Digital Forensics

In order to minimize monetary and reputational damage in the event of a successful IT security attack, immediate and correct response measures, a comprehensive overview of the extent of the cyber attack, and a full clarification of the incident are indispensable.
The registered number of IT security incidents as a result of the rapid development of new and adapted cyber attack methods is worrying - and can sometimes have serious financial consequences as well as reputational damage for companies.
We will first begin at the entry point of this RAT and analyze its executed code before we jump into all possible modules this RAT possesses.
According to Malware Bazaar, samples have been distributed since around mid-January. The final payload is a .NET RAT, which allows the attacker to send commands to the infected system.
This article is intended to provide a deeper insight into the important topic of reporting obligations in the event of an IT security incident.
In order to protect one's own company against phishing, awareness must first and foremost be created among employees. This can be done through workshops, phishing simulation or company policies.
In this article, we will look at artifacts that should always be collected during an incident on a Windows-based system to get the best possible picture of what happened.
Having previously made a name for itself on the criminal scene by attacking major companies such as Quanta Computer and Invernergy, REvil's latest attack on software company Kaseya and its update service is believed to have affected several hundred companies worldwide.
In the event of an attack, companies should take appropriate countermeasures with professional help. The tool of choice here is Digital Forensics & Incident Response (DFIR).
In addition to the expected IOCs for the ProxyLogon/Hafnium vulnerability, our analysis identified one IOC of another vulnerability.
Cookie Consent with Real Cookie Banner