Is your IP address personal information?
iT News (blog)
Late last year, myself and InfoSec expert Darren Pauli met with CIOs, lawyers and IT security experts to drum out a best practice response to ensuring your systems and processes are compliant. We've put together what I expect to be an easily-digested ...

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Dropbox said Sunday it was making progress in restoring service after the popular file storage service went offline on Friday.

According to a Reuters report based on "sources familiar with attacks on other merchants," Nieman Marcus and Target weren't the only high-profile, US retailers to be hacked during the 2013 holiday season. The news agency did not identify what specific retailers have also been affected, but it reports at least three other US retailers ("with outlets in malls") suffered breaches that have yet to be publicly disclosed.

These additional attacks allegedly implemented the same techniques that infiltrated Target. While Target has not officially disclosed any techniques, Reuters' sources said one of the hacking tools was a RAM scraper. The news agency describes this as memory-parsing software "which enables cyber criminals to grab encrypted data by capturing it when it travels through the live memory of a computer, where it appears in plain text."

RAM scraping is not a new tactic and Ars Security Editor Dan Goodin has covered similar tools before (see sidebar). He notes RAM scraping is useful when dealing with encrypted information, since sometimes the only way to access the underlying plaintext is to extract it from computer memory. Still, it's important to note the RAM scraping detail from Reuters is still speculative and the agency acknowledges it's only one of a variety of techniques that may be involved.

Read 1 remaining paragraphs | Comments


We have been notified that some of you have received repeated notifications being sent out regarding a recently-published diary. Notification has been turned off while we are investigating the issue. We apologize about the inconvenience.


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Strikes, fouls aplenty in 2014 RSA Conference boycott, MLB HoF vote
In response to these events, some believe the best way to voice displeasure with RSA is to boycott the 2014 RSA Conference, which of course is the infosec industry's biggest annual confab. At least eight speakers have already cancelled their talks ...

and more »
Internet Storm Center Infocon Status