本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
MISCELLANEOUS
Abhiram Kumar
DFIR Volatility Abhiram Kumar Nov 08, 2023 A detailed guide to compile your Volatility 2.6.1 and 3 binaries for Windows Introduction Volatility is a popular Python-based memory analysis framework which is used by almost everyone interested in memory forensics. I like many use the tool by directly running the script in Python but I have seen quite a few scenarios where having the tool as an executable binary is much preferred. Also though Volatility 2.6.1 is no longer being developed it is still ...
Fabian Mendoza at AboutDFIR
AboutDFIR Site Content Update – 11/10/2023 By Fabian MendozaOn November 10, 2023November 10, 2023 Challenges & CTFs – new entry added – CTF Walkthrough – Huntress Capture The Flag – A CTF Marathon (Doug Metz) Jobs – old entries cleaned up, new entries added – Palo Alto Networks Unit 42, Paramount, Rapid7, SentinelOne Tools & Artifacts – Android – new entries added – Android Acquisition – Data Extraction Cheatsheet, Android – Playstore – Investigating Android Playstore Search History Tools & Arti...
Jonathan Tanner at Barracuda
Manny Kressel at Bitmindz
Doug Burks at Security Onion
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Monday, November 6, 2023 Security Onion 2.4 Feature o' the Day - Configure Elastic Fleet Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Elastic Fleet:You can read more about this in our documentation://docs.securityonion.net/en/2.4/elastic-fleet.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day ...
We recently announced the End Of Life (EOL) date for Security Onion 2.3://blog.securityonion.net/2023/10/6-month-eol-notice-for-security-onion-23.html2.3 EOL is now 5 months away. If you haven't already, please make plans to move to Security Onion 2.4. If you would like to migrate your data from 2.3 to 2.4, you can find an overview of the process at://docs.securityonion.net/en/2.4/appendix.html at 9:30 AM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: 2.3 eol, eol...
Security Onion Solutions has been teaching Security Onion classes since 2014. Since that time, we've taught students around the globe to help them peel back the layers of their enterprise and make their adversaries cry.Our next class is in December. Why should you sign up? Here are the top 5 reasons!1. Amazing instructorsOur instructors are not like other instructors that just read from a slide deck. Security Onion Solutions instructors have years of experience in threat hunting, enterprise secu...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Tuesday, November 7, 2023 Security Onion 2.4 Feature o' the Day - Configure Elasticsearch Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Elasticsearch:You can read more about this in our documentation://docs.securityonion.net/en/2.4/elasticsearch.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Wednesday, November 8, 2023 Security Onion 2.4 Feature o' the Day - Configure Firewall Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure the host-based firewall:You can read more about this in our documentation://docs.securityonion.net/en/2.4/firewall.html#host-firewallMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Fe...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Thursday, November 9, 2023 Security Onion 2.4 Feature o' the Day - Configure Global Settings Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure global settings:You can read more about this in our documentation://docs.securityonion.net/en/2.4/administration.html#configurationMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our othe...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Friday, November 10, 2023 Security Onion 2.4 Feature o' the Day - Configure Host Settings Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure host settings:You can read more about this in our documentation://docs.securityonion.net/en/2.4/administration.html#configurationMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Fea...
Doug Metz at Baker Street Forensics
Installing REMnux on a MacBook Pro DFIR, Forensics, Mac, Malware I had an older MacBook Pro (15-inch, 2.53GHz, Mid 2009) that had been unused for a while as it was no longer getting updates from Apple. It’s one of the Intel chip ones and last ran Monterey. I pulled it out of the closet and decided to give it a refresh by installing REMnux on it. The process was pretty straightforward, but there were a couple things noted along the way I thought I’d share. Start off by downloading the Ubuntu 20.0...
Forensic Focus
ADF Solutions Elevates Digital Forensics With Private Server Cloud Platform
Podcast #70 Recap: 2023 E-Crime Symposium: Cutting Edge Topics In Digital Forensics
Digit Oktavianto at MII Cyber Security
Lesson Learned From Dragos CTF 2023Digit Oktavianto·FollowPublished inMII Cyber Security Consulting Services·2 min read·6 days ago--ListenShareDragos held a CTF in 2023 that focusing in ICS/OT Defensive Security and DFIR. This CTF event is very interesting, since we can learn a lot of use case in ICS/OT industry, such as the common protocols used in ICS/Scada environment, and a lot of new things that i just knew during the event.Some of the challenges includes Packet Analysis in CIS Protocols (M...
MITRE Engage™
MITRE Engage™ Benefactor ProgramMITRE Engage·FollowPublished inMITRE Engage™·2 min read·3 days ago--ListenShareThe MITRE Engage project has started a new Benefactor Program where private organizations can now directly support and help sustain the Engage framework. With the help of MITRE Engenuity’s Center for Threat-Informed Defense, the Benefactor Program enables the global community to financially advance critical, public interest cybersecurity programs such as MITRE ATT&CK®, MITRE Caldera™, M...
MobilEdit
November 8, 2023 Jan Valnoha We are excited to unveil a game-changer in online training: the MOBILedit Academy! Our platform is crafted with precision to offer an intuitive learning journey for both newcomers and veterans in digital forensics. For our demo users: Embark on a seamless adventure through the initial steps of our software, designed to make your first experience as enriching as possible.For the pros: Elevate your expertise with our advanced classes, diving deep into the most sophisti...
Oxygen Forensics
. November 06, 2023 There are so many digital forensic solutions and tools on the market. Are you asking the right questions before choosing the right digital forensic software? Learn more. Contact Us When considering the purchase of digital forensic software, it’s important to ensure that the software meets your specific requirements and will help you effectively investigate and analyze digital evidence. To fully prepare for this potentially expensive purchase, you need to understand the full e...
. November 07, 2023 Extract VeraCrypt app and encryption keys. Have the ability to decrypt drives, partitions, and separate files with the password, encryption keys, or key files. Get a Free Trial VeraCrypt, previously known as TrueCrypt, is an open-source utility for on-the-fly encryption. The software can create a virtual encrypted disk that works just like a regular disk but within a file. It can also encrypt a partition or the entire storage device with pre-boot authentication. Although data...
Ryan McGeehan
Lessons from the SEC’s Lawsuit against SolarWinds and Tim BrownRyan McGeehan·FollowPublished inStarting Up Security·10 min read·5 days ago--ListenShareA few days ago, the SEC filed a lawsuit against SolarWinds and their CISO that shares some similarities with the blameless post-mortem of the case against Joe Sullivan I wrote around this time last year.I took the time to give the complaint a thorough read. As usual, I am only interested in lessons for security organizations and not interested in ...
Salvation DATA
Knowledge 2023-11-08 Content Overview Why Are Mobile Forensics Critical to a Digital Forensics investigation? What Are Most Popular Mobile Forensics Tools in 2023? What Are the Steps in the Mobile Forensics Process? How Much Does Mobile Forensics Cost? How to Choose the Right Mobile Forensics Tool? Summary Content Overview Why Are Mobile Forensics Critical to a Digital Forensics investigation? What Are Most Popular Mobile Forensics Tools in 2023? What Are the Steps in the Mobile Forensics Proces...
SANS
Philip Hagen Next Generation FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response The FOR572: Advanced Network Forensics and Analysis update includes a massive overhaul to the enterprise-scale incident response scenario & dataset. November 6, 2023 DOWNLOAD THE COURSE UPDATE FLYER HERESANS is releasing a major update to FOR572, Advanced Network Forensics and Analysis: Threat Hunting, Analysis, and Incident Response. This course release includes a massive overhaul t...
