694 matches found
CVE-2024-29513
CVE-2024-29513 impacts BlueRiSC WindowsSCOPE Cyber Forensics prior to version 3.3, via briscKernelDriver.sys. The root cause is an improper DACL on the device the driver creates, enabling a local attacker to execute arbitrary code within the driver and cause a local denial-of-service condition. T...
CVE-2024-29513
An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service condition due to an improper DACL being applied to the device the driver creates...
MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs
What is MasterParser ? MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis of Linux logs within the var/log directory. Specifically designed to expedite the investigative process for security incidents on Linux systems, MasterParser...
CVE-2023-42128
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-42128
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-42128 Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-42128
CVE-2023-42128 : The vulnerability affects Magnet Forensics AXIOM, specifically in the Android device image acquisition functionality. It stems from insufficient validation of a user-supplied string before it is used in a system call, allowing a network-adjacent attacker to execute arbitrary code...
Magnet Forensics AXIOM 命令注入漏洞
Magnet Forensics AXIOM is a complete digital investigation platform from Magnet Forensics, Inc. allowing examiners to seamlessly access and analyze forensic data. A security vulnerability exists in Magnet Forensics AXIOM versions prior to 7.6 that stems from the presence of a command injection...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a lack of forensics in the Iaware module...
VolWeb - A Centralized And Enhanced Memory Analysis Platform
VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated to aiding in investigations and incident responses. Objective The goal of VolWeb is to enhance the efficiency of memory collection and forensic analysis by providing a...
New Leak Shows Business Side of China’s APT Menace
A new data leak that appears to have come from one of Chinas top private cybersecurity firms provides a rare glimpse into the commercial side of Chinas many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...
A lightweight method to detect potential iOS malware
Introduction In the ever-evolving landscape of mobile security, hunting for malware in the iOS ecosystem is akin to navigating a labyrinth with invisible walls. Imagine having a digital compass that not only guides you through this maze, but also reveals the hidden mechanisms of iOS malware...
Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics
Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response DFIR tool...
Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company sa...
USN-6518-1: AFFLIB vulnerability
Luis Rocha discovered that AFFLIB incorrectly handled certain input files. If a user or automated system were tricked into processing a specially crafted AFF image file, a remote attacker could possibly use this issue to cause a denial of service via application crash. CVE-2018-8050...
ICS-Forensics-Tools - Microsoft ICS Forensics Framework
Microsoft ICS Forensics Tools is an open source forensic framework for analyzing Industrial PLC metadata and project files. it enables investigators to identify suspicious artifacts on ICS environment for detection of compromised devices during incident response or manual check. open source...
Modern Asian APT groups’ tactics, techniques and procedures (TTPs)
Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This...
黑客工具测试
This is an offensive tool for a comprehensive hacking toolkit. The primary vulnerability class targeted is RCE Remote Code Execution, with various tools and modules available for different attack vectors, including SQL injection, phishing, web attacks, post-exploitation, and more. The tool is...
How to catch a wild triangle
In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform KUMA SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern in...
Ubuntu 16.04 ESM : The Sleuth Kit vulnerabilities (USN-4765-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4765-1 advisory. It was discovered that The Sleuth Kit did not properly handle certain entires in FAT file systems. An attacker could use this vulnerability to mislead an...