Find out what happened during a ransomware attack on computer
Introduction The encryption pandemic has swept the world. No commercial companies or government organizations can consider t…
Introduction The encryption pandemic has swept the world. No commercial companies or government organizations can consider t…
Modern digital forensics and incident response cases may involve quite different types of devices. The variety of electronic…
David Cowen’s Sunday Funday is back, so why not to take part in this fun? Last Sunday’s challenge was to look at…
Forensicating one of compromised hosts during our recent incident response activities we have found some interesting artifac…
Igor Mikhailov is a digital forensic analyst of the digital forensic laboratory at Group-IB and the picture below shows how …
Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the t…
As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we are going to discuss another pers…
First of all, I would like to thank all of those who liked and retweeted the previous article from this series, BITS Jobs (T…
If you are doing incident response, you must know what MITRE ATT&CK is. As it’s a great guide to threat actors tac…
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space, Volume Shadow Copies, carve them…
Login