解析メモ

マルウェア解析してみたり解析に役に立ちそうと思ったことをメモする場所。このサイトはGoogle Analyticsを利用しています。

4n6 Week 20 – 2024 - SOFTWARE UPDATES

本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。

SOFTWARE UPDATES

Sergiy Pasyuta at Atola

Published by Sergiy Pasyuta on May 16, 2024 iSCSI network protocol allows remote access to physical or logical devices. In the DFIR domain, it is primarily used for imaging drives that are soldered into a motherboard, working servers that couldn’t be turned off, or devices for which you have legal warrant to access but not seize. In the enterprise segment, iSCSI also could help with replication of an image to multiple computers over a network. However, to expose a physical or logical drive via i...

Amped

Marco Fontani May 16, 2024 Reading time: 8 min Advanced deepfake detection capabilities are coming into Amped Authenticate with this latest update, plus new tools and features for the Video mode! Dear friends, we’re excited to announce another massive update to Amped Authenticate! We’re adding a new filter for detecting deepfake images created with diffusion models, specifically Midjourney, Dall-E, and Stable Diffusion. We’re empowering the filters of the Video Mode to show plots and frame overl...

Arsenal Recon

Arsenal Image Mounter Arsenal Image Mounter Changelog v3.11.290 Released: 05-10-2024 Free Mode:GeneralMount points in AIM’s main screen are now hyperlinks that open in Windows ExplorerCertain text on AIM’s main screen (Id, Disk device, Signature, volume paths) can now be right-clicked and copiedVirtually mounting archives is now available in Free Mode (as intended with the previous public build, v3.11.282)Licensing system adjusted to work better in multi-user environments with permissions issues...

Hibernation Recon Hibernation Recon Changelog v1.2.3.87 Released: 05-10-2024 Transition to .NET 8Licensing system adjusted to work better in multi-user environments with permissions issuesUpdated readmeHibernation-Recon-v1.2.3.87.zip MD5 Hash = dc9a490bbad3a4abbcc5dbf8de17e0d6 v1.2.2.86 Released: 01-25-2023 Support for the latest builds of Windows 11Significant performance improvement, up to 20%Hibernation-Recon-v1.2.2.86.zip MD5 Hash = 57e8125a593a9cdc93c259f8069f2df8 v1.2.2.85 Released: 09-15-...

Belkasoft

Belkasoft X v.2.5 Belkasoft X v.2.5 Released: Introducing BelkaGPT, a Revolutionary Offline AI-Assistant; Massive Updates In the Mobile Passcode Brute-Force and Other Improvements. What's new in Belkasoft X v.2.5 May 15, 2024 Belkasoft Evidence Center X (Belkasoft X) is Belkasoft's flagship product for digital forensics, cyber incident response, and eDiscovery. Belkasoft X v.2.5 introduces BelkaGPT, a revolutionary offline AI-assistant. In this new release, the Mobile Passcode Brute-Force module...

Belkasoft

+1 (650) 272-0384 Sign in Solutions For Business Boost cyber incident response, eDiscovery and forensics capacity of your organization. For Law Enforcement Acquire, examine and report digital evidence in a forensically sound way. For Academia Learn the art of digital forensics and cyber incident response with Belkasoft's training. Products Belkasoft X Forensic For law enforcement: Acquire, examine and analyze evidence from mobile, computer, drones, cars and cloud sources. Belkasoft X Corporate F...

Brian Maloney

OneDriveExplorer Public Notifications Fork 12 Star 160 Code Issues 3 Pull requests 0 Actions Projects 0 Security Insights Additional navigation options Code Issues Pull requests Actions Projects Security Insights Releases v2024.05.17 v2024.05.17 Latest Latest Compare Choose a tag to compare View all tags Beercow released this 17 May 19:50 v2024.05.17 3ba1144 Change Log Added GUI add lock icon Fixed GUI/commandline fixed empty hash error fixed empty volumeID error fixed empty values in size, shar...

Elcomsoft

The latest update to Elcomsoft Phone Viewer packs multiple improvements, enhancing compatibility with Signal and Telegram data sets extracted from iOS devices via low-level extraction. Elcomsoft Phone Viewer is updated with better compatibility with the latest versions of Signal and Telegram apps. The update improves the handling of chat histories appearing in file system images extracted from various Apple devices with low-level extraction methods. Signal and Telegram are immensely popular mess...

GCHQ

Skip to content Navigation Menu Toggle navigation Sign in Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources L...

Google

Skip to content Navigation Menu Toggle navigation Sign in Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources L...

IntelOwl

v6.0.2 Latest Latest Compare Choose a tag to compare View all tags mlodic released this 13 May 10:26 · 15 commits to develop since this release v6.0.2 f4dd486 This commit was signed with the committer’s verified signature. mlodic Matteo Lodi GPG key ID: 78E7901BC2849F89 Learn about vigilant mode. please refer to the Changelog What's Changed fixes #1758 - greynoise labs analyzer by @moonpatel in #2225 fixes #1663 - Abusix analyzer by @moonpatel in #2233 Bump uwsgitop from 0.11 to 0.12 in /require...

Metaspike

Metaspike Software Releases release-notes agungor (Arman Gungor) May 14, 2024, 12:32am 1 FEC has finally made it to v4 with some long-awaited new features! Here is a quick walkthrough of what’s new and exciting. Direct Drive Acquisitions In addition to targeting Google Drive attachments (and revisions) of emails, FEC can now target Google Drive directly. In other words, you can now acquire Drive items without even setting up an email acquisition at all. As usual, FEC brings to the table In-place...

MSAB

/ Updates / Now released – XRY 10.9.1 The latest versions of XRY and XRY Pro are here and available for download. The most recent release introduces key enhancements and heightened capabilities of our flagship tool, positioning law enforcement agencies for greater success in their digital investigations. Download the new release These are some of the key updates: Wider support for Android Full File System extractions Vantron tablet support iOS Chat GPT support Wider BFU support for Samsung Exyno...

OpenCTI

Version 6.1.2 Latest Latest Compare Choose a tag to compare View all tags Filigran-Automation released this 16 May 23:52 · 3 commits to master since this release 6.1.2 221951f This commit was signed with the committer’s verified signature. Filigran-Automation Filigran Automation GPG key ID: C708FDB840E80D34 Learn about vigilant mode. Enhancements: #6944 [backend] Add family option in Redis to support IPv6 domain connection #5648 Implement test automation for CRUD Bug Fixes: #7000 [backend] Ensur...

Martin Korman

Skip to content Navigation Menu Toggle navigation Sign in Product Actions Automate any workflow Packages Host and manage packages Security Find and fix vulnerabilities Codespaces Instant dev environments Copilot Write better code with AI Code review Manage code changes Issues Plan and track work Discussions Collaborate outside of code Explore All features Documentation GitHub Skills Blog Solutions For Enterprise Teams Startups Education By Solution CI/CD & Automation DevOps DevSecOps Resources L...

Sigma

Latest Latest Compare Choose a tag to compare View all tags github-actions released this 13 May 17:50 · 1 commit to master since this release r2024-05-13 ed789f5 This commit was created on GitHub.com and signed with GitHub’s verified signature. GPG key ID: B5690EEEBB952194 Learn about vigilant mode. New Rules new: Access To Windows Outlook Mail Files By Uncommon Application new: All Backups Deleted Via Wbadmin.EXE new: File Recovery From Backup Via Wbadmin.EXE new: Launch Agent/Daemon Execution ...

Xways

X-Ways Forensics 21.1 Log Out | Topics | Search Moderators | Edit Profile X-Ways User Forum » Public Announcements » X-Ways Forensics 21.1 « Previous Next » Author Message Stefan Fleischmann Username: adminRegistered: 1-2001Posted on Sunday, Jan 21, 2024 - 15:38: A preview version of X-Ways Forensics 21.1 is now available. The latest download instructions including password can be retrieved by querying one's license status, as always. What's new in v21.1 Preview 1? * Better support for larger vo...

X-Ways Forensics 21.2 Log Out | Topics | Search Moderators | Edit Profile X-Ways User Forum » Public Announcements » X-Ways Forensics 21.2 « Previous Next » Author Message Stefan Fleischmann Username: adminRegistered: 1-2001Posted on Friday, Apr 19, 2024 - 16:20: A preview version of X-Ways Forensics 21.2 is now available. The latest download instructions including password can be retrieved by querying one's license status, as always. What's new in v21.2 Preview? * The limit of ~2 billion hash v...