Background:
A few days ago, UNIT42 reported tracking an active phishing campaign targeting Roblox game players, which is hugely popular worldwide. In a previous article, I covered the broader threats [...] Read more
Background:
Over the years, the tactics, techniques, and procedures (TTPs) of attackers have evolved significantly. Recently, APT groups have used new methods that have also been adopted by average [...] Read more
Background:
In my previous article, I covered, at a high level, all the necessary actions required to prepare for volatile memory dumping in the case of a cybersecurity incident. This process is [...] Read more
Background:
In a previous article, I discussed the high-level preparations needed to acquire an image of a machine requiring forensic analysis. However, have you considered the caveats related to [...] Read more
Background:
Each action we perform in the Windows UI layer involves loading DLLs that contain various hooks. Hooks are similar to backend APIs, enabling us to achieve specific results. Through [...] Read more
Background:
During our daily activities, we leave digital traces of our presence on various platforms that are protected by legal and compliance measures. However, have you ever considered the [...] Read more
Background:
There are situations when developers and non-technical users encounter tasks that require simple solutions. Instead of handling everything on their own, they often rely on ready-made [...] Read more
Background:
In contrast to classic logging systems that preserve on-premises data, cloud systems require some familiarity with the components provided by cloud vendors. To prepare for cloud [...] Read more
Background:
In our previous article, we discussed the preparation needed for the "log collection" stage of incident response, which is essential for the "analysis" stage. We covered how to prepare [...] Read more
Background:
During incident response, one often encounters situations requiring the acquisition of logs for forensic analysis to assess the impact of an incident. There are three primary methods for [...] Read more
![Preparing and Building Forensic Tools for Volatile Memory Acquisition: Techniques and Best Practices [ Part 2.5 ]](https://threat.boutique/content/images/20241027102351-Designer (1).jpeg)
![Building a Forensic USB Drive: Tools and Techniques for Imaging [ PART 1.5 ]](https://threat.boutique/content/images/20241019113239-Designer (3).jpeg)
.jpeg)
![Forensic Analysis Preparation: Preserving Logs in Windows Cloud Environments [ PART 3 ]](https://threat.boutique/content/images/20240921100458-Designer (1).jpeg)
![Forensic Analysis Preparation for Windows Operating Systems in Incident Response: Utilizing Volatility for Memory Analysis [ PART 2 ]](https://threat.boutique/content/images/20240914154544-Designer.jpeg)
![Forensic Analysis Preparation of Windows Operating Systems in Incident Response [ PART 1 ]](https://threat.boutique/content/images/20240907155448-Designer (1).jpeg)