本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成＆投稿したものです。4n6 は こちら からご確認いただけます。

PRESENTATIONS/PODCASTS

ArcPoint Forensics

• Day 1 of the 12 Days of DFIRmas w. Rob Fried

YouTube video

• Day 2 of the 12 Days of DFIRmas w. Heather Mahalik Barnhart

YouTube video

Black Hills Information Security

• Talkin’ About Infosec News – 12/06/2023

The Simplest and Last Internet-Only ACL You’ll Ever Need OSINT for Incident Response (Part 1) Back to top Black Hills Information Security 890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447) © 2008-2023 About Us | BHIS Tribe of Companies | Privacy Policy | Contact Links Search the site

• Rapid Windows Endpoint Investigations with Velociraptor & KAPE w/ Patterson

YouTube video

• OSINT for Incident Response (Part 1)

| Patterson Cake Being a digital forensics and incident response consultant is largely about unanswered questions. When we engage with a client, they know something bad happened or is happening, but they are uncertain of the “how, when, where, and why.” A significant component of our job is to tease out the “known knowns,” the “known unknowns,” and effectively and efficiently help the client answer the following: Have we been compromised? If “yes,” then: How long have we been compromised? (“dwel...

Breaking Badness

• 174. Pick Your DNS Cache Poison

Cellebrite

• Cellebrite Pathfinder Assists in Consolidating & Analyzing Vast Data Sets for Law Enforcement

YouTube video

Check Point

• Iran’s Most Advanced Cyber Attack Yet

Cisco’s Talos

• Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos’ Year in Review report

Beers with Talos Talos Takes About Search Blog Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos' Year in Review report By Mitch Neff Wednesday, December 6, 2023 05:41 2023YiR Year In Review In this episode the Beers with Talos team, led by special guest Dave Liebenberg, set out to save Thanksgiving. The TurkeyLurkey man is the hero that everybody needs, but perhaps don't deserve.For fans and opposers of Dave's Ranksgiving list, you'll be pleased to know he's back with a...

Cyber Social Hub

• Barry Bonds and Digital Forensics: Privileged Documents and Efficient Review

How does a Major League Baseball player impact how we do forensics today? We will take a trip back in time and discuss the court case US vs Comprehensive Drug Testing. Let's discuss the background, mistakes made, and what we can learn and apply to our digital investigations today. We will then take a look at how we can leverage modern forensic software to make the process of working with privileged data more efficient and more reliable.Key Learnings:Learn some key legal considerations when inves...

CYBERWOX

• Investigating Data Exfiltration in AWS Cloud

YouTube video

Detection: Challenging Paradigms

• Episode 36: Chris Thompson

Detection: Challenging ParadigmsDec 04, 2023Share00:0054:12Episode 36: Chris ThompsonChris Thompson (@_Mayyhem on X) joins Jared and Luke on this episode of DCP! Chris has led the charge on offensive research into System Center Configuration Manager (SCCM), and shares his insight into this often overlooked aspect of the threat landscape! Resources: #sccm on the BloodHoundGang slack workspace: //bloodhoundgang.herokuapp.com/ //medium.com/@MayyhemDec 04, 202354:12Episode 35: Luke JenningsDCP is ba...

Digital Forensic Survival Podcast

• DFSP # 407 – More About Lateral Movement and Kerberos

Eclypsium

• BTS #18 – Defending Against Supply Chain Attacks – Bri Rolston

Hacker Valley Blue

• Ransomware: How to Use AI to Create a Readiness Kit with Scott Sutherland

YouTube video

Hardly Adequate

• Hardly a Week 49 December 6, 2023

My Blog • Discord • Socials LinkedIn Twitter • Youtube • Podcasts Hardly Adequate Forensic Focus • CTF • Shop Meet the Team Desi currently works for Dragos and believes in the mission to protect civilisation. He is also a podcast host, educator, student, mentor, ctf player & designer. All his spare time is taken up by fitness, gaming, and of course his dogs. Moxie loves humans and will always take out your shins for a pat. She is on the fence about soft toys but is a firm believer that squeakers...

Huntress

• macOS Malware Persistence

YouTube video

• The Current State of Mac Malware

YouTube video

• How Hackers Are “Blending In” to Evade Detection

YouTube video

InfoSec_Bret

• IR -SOC216-170 – Suspicious MSI Installation

YouTube video

Insane Forensics

• Volt Typhoon: Unpacking State Sponsored Living-Off-the-Land Attacks on Critical Infrastructure

YouTube video

Intel471

• Cybercrime Exposed Podcast: Social Engineering

Dec 06, 2023 Bluma Janowitz is a social engineer and red team agent. She specializes in what are called red-teaming exercises, which are designed to test an organization’s defenses against malicious hackers. She might try to trick employees into giving up sensitive information over the phone or drop USB drives in places where curious people might put them in their computers. She talks her way into buildings and does discreet Wi-Fi scans, taking photos along the way. These techniques are known as...

John Hammond

• Writing Custom Malware: Import Address Table Hooking

YouTube video

• Digital Forensics with FTK Imager (TryHackMe Advent of Cyber Day 8)

YouTube video

Magnet Forensics

• An Overview of Magnet WITNESS

YouTube video

• Magnet Virtual Summit 2024: The Virtual DFIR Event of the Year is Back!

YouTube video

• What to Expect in the Magnet Virtual Summit CTF

YouTube video

Malwarebytes

• Why a ransomware gang tattled on its victim, with Allan Liska: Lock and Code S04E24

Posted: December 4, 2023 by David Ruiz This week on the Lock and Code podcast… Like the grade-school dweeb who reminds their teacher to assign tonight’s homework, or the power-tripping homeowner who threatens every neighbor with an HOA citation, the ransomware group ALPHV can now add itself to a shameful roster of pathetic, little tattle-tales. In November, the ransomware gang ALPHV, which also goes by the name Black Cat, notified the US Securities and Exchange Commission about the Costa Mesa-ba...

MSAB

• XRY and Python Scripts – #MSABMonday

YouTube video

Nicolas Brulez at Hexorcist

• Unpacking and IDA Processor Training Course

YouTube video

Paraben Corporation

• Ring Compliance Data Processing

YouTube video

RickCenOT

• Breakdown “PWN’ing a Moxa NPort W2150A with OS Command Injection and establishing a backdoor”

YouTube video

SentinelOne

• LABScon Replay | The Cyber Arm of China’s Soft Power: Reshaping a Continent

LABScon / December 6, 2023 In his keynote at LABScon23, SentinelLabs’ Principal Threat Researcher Tom Hegel addressed a crucial but often overlooked aspect of global cybersecurity: cyber threat activity in less-monitored regions, particularly Africa. Focusing on China’s strategic use of soft power across the African continent, Hegel provides a compelling analysis of how technology and investments are wielded as tools of influence and control. Highlighting its significant investments in key secto...

The CyberWire

• On the hunt for popping up kernel drives.

SubscribeApple PodcastsApple PodcastsGoogle PodcastsCastboxOvercastOvercastSpotifyRSSShow NotesDana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access.TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TA...