本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成＆投稿したものです。4n6 は こちら からご確認いただけます。

MISCELLANEOUS

Marco Fontani at Amped

• Amped Software Co-authors a Journal Paper About Detecting Double Compression in HEIF Images

Marco Fontani August 21, 2024 Reading time: 2 min Amped Software co-authored a scientific paper, this time about detecting double encoding in HEIF images. Read the paper, it’s open access! Dear friends, we’re glad to share some good news with you! We’ve just co-authored a paper published in Sensors about the forensic analysis of HEIF files, specifically to detect double HEIC (High-Efficiency Image Coding) compression. Indeed, the HEIF format is becoming ubiquitous thanks to its superior encoding...

Craig Ball at ‘Ball in your Court’

• Adapting Requests for Production for AI GLLM Assessment

• TQT Group davidkeithtobin said: August 19, 2024 at 11:34 AM great stuff – and for free! thank you! LikeLike Reply Pingback: Week 34 – 2024 – This Week In 4n6 Leave a comment Cancel reply Δ Follow Ball in your Court on WordPress.com E-mail me the posts! Enter your email address to subscribe to this blog and receive notifications of new posts by email. Email Address: Sign me up! Join 5,017 other subscribers Recent Posts Adapting Requests for Production for AI GLLM Assessment August 19, 2024 AI D...

Elan at DFIR Diva

• Upcoming Techno Security & Digital Forensics Conference

Posted on August 21, 2024 by DFIR Diva Events 0 Hi everyone! I partnered with Techno Security & Digital Forensics Conference as an Industry Supporter. The conference takes place September 16th – 18th, 2024 in Pasadena, CA. You can get 10% off registration using code: DFDV24 The conference will feature several educational sessions led by industry professionals and sponsoring/exhibiting companies who will introduce and demonstrate the latest tools, products, and services in the industry. Education...

Forensic Focus

• Magnet Forensics Acquires Medex Forensics, Strengthening Video Evidence Integrity

• GMDSOFT : MD-VIDEO AI Unveils New Features And Expands Global Reach

• Decrypt Data In Air-Gapped Environment With Passware Kit Ultimate

• Detego Global Launches Second Justice Accelerator Grant To Empower ICAC Investigators Across The U.S.

• Vigilance In Action: Monitoring Typosquatting Domains

• Digital Forensics Round-Up, August 21 2024

• Andrea Lazzarotto, Digital Forensics Consultant and Developer

• Next Level In Mobile Data Extraction And Decoding – XRY 10.10.1

• Forensic Focus Digest, August 23 2024

Kaido Järvemets at Kaido Järvemets

• Automating Arc-Enabled Server Log Collection with Azure Run Command

Automating Arc-Enabled Server Log Collection with Azure Run Command Kaido Järvemets August 21, 2024 IntroductionHave you ever found yourself drowning in a sea of server logs, desperately trying to troubleshoot an issue? I’ve been there, wrestling with extension-related problems on my Azure Arc-enabled servers. Each time I reached out to support, they’d ask for logs, and I’d groan at the thought of logging into every single server.But then I had an idea: What if I could create a script that uses ...

Magnet Forensics

• How Magnet Axiom can enhance a vehicle accident investigation

While digital evidence is commonly linked to crimes like child exploitation, violent offenses, and cybercrimes, its significance extends to almost every crime, including understanding the complexities of vehicle accidents. A traditional vehicle accident investigation focuses on reconstructing the physical scene and Magnet Axiom adds a crucial new dimension: the digital traffic crash scene. Consider the frequent issue of drivers being distracted by their phones and leading to traffic crashes, or ...

Matt Suiche

• Bob and Alice in Kernel-land – Part 2

Bob and Alice in Kernel-land - Part 2 Aug 23, 2024 · 691 words · 4 minute read It’s been a month since I wrote Part 1 of “Bob and Alice in Kernel-land”. As expected, we saw minimal constructive feedback from vendors, with a few notable exceptions. Sophos provided the most detailed information about their drivers, while CrowdStrike offered valuable insights into their kernel architecture, including the use of Microsoft’s Winsock kernel file transfer. This feature, introduced in Windows Vista+, ...

Medex Forensics

• SPECIAL ANNOUNCEMENT: MEDEX FORENSICS JOINS MAGNET FORENSICS

August 19, 2024 To our valued colleagues and customers, We are thrilled to announce that Medex Forensics is now a part of Magnet Forensics, a developer of digital investigation software used globally by public safety organizations and enterprises.Your Medex Forensics team will remain the same, including your primary contacts for support, training, renewals, and general communications. Additionally, there will be no changes to your license and access to the Medex Video Authentication Platform. We...

Karam Abu Hanna at Microsoft’s ‘Security, Compliance, and Identity’ Blog

• Critical Cloud Assets: Identifying and Protecting the Crown Jewels of your Cloud

N00b_H@ck3r

• SANS FOR500 (GCFE) vs 13Cubed Investigating Windows Endpoints

SANS FOR500 (GCFE) vs 13Cubed Investigating Windows Endpoints Posted bylightkunyagami August 18, 2024August 18, 2024 2 Comments on SANS FOR500 (GCFE) vs 13Cubed Investigating Windows Endpoints I am writing this comparison between the FOR500 (GCFE) and 13Cubed Investigating Windows Endpoints based on my experience studying both the study materials and taking their respective certification exams. I sat and passed the GCFE on 8/6/2024: I got certified in Investigating Windows Endpoints on 8/16/2024...

Oxygen Forensics

• Capture RAM using Oxygen Forensic® KeyScout

Jonathan Reed at Security Intelligence

• Cost of a data breach: The industrial sector

Industrial organizations recently received a report card on their performance regarding data breach costs. And there’s plenty of room for improvement. According to the 2024 IBM Cost of a Data Breach (CODB) report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023. These figures place the industrial sector in third place for breach costs among the 17 industries studied. On average, data breaches cost i...

Teru Yamazaki at Forensicist

• NSRLJP_202408

2024/08/20 (火) - 22:19 NSRLJP_202408をリリースしました。Windows 11, 2022の追加とメジャーアプリケーションの最新版までを含めています。

Volatility Foundation

• The 2024 Plugin Contest is open for submissions!

The Plugin Contest is straightforward: Create an innovative and useful extension to Volatility 3 and win! 1st place wins one free seat at any future Windows Malware and Memory Forensics Training or 3000 USD cash 2nd place wins 2000 USD cash 3rd place wins 1000 USD cash More information about the Volatility 3 can be found here. Contest Results The winners will be announced in a blog post, which will be linked here. Here’s the announcement for last year’s contest winners. Rules of Engagement The...

Passware

• Passware Kit Ultimate – Air-Gapped Edition

August 20, 2024 Product Update Passware Kit Ultimate – Air-Gapped Edition enables investigators to access data from locked mobile devices, computers, encrypted disks, and files – all with a single license, and in environments without Internet access. Continue Reading Effortless Management of a Password Recovery Cluster August 01, 2024 How-To Handling encrypted items in a forensic case, especially with Full Disk Encryption (FDE) images and archives, requires significant computational resources. T...