Collaborate Disseminate
We blocked USB ports on most of the devices using Intune. However, a subset of users requires USB access due to their job scope which requires them to copy images from their cameras to their PCs. Is there a way we can restrict users from c… Continue reading How can we restrict users from copying "non-allowed" file types from USB?
I have a Node.js app which has a lot of npm-dependencies, running on Linux (Centos) machine.
When Node starts, the script has access to the files outside its directory (as least by default), so malicious npm-package could traverse a direct… Continue reading Restrict node.js filesystem access
In fscrypt, master key is received from userspace and actual encryption keys are derived from this master key using KDF. If any other process is able to get hold of the master key, they can unlock the encrypted directory and access the con… Continue reading fscrypt master key handling at kernel space adding additional secure params
Some time ago I read an article that mentioned that it is possible for some ransomware to change the magic numbers of a file (that makes sense). However, the authors claimed that their method was better, because they calculated the entropy… Continue reading Why does some Ransomware encrypt also the file header and trailer?
If you use Shannon’s entropy as an indicator to distinguish between encrypted and legitimate files, then it will be difficult to make a distinction between encrypted and compressed files, as both have a relatively high entropy value.
How i… Continue reading Why does ransomware also encrypt the file signature? [closed]
Tiffanie: Hi, my name is Tiffanie Edwards, and I’m gonna be presenting the paper “BlockQuery: Toward Forensically Sound Cryptocurrency Investigation”.
So this is a little bit of background on the authors of this paper. Tyler Thomas is a … Continue reading BlockQuery: Toward Forensically Sound Cryptocurrency Investigation
What happens to the .pgp encrypted file after decryption. Does the encrypted file can again be decrypted??? Or is it a one time decryption.
Bruce Nikkel: …paper of the session is from Jens-Petter Sandvik and his colleagues at NTNU, and it’s on “Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS.”
Jens-Petter: Yeah. Thank you. So, I’… Continue reading Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS
Will it be possible for an app to read data in the background if it has media access permissions or even full storage access permission?
Assumptions:
Android 11 and above
Media and file storage permission (the highest permission)
App is fr… Continue reading Can apps access whatever data they want if they have the media or files permissions [closed]
I’m learning about linux hardening and I’m creating a sudoers file. My idea is to separate things. There will be a user to see log files, another that can sudo to manage system processes, another for network managements, and so on and so f… Continue reading Linux access control policies sudoers