-
Dec 14, 2020
During a forensic analysis on mobile devices, especially when you are not able to perform a full memory acquisition, a network traffic analysis could be useful in order to identify suspicious activities. In the past, I used a linux box… read more »
-
Dec 7, 2020
Today I’d like to share a brief list of useful tools I use for OSX analysis. I’ve already talked about OSX forensics, in a post focused on acquisition workflow. Today, I share a list of tools useful during the analysis… read more »
-
Dec 3, 2020
In order to expand the address space that is effectively usable by a process and to expand the amount of dynamic RAM, modern operating systems use the method known as swapping. In Linux systems this typically shows up in the… read more »
-
Nov 30, 2020
“Technology is just a tool. In terms of getting the kids working together and motivating them, the teacher is the most important” - Bill Gates Baby Yoda Flies to The ISS With The SpaceX Crew Sure, we might not be… read more »
-
Nov 29, 2020
Several year ago (at least 15), I've been involved in a exciting project: the development of a video game. Not as developer, but as musician! The game was an old-style platform, but with a realistic physic. When I began collaboration… read more »
-
Nov 25, 2020
A simple step-to-step tutorial for iOS full acquisition. The release of Checkm8 iOS exploit, in september 2019, was a bit topic: an exploit could be used on every iOS device made over an approximately 5-year period had major consequences. Checkm8… read more »
-
Nov 22, 2020
A brief update on Cobalt Strike detection in forensics analysis, with a couple of new resources. Some days ago I've published some informations about CobaltStrikeScan [1], a useful tool to identify Cobalt Strike beacons in processes memory, today l'd like… read more »
-
Nov 16, 2020
Some privacy concerns about Apple Silicon and MacOs Big Sur. The latest features added by Big Sur in combo with the Silicon M1 processor have some dirty little secrets. A path started some time ago and now completed with a… read more »
-
Nov 15, 2020
FAMA (Forensic Analysis For Mobile Apps) is a forensic framework developed in Python (2.7+) by Lab of Cybersecurity and Digital Forensics at IPLeiria (LabCIF). FAMA is an Android extraction and analysis framework, useful for easily dump user data from a device… read more »
-
Nov 11, 2020
“It's dangerous when people are willing to give up their privacy.“ - Noam Chomsky Chrome to block tab-nabbing attacks Google will deploy a new security feature in Chrome next year to prevent tab-nabbing, a type of web attack that allows… read more »
-
Nov 8, 2020
In my previous posts I often covered many tools and techniques that allows memory acquisition from a Windows system. However, I written few articles about Linux memory acquisition and analysis, only one brief post regarding memory profiles generation on Linux, using LiME. So, today I’d like… read more »
-
Nov 3, 2020
Cobalt Strike was born as a penetration testing tool, useful for Red Teaming activities. However, several threat actors started using it in real attacks. So, a proper detection of Cobal Strike activities during an incidend respose process is extremely important.… read more »
-
Nov 1, 2020
"Dark Ambient" or "Noise Music"? I'm not sure! “Weaponizing the Noise“ is a long and complex album: ten tracks, about an hour and 20 minutes of strange sounds and dissonant not-melodies.I'm not sure everyone’s gonna like it, but I really… read more »
-
Oct 30, 2020
“If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked” ― Richard Clarke Grayshift, The Startup That Breaks Into Unlocked IPhones For The Feds, Raises $47 Million Grayshift, the startup… read more »
-
Oct 26, 2020
Data extraction, data acquisition, data analysis? Let's try to make it a little clearer! Let's start from the beginning... In the early 1980s, when personal computers began to be more accessible to consumers, however, increasing their use in criminal activities,… read more »
-
Oct 22, 2020
“Technology is best when it brings people together” - Matt Mullenweg NASA and Nokia Team Up to Bring 4G to the Moon The National Aeronautics and Space Administration (NASA) announced last week that it has awarded Nokia’s Bell Labs to… read more »
-
Oct 19, 2020
”A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves, an unrecorded unanalyzed thought. And that’s a problem because privacy matters. Privacy is… read more »
-
Oct 15, 2020
“It’s funny to us as we’re so used to worms and viruses being bad news rather than making the world a better place.“ - Graham Cluley Top reason to apply October, 2020’s Microsoft patches: Ping of Death Redux Microsoft is… read more »
-
Oct 12, 2020
Last week, a new collection of my compositions was released on major music streaming services. "Noli me tangere" is a shining example of music recycling: all song has been developed using melodies, loops and backtracks created for other projects, but… read more »
-
Oct 9, 2020
Sysdiagnose logs allow developers to extract information from iOS devices, and it is used for understanding bug occurrences.However, this log is also useful for forensic purposes when a full device acquisition is not possible/available. Sysdiagnose logs generation Unlike crash Logs,… read more »