Podcasts about srum

SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received network data. https://isc.sans.edu/diary/SRUM-DUMP%20Version%203%3A%20Uncovering%20Malware%20Activity%20in%20Forensics/31896 Novel Universal Bypass For All Major LLMS Hidden Layer discovered a new prompt injection technique that bypasses security constraints in large language models. The technique uses an XML formatted prequel for a prompt, which appears to the LLM as a policy file. This Policy Puppetry can be used to rewrite some of the security policies configured for LLMs. Unlike other techniques, this technique works across multiple LLMs without changing the policy. https://hiddenlayer.com/innovation-hub/novel-universal-bypass-for-all-major-llms/ CHOICEJACKING: Compromising Mobile Devices through Malicious Chargers like a Decade ago The old Juice Jacking is back, at least if you do not run the latest version of Android or iOS. This issue may allow a malicious USB device, particularly a USB charger, to take control of a device connected to it. https://pure.tugraz.at/ws/portalfiles/portal/89650227/Final_Paper_Usenix.pdf SANS @RSA: https://www.sans.org/mlp/rsac/

This week, we're exploring the System Resource Usage Monitor (SRUM) – a powerful source of forensic data within Windows operating systems. First introduced...

This week I break down the Windows System Resource Usage Monitor from a DFIR point of view.

This week I'm talking about SRUM, a Windows artifact that you don't hear that much about. It has a lot of great potential as evidence and it is something worth the time to check it out and see how it fits into your daily DFIR work.

WISP.org donation page: https://wisporg.z2systems.com/np/clients/wisporg/donation.jsp Mick Douglas (@bettersafetynet on Twitter) Powercat: https://github.com/besimorhino/powercat Netcat in a powershell environment https://blog.rapid7.com/2018/09/27/the-powershell-boogeyman-how-to-defend-against-malicious-powershell-attacks/ https://www.hackingarticles.in/powercat-a-powershell-netcat/ Defenses against powercat?  LolBins: https://www.cynet.com/blog/what-are-lolbins-and-how-do-attackers-use-them-in-fileless-attacks/ Sigma ruleset: https://www.nextron-systems.com/2018/02/10/write-sigma-rules/#:~:text=Sigma%20is%20an%20open%20standard,grep%20on%20the%20command%20line. ElasticSearch bought Endgame; https://www.elastic.co/about/press/elastic-announces-intent-to-acquire-endgame https://krebsonsecurity.com/2020/07/thinking-of-a-cybersecurity-career-read-this/ Twitter DM to @bettersafetynet:Hey... I wanna talk about @hrbrmstr's tweet on the show tonight as well... https://twitter.com/hrbrmstr/status/1287442304593276929 My thinking is if Cisco and others didn't try to intentionally downplay vulnerabilities by announcing them on a Friday, would we be more likely to patch sooner? Also, greater need for testing of patches to ensure that 80% of your workforce rely on that technology now. What's worse? Patching on a Friday evening (after several hours explaining the vuln to a manager), and then having it fuck something up so you're up at crack of dawn Monday troubleshooting something missed Friday night because testing was rushed/not conducted because the CEO can't access email? I have thoughts, I've added this to the show note google doc. https://www.reddit.com/r/netsec/comments/hwaj6f/nmap_script_fot_cve20203452/  -- nmap PoC script? Embargoed vulns… Getting management buy-in to patch 

Recientemente una administración pública me consultó para impartirles algunos cursos de Srum. Después de descubrir lo que realmente querían, les propuse una alternativa mucho más rápida y barata

The podcast is back! This week, we had a great but time-constrained chat about one of the final student projects, and what some of us are up to now that we've graduated. More detailed episode notes to follow. These will include links to our picks, and information about React, Agile/SCRUM, Netlify, Heroku, Pomodoro. The Founders & Coders (FAC) podcast is aimed at anyone interested in hearing about what it's like to be on the course, web development in general, and/or the backgrounds and interests of the people taking it. Audio quality still a WIP :). OSCE Boss Key: http://oscebosskey.herokuapp.com Where to find us, and recommendations: Monika: - https://github.com/brymon - https://www.instagram.com/p/Bp06tgSATPT/ Dominic: - https://twitter.com/dominicdigital - https://www.npr.org/podcasts/510308/hidden-brain Eve: - https://www.meetup.com/LLHS-Ladies-of-London-Hacking-Society/ Nathalie: - https://twitter.com/njons - https://media.giphy.com/media/12UlfHpF05ielO/giphy.gif --- React: - https://thinkster.io/tutorials/what-exactly-is-react - https://medium.freecodecamp.org/learning-react-roadmap-from-scratch-to-advanced-bff7735531b6 Agile & Srum: - https://en.wikipedia.org/wiki/Agile_software_development - https://en.wikipedia.org/wiki/Scrum_(software_development) Netlify: - https://medium.com/the-codelog/how-to-deploy-a-website-to-netlify-35274f478144 Heroku: - https://www.heroku.com/ - https://codeburst.io/node-js-on-heroku-a-more-complete-tutorial-part-1-9e80cb071498 Pomodoro: - https://en.wikipedia.org/wiki/Pomodoro_Technique

Veronica Schmitt is the Sr. Digital Forensic Scientist for DFIRLABS. Veronica explains what SRUM is in WIndows 10. She explains how SRUM can be a valuable tool in Digital Forensics. Full Show Notes: https://wiki.securityweekly.com/Episode580 Follow us on Twitter: https://www.twitter.com/securityweekly

Veronica Schmitt is the Sr. Digital Forensic Scientist for DFIRLABS. Veronica explains what SRUM is in WIndows 10. She explains how SRUM can be a valuable tool in Digital Forensics. Full Show Notes: https://wiki.securityweekly.com/Episode580 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome Veronica Schmitt, Senior Digital Forensic Scientist for DFIRLABS! Veronica explains what SRUM is in Windows 10, and how SRUM can be a valuable tool in Digital Forensics! In the Technical Segment, we welcome Yossi Sassi, the Co-Founder and Cybersecurity Researcher at CyberArtSecurity.com and Advisory Board member at Javelin Networks! Yossi joins us to discuss using Windows Powershell, discussing DCSync, DCShadow, creative Event Log manipulation & thoughts about persistence! In the Security News, Fear of AI attacks, the FDA releases cybersecurity guidance, watch hackers steal a Tesla, serious D-Link router security flaw may never be patched, and California addresses default passwords! All that and more, on this episode of Paul's Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/Episode580 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Javelin Networks, Go To: www.javelin-networks.com   Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!! Follow us on Twitter: https://www.twitter.com/securityweekly ike us on Facebook: https://www.facebook.com/secweekly 

This week, we welcome Veronica Schmitt, Senior Digital Forensic Scientist for DFIRLABS! Veronica explains what SRUM is in Windows 10, and how SRUM can be a valuable tool in Digital Forensics! In the Technical Segment, we welcome Yossi Sassi, the Co-Founder and Cybersecurity Researcher at CyberArtSecurity.com and Advisory Board member at Javelin Networks! Yossi joins us to discuss using Windows Powershell, discussing DCSync, DCShadow, creative Event Log manipulation & thoughts about persistence! In the Security News, Fear of AI attacks, the FDA releases cybersecurity guidance, watch hackers steal a Tesla, serious D-Link router security flaw may never be patched, and California addresses default passwords! All that and more, on this episode of Paul's Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/Episode580 Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about Javelin Networks, Go To: www.javelin-networks.com   Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Michael Gough talking with us about his tool LOG-MD and his work.   We also go into SRUM again showing new data we can correlate within it.

This week I talk about SRUM, a windows artifact with some significant forensic value for both File Use & Knowledge investigations as well as Incident Response.

Forensic Lunch!This weeks guests:Andrew Case,@attrc, from the Volatility Project talking about Volatility 2.5, new plugins and the winners of this years Volatility Plugin ContestYogesh Kahtri, from Champlain, talking about SRUM forensics in Windows 8.1+. A truly amazing new artifact Matt and I talking about our new open source tool Elastic Handler

CyberSpeak is BACK and we hope to publish a monthly podcast (more if I'm lucky). This episode on CyberSpeak we briefly discuss possible implications to U.S. forensicators with the release of the Ashley Madison database (hopefully not). We also have a great interview with Yogesh Khatri, an assistant professor at Champlain College and a security researcher about the SRUM or System Resourse Usage Monitor forensic artifact. Website of the week: Has your email been Pwned? Check it out here -> Have I Been Pwned