解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 52 – 2022 - PRESENTATIONS/PODCASTS

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。Week 52 – 2022 は こちら からご確認いただけます。「Buy me a coffee」からカンパをすると喜ばれます。

PRESENTATIONS/PODCASTS

Anastasios Pingios

  • BSides Cyprus: Cloud… Just somebody else’s computer

BSides Cyprus: Cloud… Just somebody else’s computer leave a comment » Just noticed that I haven’t published much for the last few talks I’ve been giving and this is one of them… That was my 8th, and last, talk for 2021. It was a research more on the cloud security architect/engineering side. That was my second time participating in BSides Cyprus, and as always, it was an amazing event with amazing people. The organizers of BSides Cyprus did a remarkable job. From the set up of the remote event, ...

Belkasoft

  • Uncovering Cyber Threat Actors’ Persistence Mechanisms

YouTube video

Black Hills Information Security

  • BHIS – Talkin’ Bout [infosec] News 2022-12-19

YouTube video

  • Talkin’ About Infosec News – 12/21/2022

00:00 – PreShow Banter™ — Talkin’ Bout [Elon] News00:51 – BHIS – Talkin’ Bout [infosec] News 2022-12-1902:46 – Story # 1: Antivirus and EDR solutions tricked into acting as data wipers//www.bleepingcomputer.com/news/security/antivirus-and-edr-solutions-tricked-into-acting-as-data-wipers/12:11 – Story # 2: Twitter suspends @ElonJet after Musk promises not to ban it//www.theverge.com/2022/12/14/23508898/elonjet-twitter-ban-elon-musk-jet-tracker12:48 – Story # 2b: Elon Musk starts banning critical ...

  • SNMP… Strings Attached!

Dale Hobbs // One thing that I almost always find when performing an internal network penetration test is Simple Network Management Protocol (SNMP) configured with default community strings. Simple Network Management Protocol (SNMP) is a widely-used protocol for managing and monitoring network devices such as routers, switches, and servers. It allows network administrators to manage and monitor the performance of network devices and to troubleshoot issues when they arise. SNMP is based on a “man...

BlueMonkey 4n6

  • Becky Passmore – Day in the Life of DFIR – 5 most important items to bring on a search #shorts

YouTube video

Breaking Badness

    1. The Pheast of the Seven Phishes

Cellebrite

  • How to Search for Hidden Photos with UFED Cloud in Mobile Forensics

YouTube video

  • How to Streamline Your Investigative Workflow With Cellebrite Guardian

YouTube video

  • How to Examine Sent Messages Using New Mobile Forensics Features for iOS 16 in Physical Analyzer

YouTube video

  • How to Automatically Open Physical Analyzer After a UFED File System Extraction

YouTube video

  • How to Use the Cellebrite Notebook to Learn New Topics and Simplify Digital Forensics

YouTube video

  • How to Find Great Mobile Forensics Resources On The Cellebrite Community Portal – Physical Analyzer

YouTube video

  • How to Maximize Your File System Extractions With UFED Smart Flow in Mobile Forensics

YouTube video

  • How to Streamline Your Digital and Physical Evidence Processes with Cellebrite Guardian

YouTube video

  • How to Use UFED Smart Flow For Selective Data Collection During Mobile Forensics

YouTube video

  • How to Use Keyword Search In Physical Analyzer & Recover Digital Artifacts – Mobile Device Forensics

YouTube video

  • How Guardian Can Help Streamline Your Investigations From End-To-End

YouTube video

  • How to Use Call Logs, Location Data and more for iOS Forensics – Physical Analyzer 7.57

YouTube video

  • How to Use Samsung Rubin in Cellebrite Physical Analyzer for Mobile Device Forensics

YouTube video

  • How to Stay Updated On Cellebrite UFED with Release Notes for Mobile Device Forensics

YouTube video

  • How to Use Keyword Search In Physical Analyzer To Recover More Artifacts

YouTube video

  • How to Load Any Full File System Extraction Into Physical Analyzer from a Different Tool

YouTube video

  • How To Search Messages For Emojis of Interest in a Forensic Image during a Digital Investigation

YouTube video

  • How to Find Full-Sized Assets on iPhones During Forensic Examinations – Scott Koenig

How to Find Full-Sized Assets on iPhones During Forensic Examinations – Scott Koenig December 20, 2022 | Heather Mahalik - Senior Director of Digital Intelligence and Forensics at Cellebrite Email In this episode, Heather Mahalik hosts Scott Koenig from the Nevada Department of Public Safety. Scott reviews situations when only thumbnails, and not the full-sized assets, are found in DCIM for iPhones during forensic examinations. He provides tips for how to find more information using Physical Ana...

  • Ransomware Q and A With Ryan Chapman – Digital Forensics & Incident Response

Ransomware Q and A With Ryan Chapman – Digital Forensics & Incident Response December 20, 2022 | Heather Mahalik - Senior Director of Digital Intelligence and Forensics at Cellebrite Email In this episode, Heather Mahalik hosts Ryan Chapman to discuss the topic of ransomware. Ryan is a Principal Incident Response Consultant with BlackBerry. He has worked in the Digital Forensics & Incident Response (DFIR) realm for 10 years and teaches ransomware courses. In this video, he provides an outline of...

Digital Forensic Survival Podcast

  • DFSP # 357 – EVTX Analysis

Doug Burks at Security Onion

  • Introduction to Analyzers in Security Onion: Enriching Observable Data in Cases During an Investigation

Posted by Doug Burks at 9:51 AM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: analyzers, cases, observables, security onion, securityonion No comments: Post a Comment Older Post Home Subscribe to: Post Comments (Atom) Security Onion Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own tools for triaging alerts, hunting, and case management as well as other tools such as Playbook, Fl...

Gerald Auger at Simply Cyber

  • Stop Thinking MITRE ATT&CK Is a Sliver Bullet

YouTube video

InfoSec_Bret

  • CyberDefenders –  EscapeRoom

YouTube video

Mossé Cyber Security Institute

  • Writing Open Source Intelligence Reports

YouTube video

  • Setting up a lab to perform OSINT

YouTube video

  • Legal and Ethical Considerations of Open Source Intelligence

YouTube video

  • Methodology to perform Open Source Intelligence

YouTube video

NVISO Belgium

  • OpenAI in Cortex XSOAR: Detecting Phishing with AI (16.12.2022)

YouTube video

Politico Tech

  • The person behind the keyboard

POLITICO TechDec 1630 min 24 secshare-icon-androidWant a personal insight into some of the world's most notorious cybercriminals through a neutral party? We interviewed a malware librarian to find out how the geopolitics surrounding the Russia-Ukraine war actually played out in the cybercriminal underground and the complex motivations of the people launching dangerous malware attacks against critical computing systems.December 16, 2022 • 30 MINSSee all episodes

Richard Davis at 13Cubed

  • The Dissect Effect – An Open Source IR Framework

YouTube video

RickCenOT

  • BREAKDOWN Realistic Pentest/Hacking of of a Moxa industrial communication processor NPort 5110

YouTube video

SANS Cyber Defense

  • Packet Tuesday – TLS Server Hello

YouTube video

SANS Institute

  • What You Need to Know About OpenAI’s New ChatGPT Bot – And How it Affects Cybersecurity? SANS Panel

YouTube video

Thomas Roccia at SecurityBreak

  • Code Graphology

How to study an exploit to discover more?This year I presented at @ComfyConAU about code graphology and how it can be used for exploit hunting! Here is an overview on what was discussed and how you can apply code graphology in your research! This thread was originally posted on Twitter and saved here! 🤓Graphology is the study of handwriting. In criminology, it may be used to link a suspect to crime scene evidence. Similarly, the same concept can be applied to programming languages. It was first ...

Sumuri

  • SUMURI Gives Back 2022 | Winning Agency

YouTube video