本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成＆投稿したものです。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Abhiram Kumar

• Incident Response Essentials & Tips – My Two Cents

Incident Response Essentials & Tips - My Two Cents DFIR Incident Response Abhiram Kumar Apr 17, 2023 This blog post contains my thoughts on the essential foundation needed in Incident Response based on my experience. About My Background Before going into a lengthy discussion about the core foundation and skills in IR, I feel it is important to disclose my background so the reader knows where I’m coming from. I must mention that most of the content mentioned here is solely my personal opinion and...

Brett Shavers

• This is an evidence storage device.

Cassie Doemel at AboutDFIR

• AboutDFIR Site Content Update 04/22/2023

AboutDFIR Site Content Update 04/22/2023 By Cassie DoemelOn April 22, 2023April 21, 2023 Tools & Artifacts – Windows – new entries added – Memories & pCloud Tools & Artifacts – Android – new entry added – WiFi Annual Industry Reports – new entries added – PwC, Sophos Labs, & Unit 42 Jobs – old entries cleaned up, new entries added – SecureWorks, Varonis, Prudential Financial, Amazon, Kimberly Clark, Voya, Pacific Northwest National Lab, & Microsoft Forensicators of DFIR – cleaned up some dead li...

CISA

• CISA to Continue and Enhance U.K.’s Logging Made Easy Tool

Release DateApril 20, 2023 CISA has announced plans to continue and enhance the Logging Made Easy (LME) tool, a service originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC-UK). NCSC-UK stopped supporting the open-source log management solution for Windows-based devices tool on March 31, 2023. LME reduces log management burden and provides greater transparency into operating system and network security across deployed devices. CISA’s enhanced LME tool ...

Forensic Focus

• Winning New Contracts With Unmatched Speed: How Detego Transformed A Consultancy’s Capabilities

• Digital Image Authenticity And Integrity With Amped Authenticate

• Endpoint Inspector From Cellebrite Enterprise Solutions

• Digital Forensics Round-Up, April 20 2023

Magnet Forensics

• Review and Tagging in Magnet AXIOM & Magnet REVIEW

As digital evidence becomes increasingly complex, a collaborative, centralized approach to evidence review is a critical component of modern digital forensics labs—both within the lab and outside of it. Since there are typically many stakeholders involved at various points in a digital investigation, the new paradigm for managing digital evidence must fuel greater collaboration at all levels. With tools like Magnet AXIOM and Magnet REVIEW, we’re enabling collaboration for investigators to collec...

• Thorn’s CSAM Image Classifier Now Integrated With Magnet AXIOM

With the release of Magnet AXIOM 7.0, we’re excited to introduce the integration of Thorn’s advanced AI model: the CSAM Image Classifier. This new feature will help investigators spend less time reviewing and categorizing files, and instead use this AI technology to quickly arm themselves with relevant information to focus their investigations and identify victims of child sexual abuse faster. Addressing the CSAM Data Volume Problem One of the most significant challenges in child sexual abuse ma...

• Supporting eDiscovery With Email Relationship Linking in Magnet AXIOM Cyber Load Files

As organizational data continues to expand rapidly, eDiscovery cases are also growing in both size and diversity​. One category that remains at the top of the list for electronically stored information (ESI) is email—the preferred mean of business communications for 86% of professionals, the average worker sends 40 emails and receives around 121 emails every workday. With the prominence of email in business communications, its not surprising that it is a key source of ESI in eDiscovery collectio...

• All the Action from Magnet User Summit 2023 

We couldn’t wait to head back to Music City (Nashville, Tennessee) to catch up with friends old and new and talk about all things Magnet Forensics and DFIR for Magnet User Summit 2023! We had a fantastic series of activities lined up for attendees, including sessions from DFIR Industry experts and opportunities to learn more about Magnet Forensics products—both in pre-conference training and hands-on labs. Plus, we were extremely proud to unveil a series of new offerings and updates from our pro...

MSAB

• MSAB´s annual report for 2022 published

/ Updates / MSAB´s annual report for 2022 published MSAB´s annual report for 2022 published The Swedish version of MSAB’s annual report 2022 is now available for download on the company’s website: www.msab.com The English version of the annual report is expected to be available on MSAB’s website on April 22, 2023. This information is information that MSAB is obliged to make public pursuant to the Securities Markets Act. The information was submitted for publication of the contact person set out ...

• Amendment: MSAB´s annual report for 2022 published

/ Updates / Amendment: MSAB´s annual report for 2022 published Amendment: MSAB´s annual report for 2022 published The correction refers to a new version of the ESEF file. The Swedish version of MSAB’s annual report 2022 is now available for download on the company’s website: www.msab.com The English version of the annual report is expected to be available on MSAB’s website on April 22, 2023. This information is information that MSAB is obliged to make public pursuant to the Securities Markets Ac...

Lisa Forte at Red Goat

• How to write an effective ransomware playbook

Salvation DATA

• What does a Forensic Video Analyst do in Law Enforcement?

Knowledge 2023-04-17 What is your image of a Forensic Video Analyst: a geeky guy probably with thick round glasses, sitting in front of the screen—from dawn till dusk? Not necessarily! Viewing the screen and analyzing video is certainly one important function, but this is not all that a forensic video analyst does. By definition, a professional video forensics analyst performs the scientific examination and evaluation of video evidence. But what specific functions does the scientific examination...

SANS

• What are Sock Puppets in OSINT

Ritu Gill What are Sock Puppets in OSINT Learn about Sock Puppets, the benefits of using them, and best practices for setting them up. April 17, 2023 What are sock puppets?Sock puppets, also known as research accounts, are online fictitious identities used to conceal the true identity of the OSINT investigator and to gain access to information that requires an account to access.Remember, you are responsible for reading and understanding the Terms of Service for the websites you use because creat...

• Keeping your boat afloat

• Be Dazzled by Identity-as-a-Service (IDaaS)

Chris Edmundson Be Dazzled by Identity-as-a-Service (IDaaS) Understanding the context, terms, and definitions related to IDaaS and putting them into practical use. April 18, 2023 What is IDaaS and Why Should I Use It?Identity-as-a-Service (IDaaS) is a 3rd party offering of identity and access management (IAM) solutions, bundling many of the common IAM capabilities, typically designed to provide functionality such as:Account provisioning and deprovisioning, leveraging standard protocols like Syst...

• Your Security Awareness Program Can Do More Than You Think: Fulfilling the Promise of “Training for All”

Your Security Awareness Program Can Do More Than You Think: Fulfilling the Promise of “Training for All” Jason Hodgert Your Security Awareness Program Can Do More Than You Think: Fulfilling the Promise of “Training for All” How using computer-based training for unlikely targets can level-up your security posture April 17, 2023 In the world of security awareness training, we like to think of ourselves as providing training for each employee in the building. There was a time when training ...

• Cybersecurity Jobs: Blue Teamer (Japanese)

homepage Open menu Go one level top Train and Certify Train and Certify Immediately apply the skills and techniques learned in SANS courses, ranges, and summits Overview Courses Overview Full Course List By Focus Areas Cloud Security Cyber Defense Cybersecurity and IT Essentials DFIR Industrial Control Systems Offensive Operations Management, Legal, and Audit By Skill Levels New to Cyber Essentials Advanced Expert Training Formats OnDemand In-Person Live Online Course Demos Training Roadmaps Ski...

• Cloud Agnostic or Devout?

Brandon Evans Cloud Agnostic or Devout? Part 2: Why Securing Multiple Clouds Using Terraform is Harder Than You Think April 20, 2023 The movement towards multi cloud security has been growing momentum with no end in sight. Over 50% of the respondents to the SANS 2022 Multicloud Survey not only use all of the Big 3 Cloud Providers (Amazon Web Services, Azure, and Google Cloud), but they also use all of the next three most popular CSPs (Alibaba Cloud, Oracle Cloud, and IBM Cloud). The workforce ...

SentinelOne

• Mastering the Art of SOC Analysis Part 1 | Fundamental Skills for Aspiring Security Operations Center Analysts

April 17, 2023 by SentinelOne PDF As cybersecurity threats increase in sophistication and frequency, the demand for skilled Security Operations Center (SOC) analysts continues to rise. In tandem with defensive strategies and advanced security software, SOC analysts fill a critical role in keeping enterprises safe from attacks. SOC teams are responsible for identifying and mitigating oncoming threats, protecting sensitive information, and ensuring the overall security of an organization’s digital...

• Avoiding the Storm | How to Protect Cloud Infrastructure from Insider Threats

April 20, 2023 by Chris Boehm PDF One of the most significant security threats to cloud infrastructure is insider threats. As more businesses move to cloud and hybrid environments, employees sending sensitive data to unsecured or misconfigured clouds risk exposing their organization to advanced cyber threats and opportunistic attackers. The importance of cloud infrastructure to businesses of all sizes along with the privileged access that insiders often have mean that mitigating the risk of insi...

Teri Radichel

• S3 Bucket for S3 Access Logs

ACM.194 Deployment scripts for a generic S3 bucket templatePart of my series on Automating Cybersecurity Metrics. The Code.In the last post I explained how a common template to prevent misconfigurations in S3 buckets can help prevent misconfigurations.----More from Cloud SecurityCybersecurity in a Cloudy WorldRead more from Cloud SecurityAboutHelpTermsPrivacyGet the Medium appGet unlimited accessTeri Radichel1.5K FollowersCloud Security Training and Penetration Testing | GSE, GSEC, GCIH, GCIA, G...

• S3 Bucket for CloudTrail

ACM.195 Creating a bucket with a server access logging bucketPart of my series on Automating Cybersecurity Metrics. The Code.Phew. That last post was quite involved. I tested out my S3 CloudFormation template, fixed a bunch of bugs, created deployment scripts and a bucket naming convention, among other things.----More from Cloud SecurityCybersecurity in a Cloudy WorldRead more from Cloud SecurityAboutHelpTermsPrivacyGet the Medium appGet unlimited accessTeri Radichel1.5K FollowersCloud Security ...

John Patzakis at X1

• Social Media Evidence Proves Essential in Recent High-Stakes Trademark Infringement Matters

By John Patzakis April 18, 2023 Recent court decisions reflect how social media evidence can play an important role in establishing actual confusion in a trademark infringement lawsuit. With the rise of social media, businesses and individuals have been able to reach wider audiences and create their own brand identities. However, this has also led to an increase in trademark infringement cases, as individuals and companies attempt to profit from the goodwill and reputation of established brands....