brimorlabsblog.com
BriMor Labs: Teslacrypt vs open source tools
http://www.brimorlabsblog.com/2015/03/telsacrypt-vs-open-source-tools.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Friday, March 20, 2015. Teslacrypt vs open source tools. Today's blog post is going to cover a new "variant" of ransomware that has been deemed "Teslacrypt", which was highlighted in a fairly detailed post by Vadim Kotov from Bromium Labs. If you would like to dig into them on your own! The processes created by Teslacrypt2...
ghettoforensics.com
Ghetto Forensics: Malware with No Strings Attached Part 1 - Dynamic Analysis
http://www.ghettoforensics.com/2014/02/malware-with-no-strings-attached.html
Digital Forensics, Incident Response, Malware Analysis, and Python coding on the cheap. Malware with No Strings Attached Part 1 - Dynamic Analysis. I had the honor of lecturing for Champlain College's graduate level Malware Analysis course this week. One of the aspects of the lecture was showing off dynamic analysis with my Noriben script and some of the indicators I would look for when running malware. With a free registered account. There are multiple levels of complexity to this sample, too much for a...
brimorlabsblog.com
BriMor Labs: April 2014
http://www.brimorlabsblog.com/2014_04_01_archive.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Tuesday, April 22, 2014. You don't know where that device has been. COMMENT: I did this on my own live system, but the exact same method applies while digging into your traditional "dead-box" system). System.evtx Event ID 6100. WiGLE results for "WYHP4". WiGLE results for "4ZNNF". A couple more thoughts to consider as well:.
brimorlabsblog.com
BriMor Labs: February 2015
http://www.brimorlabsblog.com/2015_02_01_archive.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Thursday, February 26, 2015. Today's blog post deals with a phishing email that was sent to my Yahoo! Email address that I received two days ago, allegedly from DHL. Interestingly enough the Symantec web filtering that Yahoo! Uses, but I would love to know more about how. It works if anyone has a contact at Yahoo! Looking ...
brimorlabsblog.com
BriMor Labs: And you get a POS malware name...and you get a POS malware name....and you get a POS malware name....
http://www.brimorlabsblog.com/2015/03/and-you-get-pos-malware-nameand-you-get.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Wednesday, March 4, 2015. And you get a POS malware name.and you get a POS malware name.and you get a POS malware name. This morning I woke up to find Trend Micro/Trend Labs had a new post on an " old undetected PoS malware. Wnhelp as seen in PEStudio 8.46. Example of "track" data collected in perfb419.dat. Back in 2013, t...
brimorlabsblog.com
BriMor Labs: April 2015
http://www.brimorlabsblog.com/2015_04_01_archive.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Monday, April 13, 2015. Live Response Collection slides from Bsides Charm. Http:/ www.slideshare.net/BriMorLabs/live-response-collection-overview. Subscribe to: Posts (Atom). Live Response Collection slides from Bsides Charm. BSides Los Angeles - Experience and Slides. Quicklook thumbnails.data parser. Castles in the Sky.
brimorlabsblog.com
BriMor Labs: September 2014
http://www.brimorlabsblog.com/2014_09_01_archive.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Monday, September 8, 2014. Spending $ $ on hardware won't fix the problem.you first have to understand what the problem is. A single solution will NOT stop your organization from being targeted. Scenario using Goodwill data breach malware. During a period from February 10, 2013 through August 14, 2014. In an attempt to rep...
brimorlabsblog.com
BriMor Labs: Live Response Collection slides from Bsides Charm
http://www.brimorlabsblog.com/2015/04/live-response-collection-slides-from.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Monday, April 13, 2015. Live Response Collection slides from Bsides Charm. Http:/ www.slideshare.net/BriMorLabs/live-response-collection-overview. Subscribe to: Post Comments (Atom). Live Response Collection slides from Bsides Charm. BSides Los Angeles - Experience and Slides. Quicklook thumbnails.data parser.
brimorlabsblog.com
BriMor Labs: January 2015
http://www.brimorlabsblog.com/2015_01_01_archive.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Friday, January 30, 2015. GUI, Logging, Compression, and Encryption - Updates to the Live Response Collection! Change 1: A GUI. The Windows Live Response Collection now has a GUI! Change 2: "Secure" options. Change 3: Logging options. File Hashes and Processing Details in the folder. Updated: January 12, 2016. The fine fol...
SOCIAL ENGAGEMENT