-
Jan 5, 2018
In the last hours, the vulnerabilities of the CPU have had a great prominence even in the non-specialized press.So, I think that would be useful trying to summarize the situation in a simple way. Background https://xkcd.com/1938/ Google's Project Zero releases… read more »
-
Jan 3, 2018
Keyloggers are often used by malicious softwares to steal sensitive data and login credentials. During a malware analysis process is useful to know how a keylogger works. A keylogger can be implemented simply setting a hook on the keydown event… read more »
-
Dec 31, 2017
My running year recap. Ok, 2018 is near to ends, now is time to make some statistics on my running activity. This year i have run for 5279 kilometers (3280 miles): every workout has been performed in the early morning,… read more »
-
Dec 29, 2017
In digital forensics, the term logical extraction is typically used to refer to extractions that do not recover deleted data, or do not include a full bit-by-bit copy of the evidence, analogously to copying and pasting a folder in order… read more »
-
Dec 27, 2017
Using Wine and Pyinstaller. Pyinstaller is a program that packages Python programs into stand-alone executables, under the most used OSs (Windows, Linux, Mac OS X, FreeBSD, Solaris and AIX). Initially Pyinstaller had a beta feature that allows the cross-compilation of… read more »
-
Dec 22, 2017
Every forensic analyst, during his experience, perfects his own workflow for the acquisition of forensic images. Today I want to propose my own workflow for acquisition of physical disks on Microsoft Windows systems Required tools FTK Imager The Forensic Toolkit… read more »
-
Dec 20, 2017
Microsoft has released, on its GitHub repository, an interesting Linux porting of ProcDump from Sysinternals suite. Like the Windows version, ProcDump allows developers to create core dumps of their application based on performance triggers. Furthermore, ProcDump is also useful for… read more »
-
Dec 18, 2017
In this great speech on BlackHat Europe 2017, Mark Ermolov and Maxim Goryachy by Positive Technology talks about the Intel Management Engine subsystem and how the recently discovered vulnerabilities can be used in order to compromise a system. Intel Management… read more »