本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
MISCELLANEOUS
Andrea Fortuna
Jun 17, 2024 In the cybersecurity domain, incident responders act as the secret agents on the front lines of digital conflict. They engage in relentless mitigation efforts against cyber adversaries who exploit vulnerabilities that have the potential to cripple organisational infrastructure. While their dedication is commendable, it’s important to acknowledge the detrimental effects such high-pressure environments can have on their psychological well-being. I vividly recall attending a FireEye (n...
Cellebrite
Bret at Cyber Gladius
I want to share one of the fastest methods for deploying software or running a script via an Active Directory Group Policy. This method reduces the time to roll out a change to 10 hours or less. I use this method to roll out critical software like SentinelOne, CrowdStrike, Sysmon, and more. So, if you want to complete your software deployment faster through an Active Directory Group Policy, this is the method for you. The Slower AD GPO Software Deployment Method To understand why this AD GPO sof...
Forensic Focus
Hideaki Ihara at port139
@port139 Blog 読者になる @port139 Blog 基本的にはデジタル・フォレンジックの技術について取り扱っていますが、記載内容には高確率で誤りが含まれる可能性があります。 2024-06-20 Let's try to analyze the DataRuns of NTFS with ChatGPT. I tried to parse the structure of DataRuns using ChatGPT. Based on several attempts, it appears that it is necessary to instruct the processing to be done in Python. Here is the $DATA containing the DataRun we will be testing.The HEX data of the DataRun is as follows. 3111AB6D29 Then, I will ask ChatGPT to visualize the given HEX data a...
Magnet Forensics
Tell us about your life before becoming a Trainer. Prior to joining the Magnet Forensics team, I spent 35 years in law enforcement and 12 years as a professor at the University of Notre Dame. Most of my career was spent with the St. Joseph County (IN) Prosecutor’s Office where I created the Cyber Crimes unit and was the Director. This unit was made up primarily of Notre Dame students who were sworn in as investigators and conducted digital forensics exams on law enforcement investigations in our...
What is endpoint forensics? Endpoint forensics is the process of collecting, analyzing, and preserving digital evidence from endpoints—devices like laptops, mobile phones, internet of things (IoT) devices—connected to your organization’s network. This evidence can then be used to investigate security incidents, identify the root cause, and take steps to remediate the issue and prevent future attacks. In today’s digital landscape, cyber threats are ever evolving, making cybersecurity measures a n...
With the wide array of languages that can show up in case data—for both local and larger geographically focused investigations—determining the relevance of the available evidence can be a challenging process. To provide you with a quick understanding of multilingual evidence in your cases, a translation module is now available in Magnet Axiom and Magnet Axiom Cyber—providing immediate translation of 32 different languages and helping you quickly understand if the content you are looking at is re...
Maxim Suhanov
Vulnerabilities in 7-Zip and ntfs3 June 19, 2024June 19, 2024 ~ msuhanov As I demonstrated before, the same malformed file system structures can cause overflows/over-reads in independently developed software. Here is a recent example: a buffer overflow vulnerability found in 7-Zip — CVE-2023-52168. This vulnerability is similar to one previously discovered by me in the ntfsck tool (from the NTFS-3G driver) — CVE-2021-46790. And even more: a buffer over-read vulnerability in 7-Zip — CVE-2023-5216...
Memory Forensic
HoxedJun 18, 2024Jun 16, 2024 What is Autopsy? Autopsy is a widely used digital forensics software platform that offers a comprehensive suite of tools and plugins for investigating computer systems (disk forensics) and mobile phones. It provides a graphical interface to The Sleuth Kit and other digital forensics tools. It boasts solid capabilities and, being a FOSS (free and open-source) product, has received a lot of love from the community. Developed by Basis Technology, Autopsy provides a use...
Angélique Conde at Microsoft’s ‘Security, Compliance, and Identity’ Blog
Oxygen Forensics
Salvation DATA
Knowledge 2024-06-19 A forensic lab is an important part of current crime probes and attempts to keep computers safe. These labs have the forensic tools to look at digital proof and find important data that can help with court procedures or security measures. A forensic lab is important because it can carefully handle, look at, and understand data, making sure that the results are accurate and trustworthy.This article will show you how to set up a digital forensic lab by going over the most impo...
Alexey Antonov at Securelist
Research 18 Jun 2024 minute read Table of Contents How passwords are typically storedMethodologyBrute force attacksSmart brute-force attacksThe use of dictionary words reduces password strengthTakeaways Authors Alexey Antonov The processing power of computers keeps growing, helping users to solve increasingly complex problems faster. A side effect is that passwords that were impossible to guess just a few years ago can be cracked by hackers within mere seconds in 2024. For example, the RTX 4090 ...
