本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Emi Polito at Amped
Emi Polito August 29, 2023 Hello folks and welcome all to our new blog series “Learn and solve it with Amped FIVE“. This weekly series focuses on how to solve common challenges related to video evidence using Amped FIVE, starting with how to deblur a moving car. Over the course of this series, we will be diving into the most common enhancement workflows, in view to bring you valuable insights and practical solutions, and ultimately improve your day-to-day investigations. Whether you’re an invest...
Joseph Moronwi at Digital Investigator
ForensafeInvestigat... 12 hours ago AboutDFIR – The Definitive Compendium Project InfoSec News Nuggets 09/01/2023 - Google Removes ‘Pirate’ URLs from Users’ Privately Saved Links To date, Google has processed more than seven billion copyright takedown requests for its... 2 days ago DFIR Training - Followers Follow Us Powered by Blogger Report Abuse Archive September (1) August (2) July (1) June (4) May (3) February (2) January (2) December (4) November (5) September (4) August (3) July (3) June ...
Forensafe
01/09/2023 Friday iOS Telegram is a widely used instant messaging application developed by Telegram Messenger LLP, catering exclusively to iOS devices. This app is known for its robust set of features that facilitate seamless communication. Users can send text messages, share photos, videos, documents, and engage in voice and video calls, both in one-on-one and group settings. What sets iOS Telegram apart is its strong emphasis on privacy and security, offering end-to-end encryption for messages...
Nik Alleyne at ‘Security Nik’
Packet Crafting - Tearing down a connection with TCP Reset In a previous post, I crafted a TCP 3-way handshake, to setup a connection with a remote device. In this post, we are going to sniff traffic between two devices and send a RST packet to tear down the connection. Think about what your IPS does as you go through this post.First up, the manual process. Let's say a server (in this case netcat) is listening on port 9999 as shown here.1 2sans@sec503:~$ nc -l -p 9999 -n -v -4 Listening on 0.0.0...
Solving the CTF challenge - Network Forensics (packet and log analysis), USB Disk Forensics, Database Forensics, Stego At work, we develop and run various Cyber Security challenges to help the Analyst (and the rest of the team) to rapidly build and demonstrate their skillset. This challenge was put together by one of our Managers Jean. I thought this was an interesting challenge that covered a number of areas. As a result, I thought I should take a stab at it. Here is my write up of my analysis....
Théo Letailleur at Synacktiv
Written by Théo Letailleur - 28/08/2023 - in CSIRT - Download As remote work surges, VPNs gain significance. With employees using their devices in uncontrolled networks, VPNs are certainly now a serious option for attackers to gain an initial foothold on the corporate network. Microsoft offers a VPN solution called Remote Access Service. This article sheds light on Microsoft VPN service's inner workings, and provides forensic aspects to improve incident response and the monitoring of this servi...