解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 26 – 2023 - MISCELLANEOUS

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。 一部の記事は Google Bard を使い要約しています。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Adam at Hexacorn

June 22, 2023 in Preaching The cyber consulting world delivers a lot of useful security work. They do workshops, trainings, table top exercises, they write playbooks, red team, provide assessments, and help companies with gap analysis, system configuration and hardening. Many of these engagements often start with some sort of a questionnaire. The customer is asked about scope of engagement, network architecture, Active Directory configuration, list of crown jewels, number of endpoints, OS/platfo...

ADF Solutions

Posted by ADF Solutions on June 21, 2023 Find me on: Facebook LinkedIn Twitter Tweet Screenshots allow investigators to capture a snapshot of what is currently displayed on a mobile device’s screen during digital forensic triage.They can even be used to capture encrypted messages preserving evidence. This method makes it possible to collect digital evidence that would otherwise not be available in an advanced logical acquisition because the data is protected. Screenshots are a versatile and powe...

Belkasoft

YARA is an open-source toolset commonly used in malware research, incident response, and digital forensics. DFIR and cyber security specialists employ it as an industry-standard solution for streamlining the process of detecting and categorizing malware. The implementation of YARA generally involves two stages: Creating YARA rules that describe specific textual and binary patterns found in malicious files or software Passing these rules as arguments to a specialized tool that searches files or d...

Ben Heater

Wazuh Upgrading Wazuh Components In this post, I'll be covering process of upgrading Wazuh tailored to some customizations in my environment. 3 days ago • 4 min read By 0xBEN Table of contents Why I'm Writing this PostIn some previous posts, I've gone over a few topics that necessitate this post, including:Introduced the process of installing and configuring WazuhCovering in detail the OwlH NIDS integration with WazuhCovering the logall_json log archiving option in WazuhFor anyone who may have f...

Doug Burks at Security Onion

On Wednesday, Red Hat announced a change to their source code access://www.redhat.com/en/blog/furthering-evolution-centos-streamWhat does this change mean for Security Onion?First, this change should have no effect on the current Security Onion 2.3 platform. For Security Onion 2.4, our plan is to use Rocky Linux as the base platform. Last night, Rocky Linux posted the following: //rockylinux.org/news/2023-06-22-press-release/Based on Rocky's announcement, we are optimistic that we can continue o...

Forensic Focus

Monica Harris at Cellebrite

Tess Mishoe at Red Canary

SANS

homepage Open menu Go one level top Train and Certify Train and Certify Immediately apply the skills and techniques learned in SANS courses, ranges, and summits Overview Courses Overview Full Course List By Focus Areas Cloud Security Cyber Defense Cybersecurity and IT Essentials DFIR Industrial Control Systems Offensive Operations Management, Legal, and Audit By Skill Levels New to Cyber Essentials Advanced Expert Training Formats OnDemand In-Person Live Online Free Course Demos Training Roadmap...