Recently, researchers from Palo Alto Networks’ threat intelligence team Unit 42 have uncovered the first instance case of a cryptojacking worm that propagates via malicious Docker images.
Category: Cybersecurity
Two NTLM vulnerabilities may allow full AD domain compromise
On October 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1166 and CVE-2019-1338, two serious vulnerabilities that may leading to a full Active Directory domain compromise.
Venator: information gathering on OSX systems
Some weeks ago I’ve already written about information gathering on OSX systems, related to the forensic investigation process.
Watch out! A new vulnerability in WhatsApp for Android allows attackers to perform remote commands on devices
Security researcher Awakened has identified a vulnerability in the Android version of WhatsApp messaging app which could allow attackers to launch remote code execution attacks (with privilege elevation) on victims.
Some thoughts about Windows 10 “Timeline” forensics artifacts
Today i’ll talk you briefly about the Windows 10 “Timeline“: a feature that can come in handy during a forensic analysis. How to access it and how to analyze it?