Security Ripcord
Associations
State of the Internet
Security Bloggers Network
Archive for February, 2010
ITB Issue 0×1 – Call For Collaboration
Sunday, February 7th, 2010 Posted in Incident Response, Into The Boxes, forensics | 2,025 views No Comments »
The success of Into The Boxes Issue 0x0 was only possible because of the collaboration provided by members of the Digital Forensics and Incident Response community. In order for this ... Read more..APT-style Manual Compromise Viewed Via Timeline Analysis
Friday, February 5th, 2010 Posted in Incident Response, Security, forensics | 2,147 views No Comments »
Most of the time the initial infection vector associated with APT-style attacks incorporate the client-side exploitation of vulnerabilities in any number of software. Actually, when dealing with APT-style events I ... Read more..Hydraq Details Revealed Via Timeline Analysis
Friday, February 5th, 2010 Posted in Incident Response, Security, forensics | 2,159 views No Comments »
The other day I was handed a system that was known to be compromised with Hydraq. The goals were to determine when, how, and what happened after the compromise. Locating ... Read more..PreFetch EnScript and SysComboTLN Update
Monday, February 1st, 2010 Posted in Incident Response, Security | 1,808 views No Comments »
System Combo Timeline has been updated. If you use syscombotln you will want to get this new version as there is an important bug fix. I have also updated regtln.pl ... Read more..