I just recently to perform a forensic analysis on a compromised Microsoft Azure VM, and I’d like to share a couple of useful tips.
A good wiping tool is available in all Windows systems since Windows 2000
Recently, during a forensic analysis on a laptop of an employee charged with corporate espionage, I’ve carved from disk a suspicious Excel file.
Malware analysis and digital forensic analysis are processes that often needs the analyst to look into system memory.In this regard, a good analyst must have at least a base knowledge of Windows Memory Management.
How attackers can exploit Group Policy Preferences file in order to discover passwords?
And how SysAdmins can mitigate this vulnerability?