One of the most critical factors that determine the success and efficacy of a digital forensic investigation is putting together the right temporal analysis of events. At a fundamental level, the Windows Timeline is nothing but putting the what and when together of the user’s activities on a Windows system. The Windows Timeline is an […]
Introduction With each passing day, the world is waking up to new global cybersecurity challenges. The latest one was unearthed this month. Move over SolarWinds, Microsoft Exchange vulnerabilities, and REvil ransomware. It is now time for Pegasus! Pegasus is spyware that aids in cyber-espionage developed by the NSO Group of Israel. Recent investigations reveal that […]
Note: This is a technical deep-dive into DearCry ransomware. If you want a preliminary analysis of the ransomware, you can find it here. The Network Intelligence team initiated a Static analysis of the ransomware sample we received. The team used a tool called PEstudio, which helps in the static analysis of executable files. Static Analysis […]
Note: We have also done a technical analysis on DearCry. Read here. It’s a warm summer morning. While sipping your morning coffee, you access the work email. But you’re unable to log in. After trying a few tricks you’ve read up in some tech blogs, you reach out to your IT team. They remote log-in […]
Data exfiltration is a common data theft technique and most feared cyber-attack. it is a data breach that happens when a company’s or an individual’s data is copied, retrieved, or transferred from a system. Detection of data exfiltration is quite difficult because to adequately block download/upload of data to malicious applications without restricting access to […]
Few months back, I had the opportunity to conduct two workshops at BSidesDelhi and CSI Mumbai on the above topic. Both sessions were great experiences and allowed me to see the growing interest among the information security folks for the opensource ELK stack. Those who know me personally or follow me on social media (Twitter/Linkedin) […]
ELK Stack is a collection of three components – Elasticsearch, Logstash & Kibana Logstash – This component is responsible for processing incoming data. It takes input from different sources, executes different transformations and stores the results in Elasticsearch or other formats Elasticsearch – NoSQL database based on Apache Lucene’s search engine. Kibana – Web […]
INTRODUCTION Point-of-sale (POS) is the place where a retail transaction is completed. It is the point at which a customer makes a payment to the merchant in exchange for goods or services. Majority of retail POS systems also include a debit/credit card reader. POINT-OF-SALE INTRUSIONS What is it? When attackers compromise the computers and servers […]
Introduction Android is an open source operating system based on the Linux kernel, initially developed by Android Inc., which Google bought in 2005. Initially, Android was developed to support touch screen devices like smartphones. These devices support different types of screen locks, like swipe lock, PIN lock, pattern lock, gesture lock, facial lock, etc. Swipe […]
Introduction Digital forensics methods are often used to uncover evidence from electronic devices to get information and verify validity of insurance claims. This is crucial in order to establish arson, insurance fraud, wrongful death, etc. These methods and techniques greatly assist insurance investigators in uncovering any digital evidence which could be accessible, password-protected, recently deleted, […]
