|Preview eForensics Magazine 2021 11 Windows Logs and AWS Security.pdf|
this month, we present to you a magazine devoted to two basic subjects - Windows Logs and Registry, and AWS security. Our excellent authors have prepared for you a wide spectrum of articles related to the above-mentioned topics. You will learn what the Windows Registry is, what its structure looks like, and what methodology to use to make the most effective use of it in digital forensics. We will share with you the secrets of Windows Logs, including how to use them to verify a breach in network security. You will learn more about using sniffers, and tools such as Sysmon or SNARE to analyze information.
We'll also help you arrange your new home, and it's not a joke at all! This analogy will be used to present issues related to the security of the AWS cloud. You will find out how the cloud is constructed, what are its security levels, and how to effectively configure and use its functions to ensure the security of the data stored in it. These security features will be tested in the article about AWS cloud penetration testing. You will also learn how to conduct a forensic cloud analysis step by step.
But that's not all, because in the magazine you will also find:
- an innovative article on how to conduct a forensic analysis of agricultural equipment, including the methodology of work in such cases;
- a text devoted to automotive safety, which presents possible scenarios of attacks on car systems and software vulnerability detection tools;
- a text devoted to the most famous ransomware attacks against enterprises in recent times and their importance in the context of cyberterrorism.
Do not hesitate even a moment longer and immediately reach for this month's Magazine!
Check out our Table of Contents below for more information about each article (we included short leads for you).
We hope that you enjoy reading this issue! As always, huge thanks to all the authors, reviewers, to our amazing proofreaders, and of course you, our readers, for staying with us! :)
and the eForensics Magazine Editorial Team
TABLE OF CONTENTS
Windows Registry Analysis
by Daniele Giomo
The text concerns the forensic analysis of Windows registers. The author begins by explaining what the Windows registers are and then discusses their structure. Then he presents the methodology of using them for investigative work. The text shows step by step what should be done to carry out such an analysis, using a specific example, supplemented with visualization.
Ransomware Actors Have Crossed The Line Into Terrorism
by James (Jim) McCoy, Jr.
The text deals with ransomware attacks and their analysis in the context of cyberterrorism. The author not only refers to the creation of attacks but also refers to specific, very current cases in which ransomware was used against entrepreneurs. It also mentions the ties of such groups to the governments of certain countries. It also asks questions about how to counteract such attacks and then presents a list of specific actions that should be taken to protect your data.
Using Log Data To Identify Intruders And Prevent Future Cyber Attacks
by James (Jim) McCoy, Jr.
This article is about signatures that can be extracted from Windows logs to verify whether the ransomware attack was committed by the same entity. The author starts the text with the general usefulness of Windows logs and then goes on to present how "signature" should be understood. The next part of the text is devoted to the analysis of the use of Windows logs to identify intruders on the network. The author presents what data is contained in the logs and what are the most important identifiers for detecting network security breaches. The last part is devoted to the analysis of the so-called sniffers, specifically the SNORT tool. The author presents the main advantages and forms of using this tool to increase network security.
Uncovering The Truth - Increasing Transparency With Windows Event Logs
by Alexandra Hurtado
The text in the first part presents what Windows logs are, presents their usefulness and possible methods of obtaining data contained in them. Then the author goes on to present examples of the practical use of these logs. He mentions that the amount of data stored in them requires spending a lot of time on their analysis, therefore, in order to simplify the work and obtain the necessary data, he proposes the use of SIEM. Then it goes on to describe the tools that provide extended information about services performed on resources (Sysmon or SNARE). The last part of the text is devoted to the importance of network traffic for obtaining information about unauthorized access to an organization. The use of these methods and tools ensures the most effective use of Windows logs in obtaining data on breaches of the organization's security and ensuring its proper security.
Penetration Testing on Cloud Services (AWS)
by Sanjeev Verma and Deepanshu Khanna
The text is about cloud penetration testing. The author begins by describing what a cloud is and how it can be used. Then it analyzes AWS, presenting the importance of the website itself and its most important functions. It then conducts AWS cloud penetration testing, presenting the entire process step by step using screenshots. This tutorial will be useful for both beginners and advanced readers.
Making The Big Move: An AWS Security Guide
by Roland Gharfine
The text concerns the security of the AWS cloud. The author draws attention to the fact that when choosing a specific cloud solution, it is necessary to pay attention to details because when creating a specific solution, providers also adapt the security used to them. Then, the author presents, step by step, the most important points that have a significant impact on the security of data in the cloud. It starts with data migration, discusses specific protocols that are used for migration, i.e. DMS and SMS. The next fragment of the text is devoted to tips on the use of specific solutions proposed by AWS for the best possible data protection and configuration. The author also presents the three-tier architecture of the AWS cloud and discusses in detail how it affects data security. It also presents the importance of cloud access keys and AWS Security Hub.
Forensic Investigation Of Cloud Computing Systems
by Navjot Kaur, Yankee Dash, Gaurav Singh
The text deals with digital forensics in exams on data processing techniques. The author begins by introducing what is cloud computing and what its types are. Then it goes to the threat analysis and presents step by step how to conduct a forensic cloud analysis. It highlights the dimensions of such an investigation and then demonstrates the benefits of carrying out the entire process within the organization.
Developing A Digital Forensic Methodology To Acquire And Utilize Data From Farm Equipment
by Phillip Mondin and Douglas A. Orr, Ph.D.
The text concerns the acquisition of data from agricultural equipment. The authors point out that this is a subject that is poorly described in the literature. They present the most important producers of agricultural equipment from which it is possible to obtain data. Then the methodology for obtaining this data is presented so that the evidence obtained in this way can be used in investigative and judicial proceedings.
by Rahul Deshmukh
The article states that people rely more and more on technology to make their lives easier. For this reason, the automotive industry has been integrated with electronics. The author writes that advances in electronics, embedded systems have led to the ECU (electronic control units) operating and managing various control elements such as fuel level, distance to empty fuel, tire pressure, rearview camera, etc. These systems make life easier, but can also be a threat. They involve support for multiple interfaces that control steering, operate doors, music systems, accelerate, autonomous cars. Like any system, automotive electronics are controlled and operated by software, and any software or interface has vulnerabilities. When exploited by cybercriminals, these vulnerabilities hijack various systems in the automotive industry and can cause large-scale damage such as mass killing, vehicle tracking, vehicle remote control, and even risking the driver's life. The author presents possible scenarios of attacks on automotive systems and software vulnerability detection tools. He shows how to keep cars safe, and even mentions the planned regulations in this area.
Artificial Intelligence And Its Utility In Digital Forensics
by Prashant Sight
The text is devoted to the importance of artificial intelligence in forensic work. It begins with explaining what artificial intelligence is, what types of it are, and in what direction the development of this technology is going. Then the author shows what are the possible uses in forensic work. He also presents the ways in which he believes AI will facilitate digital forensic in the future.