Browsing All Posts filed under »Identity Theft«

Cyber-Criminal OPSEC – a Three-Part Series. Part III: TTTP

June 15, 2012 by

6

In Part I of this three-part series, we discussed the most basic of attribution methods, IP address analysis. In Part II, we talked about computer environmentals, and how it’s possible to build a device fingerprint based on what the user presents when they show up to a web server and ask for something and how […]

Anonymous Proxy Hunting: When Bad Guys Don’t Leave You A Map To Their House (or, ‘An IP Address Is NOT an Internet Phone Number’)

May 20, 2012 by

6

Let’s say some bad guys have stolen some credit card or bank account details and they’re using them to make a whole mess of online purchases. If they’ve got seven brain cells to rub together, they’re probably going to be using an anonymous proxy service to make the purchases. If they’ve got an IQ of 101 […]

STRATFOR: The Mid-Term IR Grade is a D-

January 16, 2012 by

0

STRATFOR is back online, and is offering its content free for the time being. After personally staying quiet for some time after the hack, STRATFOR CEO George Friedman wrote a note and made a video appearance in which he described what happened and provided some analysis. I’ll come back to that in a minute, but let me […]

“With That Revealing Shirt? He Was Just Begging to be Hacked.” Blaming The Victim in the STRATFOR Hack

January 3, 2012 by

15

In the days since the STRATFOR breach, I initially gave the firm high marks in communicating with its user base after idiotically allowing all their data go bye-bye. I’m going to modify that stance a bit in another post – I now see that they have in fact fallen very short of what they could […]

Rating the STRATFOR Incident Response

December 25, 2011 by

2

Editor’s Note: The following article refers to response to a breach, not to the practices, procedures and decisions which led to the breach itself.  After hearing my friend Rich talk on Twitter about the incident response by STRATFOR to yesterday’s Christmas Eve Breach, I thought I’d weigh in on what STRATFOR has publicly done. The […]

Metric of the Week: Smoke, Cyber Crime Fighting, and the 2012 FBI Budget

December 4, 2011 by

20

The best part of the new FBI budget request, if you’re a Libertarian, is that the total budget request this year is $200m lower than for last year. That’s great for saving money. The bad news for anyone who tracks or participates in cyber invstigations is that the request by the FBI for increases in […]

Texas Law Enforcement IT Hit by Criminal Attack, Data Breach

September 2, 2011 by

12

On 1 September 2011 a cache of some 3GB of data stolen from 28 current and former Texas Chiefs of Police and other police personnel was released on the Internet by people associated with the criminal hacking group known as Anonymous. Among the data were personal details about the chiefs themselves, their credentials to a […]

Analysis: 70 Law Enforcement Sites Attacked

August 1, 2011 by

14

While there is lots of news reporting about the attacks against a server hosting the websites and files of more than 70 US law enforcement agencies over this past weekend, in lieu of saying, “we told you so,” we thought we would look at some of what happened to provide a learning experience from it. […]

Another AZDPS Breach; Defending Police Networks

June 29, 2011 by

2

Last week we talked about the need to secure police networks. This week the dicsusion will continue, but first we should note that it appears the Arizona Department of Public Safety has suffered another breach – or at the least, that a second tranche of stolen documents has been published. The second tranche, which we […]

II – Mobile Viruses: Truths, Fiction and Primers for Cops

May 23, 2011 by

0

We’ve recently seen some extraordinary activity in the mobile device virus world, as heaps of hype and piles of blogposts were shoveled on the world. We were left with the impression that iPhones, iPads and Macs had finally succumbed to the wrath of the malicious code writers; that Google’s android phones were completely insecure; and […]

PLI Podcast: NetWitness’ Alex Cox on Cyber Investigations and Forensics

May 18, 2011 by

0

This week on the Police-Led Intelligence Podcast, we’re joined by Alex Cox, principal analyst at NetWitness, now a part of RSA, the security Division of EMC. A former police officer and forensics investigator, Alex’s team currently looks for similarities between cyber attacks. NetWitness produces a monitoring platform that focuses on network forensics: it’s easiest to […]

Intel Intelligencer: Hacking Cop Cars; Euro Cash; SMILE Conference

May 9, 2011 by

0

This week we’re going to talk about a couple of new publications and then a preview of the talk I’ll give at the SMILE Conference in Chicago, where Dave and I will be for the next three days. Last week we talked a little bit about Europol’s EU Organized Crime Threat Assessment, which has a […]

The law enforcement intelligence and crime analysis blog and podcast from Dave Henderson and Nick Selby

Enter your email address to subscribe to this blog and receive notifications of new posts.

Join 844 other subscribers
© 2011 TRM, LLC. This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
Site Meter

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 844 other subscribers
Blog at WordPress.com.