Browsing All Posts filed under »Identity Theft«

Cyber-Criminal OPSEC – a Three-Part Series. Part III: TTTP

June 15, 2012 by


In Part I of this three-part series, we discussed the most basic of attribution methods, IP address analysis. In Part II, we talked about computer environmentals, and how it’s possible to build a device fingerprint based on what the user presents when they show up to a web server and ask for something and how […]

Anonymous Proxy Hunting: When Bad Guys Don’t Leave You A Map To Their House (or, ‘An IP Address Is NOT an Internet Phone Number’)

May 20, 2012 by


Let’s say some bad guys have stolen some credit card or bank account details and they’re using them to make a whole mess of online purchases. If they’ve got seven brain cells to rub together, they’re probably going to be using an anonymous proxy service to make the purchases. If they’ve got an IQ of 101 […]

STRATFOR: The Mid-Term IR Grade is a D-

January 16, 2012 by


STRATFOR is back online, and is offering its content free for the time being. After personally staying quiet for some time after the hack, STRATFOR CEO George Friedman wrote a note and made a video appearance in which he described what happened and provided some analysis. I’ll come back to that in a minute, but let me […]

“With That Revealing Shirt? He Was Just Begging to be Hacked.” Blaming The Victim in the STRATFOR Hack

January 3, 2012 by


In the days since the STRATFOR breach, I initially gave the firm high marks in communicating with its user base after idiotically allowing all their data go bye-bye. I’m going to modify that stance a bit in another post – I now see that they have in fact fallen very short of what they could […]

Rating the STRATFOR Incident Response

December 25, 2011 by


Editor’s Note: The following article refers to response to a breach, not to the practices, procedures and decisions which led to the breach itself.  After hearing my friend Rich talk on Twitter about the incident response by STRATFOR to yesterday’s Christmas Eve Breach, I thought I’d weigh in on what STRATFOR has publicly done. The […]

Metric of the Week: Smoke, Cyber Crime Fighting, and the 2012 FBI Budget

December 4, 2011 by


The best part of the new FBI budget request, if you’re a Libertarian, is that the total budget request this year is $200m lower than for last year. That’s great for saving money. The bad news for anyone who tracks or participates in cyber invstigations is that the request by the FBI for increases in […]