本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成＆投稿したものです。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Fabian Mendoza at AboutDFIR

• AboutDFIR Site Content Update – 12/08/2023

AboutDFIR Site Content Update – 12/08/2023 By Fabian MendozaOn December 8, 2023December 4, 2023 Jobs – old entries cleaned up, new entries added – Accenture, Booz Allen Hamilton, CDW, Cloudflare, Moderna, NCC Group Tools & Artifacts – Android – new entry added – Viber – Investigating Android Viber Tools & Artifacts – DVR/Multimedia – new entry added – Video/Image Analysis – Increase Exposure of Dark Footage Tools & Artifacts – Google Workspace – new entry added – Gmail – Dots do matter: Why dots...

Adam Goss

• Kraven Security Website Launch!

Adam Goss·Follow7 min read·6 days ago--ShareI am excited to announce that the Kraven Security website is now live!This interactive platform lets you learn all things cyber threat intelligence, threat hunting, and custom tooling completely for free: no subscriptions, paywalls, or content restrictions. You can go from zero to hero without worrying about breaking the bank. Whether you want to break into the cyber security industry or elevate your skills, the site has you covered.But why launch a we...

Blaze’s Security Blog

• Fara: Faux YARA

FARA, or Faux YARA, is a simple repository that contains a set of purposefully erroneous Yara rules. It is meant as a training vehicle for new security analysts, those that are new to Yara and even Yara veterans that want to keep their rule writing (and debugging) sharp.Example "faux" ruleFind it over on Github://github.com/bartblaze/FARA Posted by Bart at 8:09 PM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: dailyyara, fara, yara, yara rules No comments: Post a ...

Censys

• Introducing Censys Search Solo

Doug Burks at Security Onion

• Security Onion 2.4 Feature o’ the Day – Configure Redis

Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Monday, December 4, 2023 Security Onion 2.4 Feature o' the Day - Configure Redis Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Redis:You can read more about this in our documentation://docs.securityonion.net/en/2.4/redis.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog.securi...

• Security Onion 2.4 Feature o’ the Day – Configure Sensor Settings

Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Tuesday, December 5, 2023 Security Onion 2.4 Feature o' the Day - Configure Sensor Settings Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure sensor settings:You can read more about this in our documentation://docs.securityonion.net/en/2.4/administration.html#configurationMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other...

• 4-month End Of Life (EOL) reminder for Security Onion 2.3

We recently announced the End Of Life (EOL) date for Security Onion 2.3://blog.securityonion.net/2023/10/6-month-eol-notice-for-security-onion-23.html2.3 EOL is now 4 months away. If you haven't already, please make plans to move to Security Onion 2.4. If you would like to migrate your data from 2.3 to 2.4, you can find an overview of the process at://docs.securityonion.net/en/2.4/appendix.html at 8:49 AM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: 2.3 eol, eol...

• Security Onion 2.4 Feature o’ the Day – Configure Sensoroni

Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Wednesday, December 6, 2023 Security Onion 2.4 Feature o' the Day - Configure Sensoroni Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Sensoroni:You can read more about this in our documentation://docs.securityonion.net/en/2.4/cases.html#configuring-analyzersMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o'...

• Security Onion 2.4 Feature o’ the Day – Configure SOC

Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Thursday, December 7, 2023 Security Onion 2.4 Feature o' the Day - Configure SOC Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure SOC:You can read more about this in our documentation://docs.securityonion.net/en/2.4/soc-customization.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://b...

• Security Onion 2.4 Feature o’ the Day – Configure Soctopus and Sigma

Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Friday, December 8, 2023 Security Onion 2.4 Feature o' the Day - Configure Soctopus and Sigma Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Soctopus to adjust Sigma rules:You can read more about this in our documentation://docs.securityonion.net/en/2.4/playbook.html#adding-additional-rulesetsMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 featur...

Forensic Focus

• Investigating A Malware Attack Using Binalyze AIR’s Investigation Hub

• Digital Forensics Round-Up, December 07 2023

• Forensic Focus Digest, December 08 2023

Kelvin W

• The Value of Cybersecurity Certifications

Open in appSign upSign inWriteSign upSign inMember-only storyGetting the Value Out of Cybersecurity CertificationsReshape how you think about them.Kelvin Winborne·Follow3 min read·21 hours ago--ShareIntroI’ve talked before about how the sheer volume of potential certifications can contribute to cyber student and professional burnout, in what is essentially “There’s too much to learn but not enough time.”I’ve also talked before about how some trying to get into cyber place too much emphasis on ge...

Julien Legras and Mehdi Elyassa at Synacktiv

• Using ntdissector to extract secrets from ADAM NTDS files

Rédigé par Julien Legras , Mehdi Elyassa - 06/12/2023 - dans Outils , Pentest - Téléchargement During the development of ntdissector, we stumbled upon an AD Lightweight Directory Services (LDS) instance used by an internal application of a customer to store data. Just like AD DS, AD LDS stores the data inside a dit file: adamntds.dit. However, all known tools failed to parse this file while it looks a lot like a NTDS.dit file. In our research, we eventually found an article in cache already ...

Mary Ellen Kennel

• MaryEllen’s (@icanhaspii) Holiday Hack 2023 CheatSheet_v2.0

ログイン

• icanhaspii-CTF CheatSheet

These are my CTF Hacks! I hope you enjoy! [Linux Analysis Commands] [Linux Analysis Commands Julia Evans' CheatSheet] Thank you Julia Evans! See more of her art here: //wizardzines.com [Linux Analysis Commands - file] Run this to determine what type of file you are dealing with: [Linux Analysis Commands - binwalk] Run this to view a summary of the file contents: [Linux Analysis Commands - strings] Run this to get the list of printable characters from files. You can even run strings on a Pcap! Or...

Nextron Systems

• Introducing the Nextron Community Discord Server

by Florian Roth | Dec 8, 2023 We are pleased to announce the launch of the Nextron Community Discord Server, a dedicated space for technical dialogue and support for Nextron’s range of products. This server aims to facilitate a deeper understanding and more effective use of our solutions. Key Features of the Nextron Discord Server Technical AssistanceOur server provides an avenue for quick and detailed assistance regarding our products. Whether you’re encountering an issue or need clarification ...