本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
MISCELLANEOUS
Atola
Brian Maloney
Pages Home All Things Symantec All Things OneDrive Tools Wednesday, December 13, 2023 What's New in OneDriveExplorer Key updates There are a couple of improvements to this version of OneDriveExplorer (ODE). First off, the much needed update to the json output. This will make it easier to add new elements and removes all the unneeded ones. The next improvement was to the status column. The various statuses have been figured out so you will no longer see a number next to the unknown ones. With the...
Paul Stamp at Cado Security
Doug Burks at Security Onion
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Monday, December 11, 2023 Security Onion 2.4 Feature o' the Day - Configure Strelka Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Strelka:You can read more about this in our documentation://docs.securityonion.net/en/2.4/strelka.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Tuesday, December 12, 2023 Security Onion 2.4 Feature o' the Day - Configure Suricata Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Suricata:You can read more about this in our documentation://docs.securityonion.net/en/2.4/suricata.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Wednesday, December 13, 2023 Security Onion 2.4 Feature o' the Day - Configure Telegraf Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Telegraf:Telegraf is used for InfluxDB and you can read more about this in our documentation://docs.securityonion.net/en/2.4/influxdb.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our ot...
Security Onion Blog Security Onion Peel Back the Layers of Your Enterprise Thursday, December 14, 2023 Security Onion 2.4 Feature o' the Day - Configure Zeek Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Zeek:You can read more about this in our documentation://docs.securityonion.net/en/2.4/zeek.htmlMore Security Onion 2.4 FeaturesTo see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts://blog.securi...
Elan at DFIR Diva
Posted on December 14, 2023 by DFIR Diva DFIR Reviews 0 I recently became an affiliate of Coursera and saw that they had specializations in both Computer Forensics and Cyber Incident Response. I didn’t know of anyone who completed them, so I decided to see what they were like before listing them on the Free & Affordable Training Site. Cost: Coursera offers a 7-day free trial. I was able to complete both specializations within the 7 days, so it is possible to complete these for free. They are par...
Erik Hjelmvik at Netresec
Network Forensics Training - Spring 2024 I will teach two live online network forensics classes in March, one on European morning time, and the other on US morning time. The subject for both classes is network forensics in an incident response context. The training is split into four interactive morning sessions, so that you have the afternoon free to either practice what you learned in class or catch up with your “normal” day job. The number of attendees will be limited in order to provide a go...
Fabian Mendoza at AboutDFIR
AboutDFIR Site Content Update – 12/15/2023 By Fabian MendozaOn December 15, 2023December 14, 2023 Jobs – old entries cleaned up, new entries added – AWS, Booz Allen Hamilton, CDW, Cyderes, Palo Alto Networks Unit 42, State Street, Verizon Challenges & CTFs – new entry added – CTF Walkthrough – Cellebrite CTF 2023 – Sharon (Forensafe) Tools & Artifacts – AWS – new entry added – CloudTrail – AWS CloudTrail Forensics – HTB Nubilum-1 Tools & Artifacts – iOS – new entry added – iTunes Backups – The P...
Mark Shelhart at Foregenix
5 reasons why IT Shouldn't Lead HR Incidents or Policy Violation Investigations Forensics and Incident Response, DFIR 12 December, 2023 Mark Shelhart 2 min read SHARE SUBSCRIBE In today's digital age, human resources (HR) incidents and policy violations are becoming increasingly complex and sensitive. It's not just about documenting issues and implementing policies; it's also about conducting impartial investigations that ensure fairness, transparency, and compliance. While many organisations of...
Forensic Focus
HackTheBox
Luke Bradley
Report this article Luke Bradley Luke Bradley Director, SouthEast Asia and Australia at Alvarez and Marsal | Disputes and Investigations | Forensic Technology Services Published Dec 11, 2023 + Follow Navigating the twists and turns of data collection amidst the intricacies of restructuring and company insolvency can feel like a maze. Listed below are my "Top 12" considerations" relating to the collection of business related data in a forensically sound and legally admissible manner. Data Integra...
Microsoft Security
Your current User-Agent string appears to be from an automated process, if this is incorrect, please click this link:United States English Microsoft Homepage
Joachim Metz at Open Source DFIR
Get link Facebook Twitter Pinterest Email Other Apps By Joachim Metz December 14, 2023 Running GRR everywhrrAuthored by Dan Aschwanden and Mikhail Bushkov, copied with permission.IntroductionGRR Rapid Response (or GRR) is an incident response framework focusing on remote live forensics. GRR consists of client and server parts which communicate with each other leveraging the Fleetspeak communication framework. In this blog post we investigate how GRR and Fleetspeak can be operated in a microservi...
Oxygen Forensics
. December 11, 2023 Oxygen Forensics’ Oxygen Corporate Explorer makes it easier to efficiently manage corporate digital investigations. Speak with an Expert Back in olden times (like, a decade ago), an internal investigation involving corporate data was fairly straightforward. With most organizations using a castle-and-moat security strategy, and the majority of employees using company networks and devices, downloading data from on-premises servers was a relatively simple task. But the data expl...
SANS
Dean Parsons A Look at the SANS Sponsorship Program Reach the right audience, at the right time, with the right message with the SANS Sponsorship Program. December 11, 2023 ICS SECURITY IN THE FIELDWith my firm ICS Defense Force, I perform industrial control system (ICS) security assessments, incident response tasks, and incident response tabletop exercises across multiple critical infrastructure sectors, globally. Some of the sectors in which I work include oil and gas, water, electric power ge...
Chester Wisniewski at Sophos
Why the new US regulatory disclosure requirements work for the defenders, not the criminals Written by Chester Wisniewski December 14, 2023 Threat Research ALPHV ransomware CIRCIA featured Final Rule SEC As cybercrime, especially ransomware, has dramatically increased over the last 20 years, it should come as no surprise that both criminal investigations and financial regulations have come with this crime wave – faster in some regions of the world, slower in others. As the United States prepares...
Snigdha Basu at The Citizen Lab
Siena Anstis, Senior legal advisor at The Citizen Lab in a recent publication in the prestigious peer review journal International and Comparative Law highlights the urgent need for an international treaty to tackle digital transnational repression. The ICLQ is the journal of British International and Comparative Law, and is published by Cambridge University Press. In this article, Siena argues that the absence of an international law to prevent transnational repression permits states or entitie...
