the cyber-attacks says the hackers also targeted other European governments, including Poland; NATO; a French telecommunications provider; a Polish energy company; and an American university."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

The Crime-as-a-Service business model

The Crime-as-a-Service business model | Computer Forensics, Cyber Intelligence | Scoop.it
This 'hidden internet' has become a principal driving force in the evolution of cybercrime and represents a highly complex challenge for law enforcement.
Alina Bortkevič's insight:

"The 'hidden internet' has become a principal driving force in the evolution of cybercrime and represents a highly complex challenge for law enforcement."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

JPMorgan Chase Confirms Cyber-Attack

JPMorgan Chase Confirms Cyber-Attack | Computer Forensics, Cyber Intelligence | Scoop.it
JPMorgan Chase has confirmed that it “uncovered an attack by an outside adversary recently where the firm’s technology environment was compromised.” Find out
Alina Bortkevič's insight:

"The breach allegedly began in June and was not detected until late July, according to the report."

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

U.S. Govt. Personnel Network Breached

U.S. Govt. Personnel Network Breached | Computer Forensics, Cyber Intelligence | Scoop.it
The Department of Homeland Security confirms that "a potential intrusion" of the Office of Personnel Management's network occurred in March but says
Alina Bortkevič's insight:

Cybersecurity issues have put a crimp in relations between China and the U.S.

more...
No comment yet.
Scooped by Alina Bortkevič
Scoop.it!

Shortage of cybersecurity professionals poses risk to national security

Shortage of cybersecurity professionals poses risk to national security | Computer Forensics, Cyber Intelligence | Scoop.it
The nationwide shortage of cybersecurity professionals – particularly for positions within the federal government – creates risks for national and homeland security, according to a new study from the RAND Corporation.
Alina Bortkevič's insight:

"As cyber attacks have increased and there is increased awareness of vulnerabilities, there is more demand for the professionals who can stop such attacks. But educating, recruiting, training and hiring these cybersecurity professionals takes time."

Read more at: http://phys.org/news/2014-06-shortage-cybersecurity-professionals-poses-national.html#jCp

more...
No comment yet.