forensic analysis

  1. VIDEO AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

    Original release date: March 18, 2021 Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following...
    • News
    • Thread
    • apt chirp cisa communication companion tool compromise forensic analysis forensics guidance incident response indicators of compromise malware network defense security siem solarwinds threat activity threat detection windows yara
    • Replies: 0
    • Forum: Security Alerts

  2. AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

    Original release date: March 3, 2021 Summary Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to execute...
    • News
    • Thread
    • active directory cve-2021-26855 cybersecurity exchange server forensic analysis incident response indicators of compromise malicious activity microsoft mitigations monitoring network security patches remote code execution security tactics threat intelligence user-agents vulnerabilities webshells
    • Replies: 0
    • Forum: Security Alerts
  3. C

    Windows 10 File path for Open Ports

    Is there a file path to find any open ports within Windows 10 machine? I opened the SSH port (port 22) using an Inbound Rule I created inside of Windows Defender Firewall with Advanced Security application Note: I am using Autopsy for Forensic Analysis testing purposes, so I just want to...
    • Cmann
    • Thread
    • autopsy configuration file path firewall forensic analysis inbound rule network open ports security ssh port windows 10 windows defender
    • Replies: 1
    • Forum: Windows Help and Support

  4. More Sony hack attacks; LulzSec goes after FBI affiliated site

    While Sony may have gotten its Playstation Network back online this week, other divisions of the Japanese business are still feeling hack attacks. The web site Naked Security reports that a hacker found his way into a data base at Sony Europe and took out "120 usernames, passwords (plain text)...
    • reghakr
    • Thread
    • atlanta cyber attacks cybersecurity data breach email addresses fbi forensic analysis hack hacking infragard lulzsec mobile numbers passwords personal info playstation privacy sony sql injection usernames web security
    • Replies: 1
    • Forum: The Water Cooler