解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 41 – 2023 - MISCELLANEOUS

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Emi Polito at Amped

Emi Polito October 4, 2023 Dear colleagues, we are very thrilled to announce that we have just released our new official Amped FIVE certification program. After a long period of development and trials, we can now formally reveal that the program is open to all eligible Amped FIVE users. Find out how to become an Amped FIVE Certified Examiner (AFCE) below. LEARN MORE Contents 1 Become an Amped FIVE Certified Examiner 2 Entry Requirements 3 The Online Examination 4 How to Prepare for the Exam 5 Ho...

Jonathan Tanner at Barracuda

Topics: Oct. 5, 2023 | Jonathan Tanner Tweet Share Share Tweet Share Share If there's one type of malware most people have at least heard of, it's ransomware. It tends to pick up a lot of media coverage due to its ability to completely shut down the operations of its victims as well as having a very easily quantifiable monetary impact — the ransom. It's also much harder for some of the commonly targeted organizations to hide that an incident occurred, such as the public sector and healthcare, be...

Belkasoft

Belkasoft are delighted to announce that you can now enhance your digital forensics or cyber incident response toolkit with one of Belkasoft’s premier products, completely free of charge. Belkasoft T is your indispensable tool for triaging Windows machines. It enables you to quickly detect and obtain forensically important data stored in RAM and on hard drives in time-sensitive situations. Here is why you need Belkasoft T: Precision: The tool can identify 1500+ application profiles, detect neste...

Andres Blanco at Cellebrite

CISA

Release DateOctober 05, 2023 Alert CodeAA23-278A A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. Through NSA an...

Anusthika JeyaShankar at CyberProof

Anusthika JeyaShankar October 2, 2023 4 minute read To learn more about the essential components of becoming a Security Operations Center (SOC) analyst, we interviewed Anusthika Shankar, an analyst at CyberProof. She gave her perspective on cybersecurity’s importance and what every SOC analyst should be an expert in, to best succeed. In the context of today's digital landscape, why is cybersecurity so important? Anusthika: In today's digital landscape, the importance of cybersecurity cannot be o...

Reza Rafati at Cyberwarzone

Reza Rafati October 2, 2023October 2, 2023 0 Comments cybersecurity, guide, tools Wondering which digital forensics tools are making waves in the cybersecurity landscape? You’ve come to the right place. Table of Contents Toggle AutopsyEncase ForensicsThe Forensic Toolkit (FTK) by ExterroX-Ways ForensicsThe Sleuth Kit (TSK)The Volatility FrameworkWiresharkCellebrite UFED (Universal Forensics Extraction Device)Forensic Email CollectorDigital Forensics Framework (DFF) Magnet AXIOM by Magnet Forensi...

Decrypting a Defense

digitalforensicslas.substack.comCopy linkFacebookEmailNotesOtherDiscover more from Decrypting a Defense NewsletterA newsletter from The Legal Aid Society of NYC's Digital Forensics Unit, discussing the intersection of digital forensics, surveillance technology, and the legal world.SubscribeContinue readingSign in Clearview AI Book, NYPD Robots, School Facial Recognition Ban, AirTags & MoreVol. 4, Issue 10The Digital Forensics UnitOct 2, 2023Share this postClearview AI Book, NYPD Robots, School F...

Doug Burks at Security Onion

We've just released Security Onion Essentials training for our new Security Onion 2.4 platform and it's FREE! You can find it on our website at://securityonion.net/training Posted by Doug Burks at 11:20 AM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: security onion, security onion training, securityonion, securityonion training, training No comments: Post a Comment Newer Post Older Post Home Subscribe to: Post Comments (Atom) Security Onion Security Onion is a f...

In August, we released Security Onion 2.4 and mentioned that a 2.3 End Of Life (EOL) announcement would be coming soon://blog.securityonion.net/2023/08/security-onion-24-has-reached-general.htmlToday, we are announcing that Security Onion 2.3 will reach EOL on April 6, 2024.If you are a current Security Onion Solutions customer with Professional Services or Appliance coverage and have concerns about getting migrated by this date, reach out to Support and we’ll work with you. Keep in mind that Ce...

Oleg Afonin at Elcomsoft

Open-Sourcing Orange Pi R1 Plus LTS Software for Firewall Functionality: Secure Sideloading of Extraction AgentBest Practices in Mobile Forensics: Separating Extraction and AnalysisApple iCloud Acquisition: A Lifeline for Forensic ExpertsiOS Device Acquisition: Installing the Extraction AgentiOS Forensic Toolkit Tips & TricksLow-level Extraction for iOS 16 with iPhone 14/14 Pro SupportOpen-Sourcing Raspberry Pi Software for Firewall Functionality: Secure Sideloading of Extraction AgentLow-level ...

Fabian Mendoza at AboutDFIR

AboutDFIR Site Content Update – 10/06/2023 By Fabian MendozaOn October 6, 2023October 5, 2023 Tools & Artifacts – Windows – new entries added – ScreenConnect – From ScreenConnect to Hive Ransomware in 61 hours, UserAssist – Decoding Windows Registry Artifacts with Belkasoft X: UserAssist, USB Devices – Automated USB artefact parsing from the Registry Tools & Artifacts – iOS – new entry added – iOS15 – iOS 15 Image Forensics Analysis and Tools Comparison – Processing details and general device in...

Forensic Focus

Jason Wilkins

Maxim Suhanov

CVE-2023-4692, CVE-2023-4693: vulnerabilities in the GRUB boot manager October 3, 2023October 4, 2023 ~ msuhanov The GRUB boot manager is more an operating system than a boot loader. For example, it has more than 20 file system types supported! This is a really wide attack surface… And, currently, GRUB is the default choice in the Secure Boot implementation using Microsoft-signed shims (but things are moving forward). Some time ago, I discovered two vulnerabilities (or three vulnerabilities, if ...

Rakesh

Unveiling the Hidden Secrets: Delving into the Unexplored Realm of Automobile Forensics in the Digital AgeRakesh·Follow6 min read·Sep 29--ListenShareIntroductionIn the relentless pursuit of justice, the field of automobile forensics has evolved over the years, keeping pace with emerging digital advancements. The convergence of technology and forensic investigations has opened up a world of possibilities, unearthing hidden secrets within the automotive industry.Understanding Automobile ForensicsA...

Wilklins Nyatteng at System Weakness

Day 3: Understanding Threat Actors — A Closer Look at Cybercriminals and Their MotivationsWilklins Nyatteng·FollowPublished inSystem Weakness·4 min read·5 days ago--ListenShare//home.sophos.com/en-us/security-news/2021/what-is-a-threat-actorWelcome back, my fellow digital detectives! In my previous chapters, I’ve been on an exciting journey through the cyber world. Today, let’s take a magnifying glass to the intriguing personalities that make up the cybercriminal landscape, including hackers, sc...