Digital Forensics & Cyber Security Blog
Digital Forensics & Cyber Security Blog
Shopify – Data Breach – Inside Job
Canadian e-ecommerce company Shopify disclosed an insider threat incident Tuesday, but questions remain about the attack and how it was discovered. According to a Shopify forum post announcing the incident, "less than 200" of its merchants were impacted by a data breach scheme conducted by two insider threats employed at [...]
Crowdstrike: More Cyberattacks in the First Half of 2020 Than in All of 2019
According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half of 2020 than in all of 2019. This may be due to the pandemic and subsequent lockdown measures forcing employees to mass shift to [...]
The wind blew, the trees came down
You cannot fight Mother Nature and think you will win. Today we had severe wind storms. Salt Lake City is now in a state of emergency. This morning on the way to the office we drove by Liberty Park. A favorite and famous park in the city. Sadly over 100 [...]
Tennessee Welcomes First K-9 Dog to find Electronic USB Storage Devices
The Tennessee Bureau of Investigation (TBI) has a new tool in the fight against crime across the state. His name is Zeus, a 2-year-old, yellow Labrador Retriever with a special talent. He can sniff out electronic storage devices—like hard drives, flash drives, even micro SD cards less than a millimeter [...]
The Uber data breach cover-up: A timeline of events
When former Uber CSO Joe Sullivan was charged earlier this month for his alleged role in the Uber data breach cover-up, it was the latest in a series of events for the ride-sharing company that date back to 2014. Sullivan, who is currently CSO of Cloudflare, was charged with one [...]
Five Windows 10 tips to help safeguard your privacy
Here are some simple tips and resources to help you protect your privacy while you're on, or off your PC. Unlock your computer using your face, fingerprint or secure PIN. Control which apps get to use your camera and microphone. Create and use strong passwords. Manage privacy options in Windows [...]
University of Utah Pays $457,000 to Ransomware Gang
The University of Utah revealed today that it paid a ransomware gang $457,059 in order to avoid having hackers leak student information online. The incident is the latest in a long string of ransomware attacks where criminal groups steal sensitive files from the hacked companies before encrypting their files; and [...]
Beware of Potential Unemployment Insurance Fraud
The U.S. Secret Service reports that impostors using stolen identities have received hundreds of millions of dollars in fraudulent unemployment benefits in states across the country. These sophisticated criminals, often based overseas, file unemployment claims using Social Security numbers and other personally identifiable information belonging to identity theft victims. Because [...]
Workstation Hardening In a Remote Environment
Whether you’re sick and can’t make it to work that day or there’s a pandemic affecting the world, working remotely has become vital for organizations. The importance of securing communications when it comes to remote work is clear, considering that malicious threat actors will take advantage of weak communications and [...]
A 17-year-old critical vulnerability discovered in Windows Server
Security researchers from Check Point Research discovered a critical vulnerability in DNS Server component of Windows Server, which affects every version of Windows Server released in the past 17 years and allows an attacker to fully compromise a system. The vulnerability, identified as CVE-2020-1350 and named SigRed, belongs to remote [...]