“You should have asked for the presence of a digital detective,” Karen said when I told her what happened at the police station. I had accompanied a neighbor, who is a small business owner, that had been hit with ransomware and wanted to file a report. After listening to his story, the police officer at the desk asked if my neighbor had a description of the

Hello from Vienna where I’m at the DeepSec conference. Initially, I was scheduled to give my OSSEC training but it was canceled due to a lack of students. Anyway, the organizers proposed to me to join (huge thanks to them!). So, here is a wrap-up of the first day! After the short opening ceremony by René Pfeiffer, the DeepSec organizer, the day star

After our last blogpost regarding Emotet and several other Emotet and Ransomware samples that we encountered, we recently stumbled across a variant belonging to the Gozi, ISFB, Dreambot respectively Ursnif family. In this blogpost, we want to share our insights from the analysis of this malware, whose malware family is mainly known for being a banking trojan

Hey everybody, In addition to genius, whose writeup I already posted, my other favourite challenge I wrote for BSidesSF CTF was called launchcode. This will be my third and final writeup for BSidesSF CTF for 2019, but you can see all the challenges and solutions on our Github releases page. This post will be more about how I developed this, since the solutio

As recent attacks targeting sensitive, personal information at a number of high-profile institutions have demonstrated, it is not a matter of if, but when you will have to investigate a security breach. The law enforcement and intelligence communities are increasingly called upon to investigate and mitigate cyberthreats, often applying the same tools and met

The main goal of the forensic investigation is to handle a large amount of data, gather as much evidence as possible, and uncover all the hidden and untraced data.In the field of digital forensic various techniques are considered to extract the maximum amount of information and gather as much evidence. Below is the list of techniques that are used in d

 Computer forensic investigators are in high-demand. Often referred to as digital forensics engineers, computer forensic investigators are expected to know basic IT skills, understand computer architecture and networking, have the ability to collaborate with various teams and write detailed reports. A digital forensics professional must have analy

For years Digital Forensics has played a significant role in the security domain. Being an integral part of the process, various tools have been developed over the years to make the forensic investigator’s work easier. Since most people are aware of tools such as EnCase, The Sleuth Kit, Caine, etc. that are used in the day-to-day practice, for a

IntroductionOne of the biggest threats facing businesses and corporations today is that of Cyber-attacks and threats. If these are large enough in scale and magnitude, it could even be considered as an act of Cyber terrorism, in which a significant impact can be felt in both regarding cost and human emotion. Whenever something like this occurs, two of

INTRODUCTIONThe digital forensic community is striving hard to stay abreast of the current state of the art in the constantly changing technologies which we use to expose relevant clues in a probe. Mobile devices are used by almost every person today for both personal and professional means, hence carry a significant value. All sorts of mobile devices

IntroductionA feature phone can be described as a wireless mobile device that has more features than a standard cell phone, but limited capabilities when you compare it with a smartphone.Feature phones typically provide a calling feature, messaging functionality, and MMS support. They also offer basic multimedia and browsing internet capabilities, as w

1. INTRODUCTIONWindows phones hold a large market share, so it is essential that Examiners or Investigators are aware of techniques used to extract data from them. It is also crucial that Analysis techniques, Types of Artifacts that can be retrieved and the location of those artifacts are known to examiners or investigators. This document covers Logica

1. INTRODUCTIONDay by day, Smart phones and tablets are becoming popular, and hence technology used in development to add new features or improve the security of such devices is advancing too fast. iPhone and iPod are the game changer products launched by Apple. Apple operating system (IOS) devices started growing popular in the mobile world. Latest Sm

IntroductionToday’s world is Android World. Almost 90% of devices are running on Android, and each one of us is using Android in some or the other way. There are various devices which run on Android, but Android is widely used on Smart Phones. Also, if you check the Global Smart Phone Market Share Android Smart Phone share is 88%. Thus, it is nec

Enterprises need a steady stream of actionable, timely, and accurate threat intelligence on targeted malicious intrusions and attempts into their networks They need this information without suffering breaches and cannot rely solely on post-compromise forensics or sandbox simulations to continuously tighten and adapt their defenses Pre-breach targeted intell