Do you remember this post about Kazakhstan government attempts to deploy a root certificate in order to start a spying campaign of citizen’s HTTPS traffic?
When you start analyzing a Linux memory dump using volatility, the first problem you may need to face is choosing the correct memory profile.
An interesting article by Luca Bongiorni explains how to create a remote controlled HID injector cable using some simple hardware components easily purchased on online stores (with less then 10$)
The vulnerability resides in the way devices choose an entropy value for encryption keys while establishing a connection: an attacker in close proximity to the victim’s device could intercept or manipulate encrypted Bluetooth traffic between two paired devices.
OS X is, in effect, a *nix based system. Therefore the forensic image acquisition processes are very similar to those used on Linux systems.Today I’d like to share my personal acquisition workflow for Apple Mac systems, suitable for OSX before 10.11 (El Capitan) or any OSX version with SIP disabled.