Digital Forensics Analysis

Mon
01
Aug

Forensic Analysis of Mac OS X - Incident Responder View

Forensic Analysis of Mac OS X - Incident Responder View

Over the years, Mac users considered anti-virus is unnecessary as they have enjoyed the benefit of being less vulnerable to malware attacks than Windows users. This “myth” lead to proliferation of systems running Mac OS X in major corporations, web design, and marketing companies. But the malware such as WireLurker, distributed through trojanized / repackaged OS X applications had disproved this notion and resulted in the need for OS X incident response.

This article discusses about collecting important volatile information using basic bash commands and to collect volatile memory (RAM) from Mac systems using open source tool called “osxpmem. Below mentioned commands and procedures can be used to collect and preserve relevant artifacts for a malware investigation.

To explore the full article, please open the attached pdf file.

Mon
14
Sep

Are you Prepared for Incident Response?

Are you Prepared for Incident Response?

Tools Are Weapons – Only If Configured Properly

Forensic Readiness Assessment

Introduction:

                Every corporate is a victim of direct or indirect information security threat that happens around them it may be a corporate espionage, financial fraud, insider threat, ipr issues and many more for any of these threats the end target is your digital data. Protecting them most advanced techniques like encryption and all will protect the data but is that data stored and can it be retrieved whenever required safely by experts. Now-a-days most of the corporates is undergoing in investigating the threat happened, but the time and cost that they keep in investigation is more. To help to complete investigation more effectively in reduced time with reduced cost Forensic Readiness Assessment can be implemented.

Objective:

Sun
16
Aug

Digital Forensic analysis of malware infected machine – Case study

Digital Forensic analysis of malware infected machine – Case study

Internet banking has created a convenient way for us to handle our business without leaving our home. Man-in-the-browser, a form of security threat in which proxy Trojan infects a web browser by taking advantage of vulnerabilities in browser security and modifies web pages, transaction content or insert additional transactions, all in a completely covert fashion invisible to user and web application host. Carberp, Silent banker, SpyEye, Zeus are the most important man–in-the browser Trojan’s developed targeting banking & financial industry. Zeus, nick named “the king of banking Trojan” and first known piece of Malware sold via license till 2011, entered the malware scene in 2007. Zeus can infect windows PC’s having IE, Firefox browsers. The mobile variant called ZitMo (Zeus in the mobile) entered the market in 2012 have the ability to infect  Windows, Android, Symbian, BlackBerry OS and defeats  SMS-based banking “out of band” two-factor authentication.

Pages

Subscribe to RSS - Digital Forensics Analysis