analysis – Page 12 – WindowsTechs.com

New Year New APOLLO – Officially out of Beta iOS 13 Module Updates!

Posted on January 14, 2020 by Sarah Edwards

I spent this weekend updating and sprucing up APOLLO for its v1.0 release. It took far longer than anticipated, mostly because I’ve added quite a few new modules. It also takes a while to go through every SQL query module updating it to iOS 13. Databas… Continue reading New Year New APOLLO – Officially out of Beta iOS 13 Module Updates!→

Joker Android Malware Snowballs on Google Play

Posted on January 13, 2020 by Tara Seals

Google has removed 17,000 Joker-infested apps from the Play store to date. Continue reading Joker Android Malware Snowballs on Google Play→

New(ish) Presentation: Poking the Bear – Teasing out Apple’s Secrets through Dynamic Forensic Testing and Analysis

Posted on December 10, 2019 by Sarah Edwards

I had the wonderful opportunity to present this presentation at two great conferences in October; Jailbreak Security Summit and BSides NoLA. Unfortunately I was going on an extended vacation almost immediately after so I forgot to post this to the site… Continue reading New(ish) Presentation: Poking the Bear – Teasing out Apple’s Secrets through Dynamic Forensic Testing and Analysis→

Magecart Group Switches Up Tactics with MiTM, Phishing

Posted on November 26, 2019 by Tara Seals

This new skimming/phishing hybrid threat tactic means that even stores that send customers to external payment processors are vulnerable. Continue reading Magecart Group Switches Up Tactics with MiTM, Phishing→

Calypso APT Emerges from the Shadows to Target Governments

Posted on October 31, 2019 by Tara Seals

Researchers believe the threat group is based in China. Continue reading Calypso APT Emerges from the Shadows to Target Governments→

Just Call Me Buffy the Proto Slayer – An Initial Look into Protobuf Data in Mac and iOS Forensics

Posted on September 27, 2019 by Sarah Edwards

I was first introduced to the protobuf data format years ago accidentally when I was doing some MITM network analysis from an Android device. The data I was looking at was being transferred in this odd format, I could tell there were some known strings… Continue reading Just Call Me Buffy the Proto Slayer – An Initial Look into Protobuf Data in Mac and iOS Forensics→

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

Posted on August 28, 2019 by Tara Seals

Multiple actors in multiple campaigns are using the web shell for remote access, even though it’s almost a decade old and hasn’t been updated. Continue reading Elderly China Chopper Tool Still Going Strong in Multiple Campaigns→

iOS Location Mapping with APOLLO – Part 2: Cellular and Wi-Fi Data (locationd)

Posted on August 26, 2019 by Sarah Edwards

My previous article showed a new capability of APOLLO with KMZ location file support. It worked great…for routined data, but there was something missing. What about the cellular and Wi-Fi locations that are stored in databases? Well, turns out I need … Continue reading iOS Location Mapping with APOLLO – Part 2: Cellular and Wi-Fi Data (locationd)→

iOS Location Mapping with APOLLO – I Know Where You Were Today, Yesterday, Last Month, and Years Ago!

Posted on August 22, 2019 by Sarah Edwards

I added preliminary KMZ (zipped KML) support to APOLLO. If any APOLLO module’s SQL query has “Location” in its Activity field, it will extract the location coordinates in the column “Coordinates” as long as they are in Latitude, Longitude format (ie: 3… Continue reading iOS Location Mapping with APOLLO – I Know Where You Were Today, Yesterday, Last Month, and Years Ago!→

ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019

Posted on August 16, 2019 by Tara Seals

The number of exposed records has hit record highs in just the first two quarters. Continue reading ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019→