693 matches found
Volatility Workbench - A GUI For Volatility Memory Forensics
Volatility Workbench is a graphical user interface GUI for the Volatility tool. Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. It provides a number of advantages over the...
Houzz Urges Password Resets After Data Breach
Interior decorating website Houzz on Friday issued a notice that user data – including usernames, passwords and IP addresses – had been accessed by an “unauthorized third party.” Houzz connects consumers to varying home-goods departments or professionals for purchasing furniture. The Palo Alto,...
Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]
It should come as no surprise that cybersecurity is one of the most important and lucrative fields in the world right now, and it's becoming more important every day—thanks to a growing number of cyber attacks that are targeting everything from individuals and startups to Fortune 500 companies an...
Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]
It should come as no surprise that cybersecurity is one of the most important and lucrative fields in the world right now, and it's becoming more important every day—thanks to a growing number of cyber attacks that are targeting everything from individuals and startups to Fortune 500 companies an...
Long-Range Familial Searching Forensics
Good article on using long-range familial searching -- basically, DNA matching of distant relatives -- as a police forensics tool. EDITED TO ADD 1/5: A smattering of papers on the topic...
MD5 and SHA-1 Still Used in 2018
Last week, the Scientific Working Group on Digital Evidence published a draft document -- "SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital and Multimedia Forensics" -- where it accepts the use of MD5 and SHA-1 in digital forensics applications: While SWGDE promotes the adopti...
Radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools Security
r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later added support for analyzing binaries, disassembling code,...
IBM QRadar Incident Forensics Information Disclosure Vulnerability (CNVD-2018-25037)
IBM QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and the repair of network security vulnerabilities. A security vulnerability exists in IBM QRada...
Quora Gets Hacked – 100 Million Users Data Stolen
The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday...
Security Bulletin: The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Summary The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. Vulnerability Details CVEID: CVE-2018-1650 Description: IBM QRadar Incide...
Security Bulletin: Public disclosed vulnerability from Apache Tika
Summary Public disclosed vulnerability from Apache Tika Vulnerability Details CVEID: CVE-2018-1338 Description: Apache Tika is vulnerable to a denial of service, caused by an error in BPGParser. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability ...
Security Bulletin: Apache PDFBox as used in IBM QRadar Incident Forensics is vulnerable to Publicly disclosed vulnerability. (CVE-2018-8036)
Summary Publicly disclosed vulnerability in Apache PDFBox. Vulnerability Details CVEID: CVE-2018-8036 Description: Apache PDFBox is vulnerable to a denial of service, caused by an out of memory exception in AFMParser. By persuading a victim to open a specially-crafted file, a remote attacker coul...
FBI Takes Down a Massive Advertising Fraud Ring
The FBI announced that it dismantled a large Internet advertising fraud network, and arrested eight people: A 13-count indictment was unsealed today in federal court in Brooklyn charging Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr...
Dell Resets All Customers' Passwords After Potential Security Breach
Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity ...
Dell Resets All Customers' Passwords After Potential Security Breach
Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity ...
Dell Warns of Attempted Breach on Network
Dell EMC is warning its Dell.com customers of unauthorized activity on its network that occurred on Nov. 9 when it believes adversaries attempted to access names, email addresses and hashed passwords. In response, the company said that it has reset all Dell.com customer passwords. Dell said that...
AWS Security Hub and Deep Security
One of the biggest challenges in maintaining your security posture is visibility. You have security controls deployed throughout the stack, and each fo these tools is generating its own set of data points and has its own view of your deployment. Managing the multitude of alerts and events from...
The Incident Response Tracking Application: DFIRTrack
DFIRTrack Digital Forensics and Incident Response Tracking application is an open source web application mainly based on Django using a PostgreSQL database backend. In contrast to other great incident response tools, which are mainly case-based and support the work of CERTs, SOCs etc. in their...
Extract Digital Evidences From Images: Imago-Forensics
Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...
CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response
CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...