Hackers capture dynamic data to prepare for effective, stealthy attacks

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

"Offensive forensics is an attack technique hackers use to capture non-static data that can be useful in performing further attacks," says Joe Sremack, Principal, Berkeley Research Group, LLC, a computer forensics and e-discovery firm.

In an offensive forensics procedure, the hacker captures non-static, in-memory data in order to acquire the passwords, encryption keys, or active network session data living there, which can aid them in gaining unrestrained access to precious data.

To illustrate, a simple example of an offensive forensics attack is one that captures the Windows clipboard, a place where less-than-savvy users often copy and paste their secure passwords. Hackers typically mount this type of attack through vulnerabilities in Flash.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies