本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
MISCELLANEOUS
Fabian Mendoza at AboutDFIR
AboutDFIR Site Content Update – 10/27/2023 By Fabian MendozaOn October 27, 2023October 23, 2023 Home – new page created – AWS Home – new page created – Google Cloud Home – new page created – Google Workspace Home – new page created – Microsoft Azure Home – new page created – Microsoft 365 Jobs – old entries cleaned up, new entries added – Arete, Eli Lilly and Company, Fortinet, modePUSH, State Street, Sygnia, Uber Tools & Artifacts – Android – new entries added – Google Maps – Finding Phones wit...
ADF Solutions
Posted by ADF Solutions on October 24, 2023 Find me on: Facebook LinkedIn Twitter Tweet IRVINE, Calif., Oct. 24, 2023 (GLOBE NEWSWIRE) -- Exterro Inc., (“Exterro”), the developer of FTK® solutions, the preferred choice of forensic investigations and the leading provider of Legal GRC software specifically designed for in-house legal, privacy, and IT teams at Global 2000 and AmLaw 200 organizations, and ADF Solutions, Inc. (“ADF Solutions”), the creator of rapid mobile evidence acquisition tools t...
Cado Security
CrowdStrike
October 23, 2023 CrowdStrike Services From The Front Lines The CrowdStrike Incident Response Executive Preparation Checklist is a template to help organizations consider the roles of their executives before, during and after an incident. CrowdStrike tabletop exercise delivery teams have leveraged this checklist in engagements with Fortune 500 leadership and Boards of Directors. The checklist addresses our most common findings from tabletop exercises: undefined responsibilities for executives, la...
Doug Burks at Security Onion
Security Onion 2.4 Feature o' the Day - Dynamic Observable Extraction in SOC Cases Security Onion 2.4 includes lots of new features! SOC Cases now supports dynamic observable extraction! For example, we escalated this alert to a case:Going to Cases and then the Events tab, we see the escalated alert:Going to the Observables tab, we see that the IP addresses were automatically extracted as observables:You can read more about Cases and Observables in our documentation://docs.securityonion.net/en/2...
Security Onion 2.4 Feature o' the Day - SOC can now import PCAP and EVTX files Security Onion 2.4 includes lots of new features! SOC can now import PCAP and EVTX files!You can read more about this in our documentation://docs.securityonion.net/en/2.4/grid.html#icons-in-lower-left-cornerMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog.securityonion.net/search/label/feature%20o%27%20the%20dayYou can also check out ou...
10% Early Bird discount for Security Onion Fundamentals for Analysts & Threat Hunters Class in December 2023! We've scheduled the next run of our 4-day Security Onion Fundamentals for Analysts & Threat Hunters class!Use promo code earlybird by November 3, 2023 to receive 10% off!For more details and to register, please see://securityoniondec2023.eventbrite.com/If you have any questions about this class, please use the Contact link on the bottom of the Eventbrite page.For other training options, ...
Security Onion 2.4 Feature o' the Day - Manage User Accounts via SOC Security Onion 2.4 includes lots of new features! You can now manage user accounts via SOC!When you drill into a user account, you can:change first and last nameupdate the Note fieldmodify the user rolesreset the user passwordlock the user accountdelete the user accountYou can read more about this in our documentation://docs.securityonion.net/en/2.4/administration.html#usersMore Security Onion 2.4 FeaturesTo see other Security ...
Security Onion 2.4 Feature o' the Day - Manage Nodes via SOC Security Onion 2.4 includes lots of new features! You can now add and remove nodes from SOC's Administration section:You can read more about this in our documentation://docs.securityonion.net/en/2.4/administration.html#grid-membersMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog.securityonion.net/search/label/feature%20o%27%20the%20dayYou can also check ...
Security Onion 2.4 Feature o' the Day - SOC Grid Improvements Security Onion 2.4 includes lots of new features! SOC's Grid interface has been much improved to show more status information about your nodes:You can read more about this in our documentation://docs.securityonion.net/en/2.4/grid.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog.securityonion.net/search/label/feature%20o%27%20the%20dayYou can also ch...
Forensic Focus
Four Must-Haves For Efficient Incident Response Analysis And Investigation
Introducing The AFCE Certification (Amped FIVE Certified Examiner)
Howard Oakley at ‘The Eclectic Light Company’
[…] LikeLike 6 Maurizio on October 29, 2023 at 1:19 pm Reply Ntfs is fully able to manage macos datadtream with alternate data stream , but data are preserved only on local ntfs copy as apfs , so both world will never talk eachoter LikeLiked by 1 person 7 hoakley on October 29, 2023 at 10:36 pm Reply Thank you. Howard. LikeLike Leave a Reply Cancel reply Δ This site uses Akismet to reduce spam. Learn how your comment data is processed. Quick LinksDownloads Mac Troubleshooting Summary M1 & M2 Mac...
MSAB
/ Updates / Interim Report Q3, July – September 2023 Interim Report Q3, July – September 2023 Webinar 10:00 am: //investors.msab.com/investors/presentations/ Summary July – September 2023 Net sales amounted to SEK 108.0 (93.7) million, an increase of 15 percent compared with the corresponding period last year. Adjusted for currency fluctuations, growth amounted to 10 percent. EBIT amounted to SEK 25.1 (8.7) million, corresponding to an EBIT margin of 23.2 (9.2) percent. Profit after tax amounted...
Nick Pockl-deen
Another year, another Australian Information Security Association (AISA) CyberCon in Melbourne! Always super excited to head down and watch the talks of what the cyber people have uncovered over the past 12 months. Although I didn’t get to nearly as many talks as I would have liked, with so many streams it was hard to pick and choose. However this post will share the insights that I learned and overall takeaways from the three day conference. DAY 1 The first day of the conference saw a large foc...
Plainbit
장원희 2023년 10월 25일 11 분 소요 Techno Security & Digital Forensics Conference 포스터DFIR(Digital Forensics & Incident Response) 컨퍼런스 중 대표적인 컨퍼런스는 "Techno Security & Digital Forensics", "SANS DFIR Summit & Tranning, FIRST Conference가 있다. 이 중 Techno Security & Digital Forensics Conference 가 가장 크게 운영되는 DFIR 컨퍼런스이며, 2021년까지 연 1회로 진행되다가 2022년부터 연 2회(6월, 9월) 진행되고 있다. 지난 9월에 미국 로스앤젤레스에서 진행된 Techno Security & Digital Forensics Conference 2023 (이하, Techno 컨퍼런스) 컨퍼런스에 대해 내용을 공유하고자 한다. 컨퍼런스 소개Techno Security & Dig...
현주연 2023년 10월 25일 4 분 소요 실제 현장에서 데이터 수집 시 전체 데이터가 아닌 사건과 관련된 데이터만 선별 수집하는 것이 원칙이다. 따라서, 선별 수집한 데이터를 분석하는 경우가 많으며 선별 수집 데이터는 다양한 도구를 활용해 분석할 수 있다. 이 글에서는 선별 수집 데이터를 AXIOM으로 분석한 내용을 공유하고자 한다.AXIOM 증거 소스 유형 중 선별 수집 데이터를 추가할 수 있는 유형선별 수집 데이터는 AXIOM Process에서 이미지(Image)나 파일 및 폴더(Files & Folders)로 불러올 수 있다. AXIOM을 개발한 Magnet Forensics는 파일 및 폴더 형식으로 불러오는 것을 추천하고 있다. KAPE를 이용해 선별 수집한 Chrome 데이터를 이미지(Image) 방식으로 AXIOM에 추가했을 때 별도의 오류 없이 정상 추가된 것을 확인할 수 있었다.선별 수집 데이터가 AXIOM에 정상적으로 추가된 모습또한, PC나 모바일 이미지를 추가...
Robin Dimyan
A Threat is not a Threat Actor!Robindimyan·Follow7 min read·5 days ago--ListenShareIn this article, we will discuss how the concept of ‘threat’ is conceptualized in cybersecurity. We will present criticisms of the classical approach, pointing out its inconsistencies with the parameters of the cyber world. Following this, we will suggest a more pragmatic definition of threat.In the discipline of cybersecurity, there exists a common formula for ‘threat’. As is widely known, this formula is:Threat ...
Sue Poremba at Security Intelligence
If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was so difficult ...
