MENU

Posts Tagged ‘process’

Most Recent
 
Read More
2017-11-18

Powerdown the PowerShell Attacks Overview

Kirtar Oz is involved in the analysis of PowerShell attacks among customers. He came up with several indicators that will help detect potential PowerShell attacks in the environment. These indicators are based on analysis and research.

 

182
 
Read More
2017-11-11

RunPE Overview

Most hackers use remote access Trojans (RATs) and they almost always use the RunPE method. This method generates a legitimate process executable (PE) file, so this is often the default browser or Microsoft system process, and replaces it with malicious code directly in memory. This allows the computer to process malicious code as a legitimate process. As soon as this happens, your antivirus program does not know that your browser is effectively turned into a virus by default.

158
Latest Headlines
 
Read More
869
 
Read More
449
 
Read More
886

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
Android forensics
digital forensics software
windows forensics
forensic data recovery
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy

Get Help Now

Thank you for contacting us.
Your Digital Investigator will call you shortly.