Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft added the option to enable various forms of virtualization-based security (VBS), such as Credential Guard, Device Guard, Application Guard, and more. In the post you will learn which tools to use to overcome these new features.
-
Epochalypse: Utility to Convert Epoch Timestamps
Epochalypse utility by Pasquale Stirparo has been updated. Now it supports APFS timestamps… -
Forensic Analytics for Acquiring and Preserving Reliable Data from Cloud Hypervisors
Cloud computing is this decade’s major computing advancement. Many business enterpri… -
Using the Office 365 Activities API to Investigate Business Email Compromises
Business email compromises (BECs) are a big problem across a multitude of industries. Just…
Load More Related Articles
-
Linux Binary Poisoning Detection
In this post guys from Sandfly Security describe the process of detection poisoned Linux b… -
Malicious PowerShell in the Registry: Persistence
Mari DeGrazia continues her series of blogs about detecting and analysis of malicious Powe… -
Parsing APFS with Magnet AXIOM
Despite the fact APFS isn’t currently supported by AXIOM, the author of “The S…
Load More In How To
