Inside the Cryptolocker C&C server

Download
File
eForensics_12_2014.pdf
eForensics_12_2014.epub

1. Inside the Cryptolocker C&C server

by Davide Cioccia and Senad Aruch
CryptoLocker was a ransomware trojan which targeted computers running Microsoft Windows and was first observed by Dell SecureWorks in September 2013. CryptoLocker propagated via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. 
2. Predicting The Next Wave Attacks: How Behavioural Models Might Augment Current Threat Analysis Techniques

by Anthony Caldwell and Ronan Dunne

It is our social need for more interconnectedness, for education, for financial and business transactions which has led to the explosive growth in the number of users online, indeed recent statistics suggest that   approximately one-third of the global population now uses the Internet (Internet Live Stats, 2014). Concordantly, the opportunities for the hacker to expose a private citizen or indeed a corporate entity to risk have also grow.

 
3. Operational Level of Defense
by Filip Nowak

Security operations is subject to constraints, limitations and constant task reprioritization. This is especially true when developing Security Operations Center (SOC), shifting between initial levels of maturity and finding out what really slows down the effectiveness of the primary objectives. There is a common belief, that the technology and the “new version of software” will solve all such issues once and for all, closing the dilemma between security capabilities and processing power. The next generation of a security appliance may address some types of new emerging threats and defense methodology appears to be a game changer.

 
4. Attack Vector

by Amit Kumar Sharma

The thing that was the most important in this definition that attracted me was the mention of Human element which involves the use of Social Engineering and utilizing the people involved in the Defense system of any Organization to break into them which is easier than breaking into the networks of the target.
5. From Crime Scene to Courtroom: Collaboration Adds Precision to the Investigation Process
by Dr. Jim Kent, Global Head of Investigations and Cybersecurity, Nuix
 

The digital forensics profession is in the midst of a rapid evolution. The growing volume of digital evidence from an increasingly diverse and escalating number of data sources is forcing the digital forensics community to change the way it conducts investigations.


6. Understanding SIM Card Forensics
by Rohit Shaw

The SIM (subscriber identity module) is a fundamental component of cellular phones. It’s also known as an integrated circuit card (ICC), which is a microcontroller-based access module. It is a physical entity and can be either a subscriber identity module (SIM) or a universal integrated circuit card (UICC). A SIM can be removed from a cellular handset and inserted into another; it allows users to port identity, personal information, and service between devices. All cell phones are expected to incorporate some type of identity module eventually, in part because of this useful property.


7. Sql Server Performance Counters – PowerShell
by Chris Kitchen
The purpose of this article is to discuss at a high level a simple PowerShell application which collects useful Windows Performance Monitor Counters for highlighting potential performance issues.  The article then goes on to discuss each of the counters in greater detail along with range values to look for.
 

8. Sql Server Data Encryption & Access

by Chris Kitchen

The purpose of this article is to discuss at a high level, some of the available options for encrypting and restricting access to data held within a Sql Server database. It describes a number of available options and also looks at some of the advantages and limitations of each from a technical perspective.

9. Towards a Secure Next Generation PPDR Communication: SALUS Approach
by S.L.P. Yasakethu, O.Adigun and C. Politis
 

A secure communication network that is backward compatible with legacy communication and new 4G technologies that supports reliable and robust transmission of broadband data is necessary to deliver a next generation services for Public Protection and Disaster Relief agencies (PPDR). This paper describes an intrusion detection approach to strengthen the security procedures in PPDR systems as envisaged in the new EU FP7 project SALUS. The project aims to achieve the above goal by covering the full techno-economic scope regarding development and deployment of this next generation of communication networks for PPDR. PPDR architecture and reference scenarios related to the research project are also discussed in the paper. The development of such a framework will improve the European next-generation communications network strategies for PPDR agencies.


Download
File
eForensics_12_2014.pdf
eForensics_12_2014.epub

July 30, 2021
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023