Digital Forensics & Cyber Security Blog
Digital Forensics & Cyber Security Blog
A 17-year-old critical vulnerability discovered in Windows Server
Security researchers from Check Point Research discovered a critical vulnerability in DNS Server component of Windows Server, which affects every version of Windows Server released in the past 17 years and allows an attacker to fully compromise a system. The vulnerability, identified as CVE-2020-1350 and named SigRed, belongs to remote [...]
Where is that Dongle?
Where is your dongle? That was one of the first questions asked by a student when I was teaching my first FTK training course back in 2001. I had no idea what he was asking. Later I learned we had to have a "security" or dongle to help prevent folks [...]
Snake ransomware poses unique danger to industrial systems
While ransomware continues to be a major threat to enterprise IT environments around the world, a new family of ransomware poses a unique danger to companies with industrial control systems. Snake, also known as Ekans ("snake" spelled backward), follows the classic ransomware formula of encrypting most files on the target [...]
DOD’s Cybersecurity Maturity Model Certification
In January, the U.S. Department of Defense released the Cybersecurity Maturity Model Certification requirements, outlining new cybersecurity stipulations for DOD contractors. There is no deadline for compliance with this new standard, but defense contractors should expect to see its specifications incorporated into new DOD contract bid requirements. Abbreviated CMMC, the [...]
Microsoft fixes Windows Codecs flaws
Microsoft released two out-of-band security patches to address remote code execution vulnerabilities affecting Windows 10 Codecs Library, weeks ahead of the next Patch Tuesday when the company typically releases updates. The first codecs vulnerability, disclosed as CVE-2020-1425, was rated critical. If an attacker successfully exploited the flaw, they "could obtain [...]
Top Five Free Digital Forensics Examiner Tools – June 2020
As we reach the mid-way point of 2020 and the curious, crazy, and covid-19 world we live in - I thought it is time to rank the top five or best "free" tools for digital forensic examiners. For the past 20-years many tools have come and gone in the digital [...]
Recover lost files on Windows 10
Windows File Recovery Currently available for Windows 10 2004 and above. Accidentally deleted an important file? Wiped clean your hard drive? Unsure of what to do with corrupted data? Windows File Recovery can help recover your personal data. For photos, documents, videos and more, Windows File Recovery supports many file [...]
Macs to run on Apple silicon, leaving Intel behind
At the Worldwide Developer Conference, Apple announced that future Macs will use ARM processors developed in-house -- "Apple silicon" -- and not the Intel Core-series CPUs on which they're presently based. During Tuesday's keynote, Apple executives -- including CEO Tim Cook and Craig Federighi, senior vice president of software engineering -- said [...]
Malware, Unwanted Spam, Phishing and Cyber Resiliency Services
What are you doing about unwanted visitors in your cyber world? Are you finding that SPAM and Malware, Ransomware, and other cyber phishing is just growing and getting out of hand? It is ugly. It isn't pretty. How are you getting your Digital Protection Programs to work? Seems that this [...]
Massive Spying Campaign Affects Google Chrome Users
In February of this year, Google removed over 500 malicious plugins from the Chrome store which stole data from nearly 1.7 million users. While the tech-giant announced they have since taken several steps to improve the browser’s privacy and security protections, it is evident that malicious Chrome extensions remain a persistent [...]