Lucene search
+L

118 matches found

Schneier on Security
Schneier on Security
added 2019/02/19 12:36 p.m.52 views

Estonia's Volunteer Cyber Militia

Interesting -- although short and not very detailed -- article about Estonia's volunteer cyber-defense militia. Padar's militia of amateur IT workers, economists, lawyers, and other white-hat types are grouped in the city of Tartu, about 65 miles from the Russian border, and in the capital,...

0.7AI score
Exploits0
FireEye
FireEye
added 2019/01/08 11:0 a.m.32 views

Digging Up the Past: Windows Registry Forensics Revisited

Introduction FireEye consultants frequently utilize Windows registry data when performing forensic analysis of computer networks as part of incident response and compromise assessment missions. This can be useful to discover malicious activity and to determine what data may have been stolen from ...

0.2AI score
Exploits0
Trellix
Trellix
added 2019/01/08 12:0 a.m.36 views

Digging Up the Past: Windows Registry Forensics Revisited

ARCHIVED STORY Digging Up the Past: Windows Registry Forensics Revisited By David Via · Jan 08, 2019 Introduction FireEye consultants frequently utilize Windows registry data when performing forensic analysis of computer networks as part of incident response and compromise assessment missions. Th...

6.9AI score
Exploits0
n0where
n0where
added 2018/11/12 5:30 a.m.70 views

Parrot Security OS

Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. Features updated pentesting tools great for forensic analysis custom 4.14...

1.1AI score
Exploits0
Kitploit
Kitploit
added 2018/07/22 2:30 p.m.13 views

Hindsight - Internet History Forensics For Google Chrome/Chromium

Hindsight is a free tool for analyzing web artifacts. It started with the browsing history of the Google Chrome web browser and has expanded to support other Chromium-based applications with more to come!. Hindsight can parse a number of different types of web artifacts, including URLs, download...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/06/13 4:19 p.m.14 views

Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist

A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said...

0.7AI score
Exploits0References8
Packet Storm
Packet Storm
added 2018/05/29 12:0 a.m.90 views

IBM QRadar SIEM Code Execution / Authentication Bypass

Hi all, 3 vulns in IBM QRadar SIEM that when chained allow an attacker to achieve unauthenticated RCE as root on the QRadar host. IBM have only attributed on CVE for all 3 vulns, and they have a combined CVSS score of 5.6. So totally own a SIEM = 5.6 CVSS. Sounds right to me. A special thanks to...

7.5CVSS1AI score0.52072EPSS
Exploits6
The Hacker News
The Hacker News
added 2017/12/06 8:49 p.m.11 views

Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret

Last year, Uber received an email from an anonymous person demanding money in exchange for the stolen user database. It turns out that a 20-year-old Florida man, with the help of another, breached Uber's system last year and was paid a huge amount by the company to destroy the data and keep the...

6.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/11/17 12:57 p.m.37 views

ContextIS Introduces CbRCLI to Access Cb Response via the Command Line for Faster, More Efficient Incident Response

When you think of incident response, there are two key factors. The incident itself, and the need to respond quickly and effectively. You need to have an incident response toolkit that contains everything you need to be able to perform investigations and forensic analysis with speed, accuracy and...

7AI score
Exploits0
seebug.org
seebug.org
added 2017/11/15 12:0 a.m.135 views

Xplico Unauthenticated Remote Code Execution(CVE-2017-16666)

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

9.9AI score0.80098EPSS
Exploits7
Schneier on Security
Schneier on Security
added 2017/07/10 11:4 a.m.39 views

The Future of Forgeries

This article argues that AI technologies will make image, audio, and video forgeries much easier in the future. Combined, the trajectory of cheap, high-quality media forgeries is worrying. At the current pace of progress, it may be as little as two or three years before realistic audio forgeries...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/05/04 4:29 p.m.36 views

Windows Defender ATP thwarts Operation WilySupply software supply chain cyberattack

Several weeks ago, the Windows Defender Advanced Threat Protection Windows Defender ATP research team noticed security alerts that demonstrated an intriguing attack pattern. These early alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology...

7.5AI score
Exploits0
FireEye
FireEye
added 2016/12/15 1:0 p.m.21 views

Do You See What I CCM?

SCCM Software Metering Reviewing forensic keyword searches can be confusing because it is often difficult for an analyst to determine the source of the various structures that contain string matches. One such structure belongs to Microsoft's System Center Configuration Manager's SCCM software...

7.1AI score
Exploits0References4
FireEye
FireEye
added 2016/12/15 8:0 a.m.39 views

Do You See What I CCM?

SCCM Software Metering Reviewing forensic keyword searches can be confusing because it is often difficult for an analyst to determine the source of the various structures that contain string matches. One such structure belongs to Microsoft's System Center Configuration Manager's SCCM software...

0.3AI score
Exploits0
n0where
n0where
added 2016/12/06 2:0 p.m.26 views

Ubuntu-based PenTest Linux Distribution: BackBox

BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to...

0.4AI score
Exploits0
n0where
n0where
added 2016/11/14 6:24 a.m.113 views

PowerShell Digital Forensics: PowerForensics

PowerShell Digital Forensics The purpose of PowerForensics is to provide an all inclusive framework for hard drive forensic analysis. PowerForensics currently supports NTFS and FAT file systems, and work has begun on Extended File System and HFS+ support. PowerForensics is built on a C Class...

1AI score
Exploits0References2
Kitploit
Kitploit
added 2015/12/01 8:54 p.m.26 views

Xplico v1.1.1 - Open Source Network Forensic Analysis Tool (NFAT)

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

7AI score
Exploits0
n0where
n0where
added 2015/11/13 12:27 a.m.250 views

Volatile Memory Extraction: The Volatility Framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...

6.5AI score
Exploits0References4
n0where
n0where
added 2015/11/04 10:26 p.m.48 views

Network Forensic Analysis Tool: Xplico

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/09/16 12:0 a.m.30 views

ManageEngine EventLog Analyzer 10.6 Build 10060 SQL Query Execution

Exploit Title: ManageEngine EventLog Analyzer SQL query execution Product: ManageEngine EventLog Analyzer Vulnerable Versions: v10.6 build 10060 and previous versions Tested Version: v10.6 build 10060 Windows Advisory Publication: 14/09/2015 Vulnerability Type: authenticated SQL query execution...

0.5AI score
Exploits0
Rows per page
Query Builder