Posts Tagged ‘DFIR’

Most Recent
Read More

Anatomy of the thread suspension mechanism in Windows

Windows NT constantly uses the terms “user mode” and “kernel mode” when discussing the architecture of the OS, so you should determine what it means. This article is divided into separate sections. The first section will discuss the user mode, and the second section will discuss the kernel mode. In both sections, the issue of the suspension and resumption of process flows is discussed.

Read More

Triton exploited zero-day overview

Experts at FireEye published a report on malware Triton, which is intended to attack industrial control systems and key infrastructure facilities. Triton was first discovered in the wild in August 2017.

Charlie Osborne wrote a post in which she described how Trojan managed to destroy the main industrial systems in the Middle East. Triton was designed to interfere with the operation of security controllers. In the attack against the client, malware used the “zero day” error in the Tricon firmware to scan and compare the industrial control system and the reconnaissance. The threat of zero day is a breach in the software security system that hackers use to gain [...]

Read More

Cloud Forensics in Breach Investigations

Today, cybercrime is a major problem, and malicious programs are being written to illegally obtain personal information. The development of the Internet has become one of the key factors that determined these changes.


Read More

Detecting Tor communications

More and more people are trying to preserve the inviolability of their frequent life from the long nose of the special services. And then anonymous Tor network comes to their aid. Because it can provide a single individual with a significant weakening of obsessive attention, incidentally removing almost all restrictions on movement on the World Wide Web. In addition, the TOR output nodes are public.

Latest Headlines
Read More
Read More
Read More

Trending Topics
digital forensics
computer forensics
mobile forensics
digital forensics software
Android forensics
windows forensics
iOS forensics
Top Stories
Right Now
bstrings 1.0 released
Top Five
Heat Index
Decrypting encrypted WhatsApp databases without the key
Chip-off Technique in Mobile Forensics
How to Make the Forensic Image of the Hard Drive
Extracting WhatsApp database and the cipher key from a non-rooted Android device
Android forensic analysis with Autopsy