Posts Tagged ‘windows 10 forensics’

Earlier, Phill More wrote posts about checking the behavior of the program using code. Firefox is used as an example in a previous publication. Dan Pulega decided to sort out the issue, which was published by Phill. Dan needed to find the source code and compile the executable file to start testing. There are many ways to find the extracted source code, it is used by AstroGrep. You can see the test results in this article, how one of many aspects of Firefox works.

Jeremy Scott decided to conduct a memory analysis using a completely open collection of tools called “Volatility.” We will be able to follow it step by step in this blog. Jeremy will try to answer some simple questions in an attempt to identify malicious code. Since memory analysis is extremely important for responding to incidents, and it can help identify malicious code and explain how the pattern was used in a suspicious system.

Unfortunately, it is almost impossible to avoid infecting a computer with malware. All antivirus software skips a significant percentage of malware. Roger A Grimes wrote an article in which he describes 9 simple steps to detect infection by malware. Some malware can avoid this type of detection, although this is rare at the moment. Rojder advises the avoidance of infection to keep your software completely corrected. Finally, do not share passwords between different sites-or use two-factor authentication-and you’ll be the best security advocate.

The virus-encryptor, known as Bad Rabbit, attacked tens of thousands of computers in some countries. The Bad Rabbit virus is aimed primarily at corporate clients and government agencies.First of all it encrypts files on the user’s computer, and then replaces the master boot record (Master Boot Record). Then the virus reboots the computer and a message appears on the screen about the redemption.