Feds Seize $1B in Bitcoin from Silk Road
The illegal marketplace was hacked prior to it’s takedown — the IRS has now tracked down those stolen funds, it said. Continue reading Feds Seize $1B in Bitcoin from Silk Road
Category Archives: investigation
Keep your friends close; keep ransomware closer
“How to avoid being a ransomware victim?” is one of the main questions every single company and organization asks themselves every day. Unfortunately there is no silver bullet against that, but there are several good practices we can follow to minimize… Continue reading Keep your friends close; keep ransomware closer
Tracing fresh Ryuk campaigns itw
Ryuk is one of the most dangerous Ransomware families. It is (allegedly) run by a specialized cybercrime actor that during the last 2 years mainly focused on targeting enterprise environments. The amount of bitcoins demanded in their ransom attacks var… Continue reading Tracing fresh Ryuk campaigns itw
How to investigate (passively gather information) about a person? [closed]
What are the best OSINT sources and practices you guys use?
Continue reading How to investigate (passively gather information) about a person? [closed]
TikTok’s handling of child privacy gets another watchdog’s attention
Use of the kid-addicting, video-sharing app is exploding during lockdown, triggering yet another inquiry into how safe it is for young ones. Continue reading TikTok’s handling of child privacy gets another watchdog’s attention
Host Protected Area (HPA) Imaging
I’m a student in the Digital Forensics department. I have to create an image of the HPA of my disk. I searched whole documents about creating HPA image ways but all of them are old methods. For instance, The Sleuth Kit version 1.7.3 allows… Continue reading Host Protected Area (HPA) Imaging
Official VirusTotal Plugin for IDA Pro 7
ATTENTION: In order to use the content search functionality you will need to have access to VT Intelligence. If you want to jump straight ahead and install the plugin, please refer to its GitHub repository. VirusTotal is very excited to announce a beta… Continue reading Official VirusTotal Plugin for IDA Pro 7
LSASS Activity is Being Flagged as a Potentially Compromised Host – How should I investigate this?
We’ve recently been seeing new security events being flagged to the SOC for activity involving LSASS usage from the wmiprvse.exe process across multiple Windows servers. We’ve investigated the wmiprvse.exe process by reviewing the process … Continue reading LSASS Activity is Being Flagged as a Potentially Compromised Host – How should I investigate this?
What Is Your Favorite OSINT Tool?
In This Issue: “What is Your Favorite OSINT Tool?” Ryan MacDougall, an OSINT trainer and speaker on the topic, answers how and when to choose and use tools for an investigation.
The post What Is Your Favorite OSINT Tool? appeared first on Securi… Continue reading What Is Your Favorite OSINT Tool?
Local Scans initiated from a VLAN Broadcast IP address
Just reviewing some logs and I am seeing local scans to several local IP addresses on port 137 within my network. The source IP however is the broadcast IP of the VLAN (.255).
I have checked the logs and I can see the broadcast IP trying… Continue reading Local Scans initiated from a VLAN Broadcast IP address