Some thoughts about Windows 10 “Timeline” forensics artifacts

Today i’ll talk you briefly about the Windows 10 “Timeline“: a feature that can come in handy during a forensic analysis.
How to access it and how to analyze it?

Continue reading “Some thoughts about Windows 10 “Timeline” forensics artifacts”

Also Node.js has been used to perform a Living off the Land (LotL) attack

Researchers from Cisco Talos recently discovered a new malware loader being used to deliver and infect systems using NodeJS as well as the legitimate open-source utility WinDivert.

Continue reading “Also Node.js has been used to perform a Living off the Land (LotL) attack”