Cybersecurity | So Long, and Thanks for All the Fish

How to read Windows Hibernation file (hiberfil.sys) to extract forensic data?

Posted on May 15, 2019May 8, 2019 by Andrea Fortuna

The #hibernation file (hiberfil.sys) is the file used by default by #Microsoft #Windows to save the machine’s state as part of the hibernation process. #dfir #cybersecurity #volatility

Glenn Greenwald: Why privacy matters

Posted on April 26, 2019April 18, 2019 by Andrea Fortuna

This TED Talk by Glenn Greenwald is really inspiring. Glenn Greenwald was one of the first reporters to see the Edward Snowden files, with their revelations about the United States’ extensive surveillance of private citizens. Hits: 41

How to mount a Azure’s VHD disk image on Linux

Posted on April 24, 2019March 8, 2019 by Andrea Fortuna

I just recently to perform a forensic analysis on a compromised Microsoft Azure VM, and I’d like to share a couple of useful tips. Hits: 123

How to extract forensic artifacts from pagefile.sys?

Posted on April 17, 2019May 7, 2019 by Andrea Fortuna

Microsoft Windows uses a paging file, called pagefile.sys, to store page-size blocks of memory that do not current fit into physical memory. This file, stored in %SystemDrive%\pagefile.sys is a hidden system file and it can never be read or accessed by a user, including Administrator. Hits: 3139

Julian Assange’s arrest: some hightlights

Posted on April 12, 2019April 12, 2019 by Andrea Fortuna

A famous activist, appreciated award-winning journalist author of great journalistic scoops, was dragged out of an embassy and arrested.No, it didn’t happen in a dictatorial state, it happen in London. Hits: 80

Older posts →