#computer-forensics
#computer-forensics

US news

Alleged RedLine Malware Administrator Extradited to US

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Information security

Broker who sold malware to the FBI set for sentencing

A Jordanian national pleaded guilty to acting as an initial access broker who sold network access and malware that facilitated ransomware and multimillion-dollar losses.

7 hours ago

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

US news

Alleged RedLine Malware Administrator Extradited to US

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Information security

Broker who sold malware to the FBI set for sentencing

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

US politics

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

US politics

fromTechCrunch

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

US politics

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

fromLos Angeles Times

Los Angeles

L.A. Metro confirms it was hacked. Weeks later, it's still getting systems back online

Privacy professionals

10 Data Security Stories to Know About (March 2026)

Healthcare

Healthcare IT Platform CareCloud Probing Potential Data Breach

Node JS

fromInfoQ

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Organizations are not prepared for the next cybersecurity crisis, similar to Log4Shell.

16 hours ago

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

EU data protection

fromTechCrunch

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

fromLos Angeles Times

Los Angeles

L.A. Metro confirms it was hacked. Weeks later, it's still getting systems back online

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

Healthcare

Healthcare IT Platform CareCloud Probing Potential Data Breach

CareCloud experienced a cybersecurity incident that may have compromised patient information, but the impact is believed to be limited and manageable.

Node JS

fromInfoQ

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Organizations are not prepared for the next cybersecurity crisis, similar to Log4Shell.

16 hours ago

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

Beyond the Certificate: Why Real Expertise in Investigative Interviewing Comes from Practice

Training and certifications signal competence, but true effectiveness in investigative interviewing requires disciplined application and real-world experience.

SOMA, SF

fromSan Jose Inside

DA Hires Stanford Grad to Run County Crime Lab

Sandra Burnham Sachs is the new chief of the Santa Clara County District Attorney's Crime Lab, succeeding Dr. Ian Fitch.

fromSFGATE

Cigarettes lead to killer of woman alone in Bay Area home

Marjorie Rudolph was brutally murdered in her home, suffering extensive injuries from a heavy object, with her body later placed in a bathtub to conceal the crime.

California

Law

fromPoynter

fromHarvard Business Review

Like journalists, prosecutors shaped a distorted view of crime. They can help fix it, too. - Poynter

Prosecutors and journalists both contribute to misleading public perceptions of crime, but prosecutors possess crucial data to tell a more accurate story.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

Business intelligence

Beyond Locking Doors

Access control systems provide valuable data that enhances operational efficiency and decision-making beyond just security.

#data-integrity

fromComputerworld

Data science

IT lesson from the Iran war: AI makes your data problems so much worse

AI can exacerbate existing data issues in enterprises, as demonstrated by the US military's bombing due to outdated intelligence.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Data science

fromComputerworld

IT lesson from the Iran war: AI makes your data problems so much worse

AI can exacerbate existing data issues in enterprises, as demonstrated by the US military's bombing due to outdated intelligence.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Security contractor blew the whistle on shabby support crew

Brad, a security contractor, faced challenges with antivirus alerts while working in a labor hire company's office without proper IT support.

DevOps

3 SOC Process Fixes That Unlock Tier 1 Productivity

Fragmented workflows and manual triage slow down Tier 1 SOC performance more than the threats themselves.

EU data protection

fromAdExchanger

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

California

fromABC7 San Francisco

DNA on cigarette links suspect to 'brutal' San Rafael homicide cold case, solving 1966 murder

A 60-year-old homicide case was solved using DNA evidence from cigarette butts, identifying James Switzer as the suspect in Marjorie Rudolph's murder.

FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers

Threat actors accessed FBI Director Kash Patel's personal email, but no government information was compromised.

fromComputerworld

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

Media industry

fromPsychology Today

Build Your Digital Detective Kit

Digital and media literacy skills are essential for all online users to navigate AI-generated content, partisan framing, and viral misinformation in today's information landscape.

DevOps

fromInfoQ

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.

Web development

Brilliant backups landed web developer in big trouble

A website migration oversight caused a two-year disconnect where office staff viewed outdated content due to hardcoded DNS settings, while the client only discovered the issue when accessing the site from the office.

Business intelligence

fromComputerWeekly.com

AI tools offer 'near-real-time' analysis of data from seized mobile phones and computers | Computer Weekly

Cellebrite's AI-powered Guardian Investigate platform enables police to rapidly analyze mobile device data, discover connections between datasets, track phone locations over time, and construct event timelines for major crime investigations.

Privacy technologies

fromwww.scientificamerican.com

Meta, cops deploy AI and handcuffs in scam crackdown

Meta deployed anti-scam tools across WhatsApp, Facebook, and Messenger, including device-linking warnings and suspicious friend request alerts, while law enforcement disrupted scam networks and arrested 21 fraudsters.

AI techniques speed up forensic analysis of crucial crime scene larvae

A maggot's age and species can give essential information to forensic entomologists investigating murders. Combing through these fly larvae, investigators can potentially learn when and where a crime happened, whether the body has been moved or whether toxins were involved. For example, blowflies are among the earliest insect colonizers of corpses; they typically sniff out and lay eggs on a dead body within minutes to hours.

Roam Research

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

#malware

Information security

Sophisticated CrystalX RAT Emerges

Information security

Fake Claude Code source downloads actually delivered malware

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Information security

New DeepLoad Malware Dropped in ClickFix Attacks

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

fromDataBreaches.Net

Information security

Threat actors insisted that Resecurity's honeypot was real data. We found no evidence that it was. - DataBreaches.Net

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

fromDataBreaches.Net

Information security

Threat actors insisted that Resecurity's honeypot was real data. We found no evidence that it was. - DataBreaches.Net

more#data-breach

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

Business intelligence

AI Security and Forensic Accounting: Protecting Financial Systems in an Automated World

AI-enhanced forensic accounting is essential for detecting financial fraud and payment manipulation in automated financial systems vulnerable to sophisticated, AI-driven attacks.

Artificial intelligence

fromFuturism

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.

Mercor Hit by LiteLLM Supply Chain Attack

We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow. Our security team moved promptly to contain and remediate the incident.

Information security

fromTechCrunch

Hacker broke into FBI and compromised Epstein files, report says | TechCrunch

An unidentified foreign hacker broke into the FBI's field office in New York in 2023 and compromised files related to the bureau's investigation into the sex offender Jeffrey Epstein, according to Reuters. The hack took advantage of a server at the Child Exploitation Forensic Lab in the FBI's New York Field Office that was left inadvertently vulnerable by an FBI special agent working on the case.

Privacy professionals

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

#fbi-cybersecurity

Privacy professionals

FBI Investigates Suspicious Activity in Surveillance Platform

Privacy professionals

FBI Investigating 'Suspicious' Cyber Activity on System Holding Sensitive Surveillance Information

FBI Investigates Suspicious Activity in Surveillance Platform

The FBI is investigating suspicious cyber activity on systems managing surveillance and wiretap warrants, highlighting critical vulnerabilities in sensitive law enforcement infrastructure.

FBI Investigating 'Suspicious' Cyber Activity on System Holding Sensitive Surveillance Information

The FBI is investigating suspicious activities on an internal system containing sensitive surveillance data, with an unidentified actor using sophisticated techniques to exploit network security controls.

more#fbi-cybersecurity

The Rising Tide of Executive Protection: Corporations Ramp Up Security in an Era of Heightened Threats

Companies are increasingly investing in executive protection due to rising threats, making it a strategic necessity for business continuity and resilience.

fromnews.bitcoin.com

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

#digital-forensics

fromMail Online

fromwww.scientificamerican.com

Digital life

Smartphones are now the most crucial piece of evidence in crime probes

Information security

How digital forensics could prove what's real in the age of deepfakes

fromMail Online

fromwww.scientificamerican.com

Digital life

Smartphones are now the most crucial piece of evidence in crime probes

Information security

How digital forensics could prove what's real in the age of deepfakes

more#digital-forensics

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Turns out most cybercriminals are old enough to know better

Middle-aged adults aged 35-44 comprise 37% of cybercrime arrests, with 25-44 year-olds accounting for nearly 60% of cases, contradicting the teenage hacker stereotype.

fromComputerWeekly.com

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.

Tech industry

fromDataBreaches.Net

INC ransomware opsec fail allowed data recovery for 12 US orgs - DataBreaches.Net

Researchers recovered data stolen by the INC ransomware gang from a dozen U.S. organizations after an operational security failure exposed attacker infrastructure.

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.

US news

fromwww.mediaite.com

Cybersecurity Expert Tells Fox News Guthrie Suspect Video May Indicate He Was Burglar Not Kidnapper With a Target

Suspect's surveillance behavior, clothing, and actions suggest opportunistic burglary rather than a targeted attack on Nancy Guthrie.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Law

fromAxios

AI is reshaping police detective work, starting with cold cases

AI tools enable detectives to rapidly search and analyze large, multimodal evidence (calls, interviews, photos, social media) to accelerate cold and active investigations.

Law

fromThe Walrus

When Evidence Can Be Deepfaked, How Do Courts Decide What's Real? | The Walrus

Advances in AI deepfakes will erode trust in photographic and audio evidence, undermining legal practice unless evidence laws and forensic methods adapt.

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

AI is transforming cybercrime by enabling personalized phishing, deepfakes, and malware that evade traditional security measures.

fromWIRED

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The US Department of Justice, working with the cybercrime-fighting agency within the US Department of Defense known as the Defense Criminal Investigative Service, announced that it had dismantled four massive botnets in a single operation, removing the command-and-control servers used to commandeer the hacker-run armies of compromised devices known by the names JackSkid, Mossad, Aisuru, and Kimwolf.

Information security

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.

fromComputerWeekly.com

Interpol obliterates cyber criminal infrastructure | Computer Weekly

Interpol's Operation Synergia III neutralized 45,000 malicious IP addresses and servers across 72 countries, resulting in 94 arrests and over 100 investigations targeting cyber fraud, phishing, malware, and ransomware infrastructure.

Investigating a New Click-Fix Variant

Atos Researchers identified a new variant of the popular ClickFix technique, where attackers convince the user to execute a malicious command on their own device through the Win + R shortcut. In this variation, a "net use" command is used to map a network drive from an external server, after which a ".cmd" batch file hosted on that drive is executed.

Information security

fromtechcrunch.com

FBI investigating hack on its wiretap and surveillance systems: report

Hackers breached FBI networks managing wiretaps and foreign intelligence surveillance warrants, marking another major U.S. government cybersecurity incident amid ongoing threats from Chinese and Russian threat actors.

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat actors impersonate IT support via email and phone calls to deliver Havoc C2 framework for data exfiltration or ransomware attacks across multiple organizations.

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Automated, context-aware cloud forensics is essential because ephemeral infrastructure, rotating identities, and expiring logs destroy evidence before manual investigations can complete.

#dfir

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Where DFIR Fits in NIST's Cyber AI Profile

Information security

Are criminals vibe coding malware? All signs point to yes

Information security

Block red-teamed its own AI agent to run an infostealer

Information security

Are criminals vibe coding malware? All signs point to yes

Information security

Block red-teamed its own AI agent to run an infostealer

From Triage to Threat Hunts: How AI Accelerates SecOps

Agentic AI augments SOC analysts by automating triage and investigations, decoupling investigation capacity from headcount and surfacing true threats from all alerts.

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Early decisions immediately after detection determine incident investigation outcomes; establishing direction before assumptions harden preserves options and shapes the entire response.

fromTechzine Global

Researchers hack malware gang via its own weak spot

An XSS flaw in StealC’s web panel allowed takeover of operator sessions, revealing millions of stolen cookies, passwords, and YouTube-based malware distribution.

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.