Brad Garnett

Welcome to my Digital Forensics and Incident Response oasis!

Digital Forensics, Incident Response, and Information Security

Filtering by Tag: Cyber Crime

Home Depot Breach: Senior Execs blame Windows

The Home Depot and Target Data Breach have a lot of similarities. Stolen vendor credentials, POS malware, etc. This article caught my attention today. It appears Home Depot Senior Executives are migrating from Windows to Macs. Historically, Macs have been not as targeted as Windows. With more Macs in the workplace, we are seeing more and more malware targeting Mac users. With Wirelurker and Masque Attack, iOS and Mac OS X are clearly targets. As more and more Macs are becoming common in the workplace, they will be targeted even more. 158 new pieces of malware are created every minute, or 158 new ways you are now vulnerable! Regardless, replacing hardware alone does not equate to security. 

Continue reading...

Senate Judiciary Committee hearing on Cyber Crime and Privacy

On Tuesday, February 4th Target and Neiman Marcus officials testified before the Senate Judiciary Committee. Symantec, Consumer Union, Justice Dept, U.S. Secret Service, and others testified before the committee. You can watch the entire 2 hours and 47 minutes of C-SPAN video here. The hearing focuses on protecting Americans' privacy and combating cyber crime. The Target and Neiman Marcus data breaches are highlighted, with much discussion on moving away from magnetic credit cards and direct impacts on "brick 'n mortar" stores.

In this hearing, the malware that targeted Target and Neiman Marcus is often referred to as "advanced" and how it was so sophisticated that it avoided multiple layers of detection systems (i.e. IDS, A/V, DLP, etc.), which is another topic for discussion when it comes to signature-based solutions. But just as my friend and colleague Brian Moran points out, the Target malware from the viewpoint of a seasoned incident responder and forensic examiner, is only as sophisticated as it needs to be to steal data. Brian states, "Cyber criminals will continue to use malware that is only as advanced as it needs to be to allow the compromise, collection, and exfiltration of data."  In my previous post, I also discussed of how we all can turn this information into actionable intelligence.

With data breaches, NSA data collection debate, and consumer privacy being at the forefront of news and debate...future legislation will have a direct effect on the entire country going forward. What are your thoughts? Leave me a comment.