NetworkingNexus.net

Forensics Challenge for CSIRT Team – Part 2 Solution

The goal of the tutorial is to provide a solution to the forensic challenge game that I created for testing forensic skills of CSIRT team. Please be careful and run a suspicious binary file located inside a provided virtual machine only in a secured environment in order to avoid unwanted damage or loss.

As you can notice, some files are being encrypted right after boot of a virtual machine. All these files have suffix .enc001. You can easily located them with the command:

$ find / -name "*.enc001" -type f 2>/dev/null

There is also a file named encryption_warning.txt located in a home directory of an actual user and it contains a following warning message.
*** Your files have been encrypted! ***
*** To decrypt them, run '/usr/local/bin/ls %1a%your_decryption_key ***

Without any doubts a utility ls is not a cryptography tool so it is a good place where we can start our investigation. The command /usr/local/bin/ls -la shows files in a actual directory.

ubuntu@ubuntu:~$ /usr/local/bin/ls -la

Picture1-ls_Command_Existing_File

Picture 1 - Content of Actual Directory

The output looks good. But what does happen if we display a non-existing file kdkdkdkdk?

ubuntu@ubuntu:~$ /usr/local/bin/ls kdkdkdkdk

Picture2-ls_Command_Non-Existing_File

Picture 2 - Two Error Messages

They are two interesting facts shown in the output of the command /usr/local/bin/ls . Firstly, two Continue reading

Raspberry Pi 3 gets the Windows 10 anniversary update

After Microsoft released an anniversary update of Windows 10 for PCs, a version is now available for the popular Raspberry Pi 3 developer board.The Anniversary Update is for Windows 10 IoT Core, a slimmed-down version of the OS for Raspberry Pi 3 and other developer boards. Users develop gadgets, robots, drones, and other smart devices with Raspberry Pi 3.The update has new features, as well as performance and application-support improvements, Microsoft said. It also provides an easier installation experience.Beyond Raspberry Pi 3, the Anniversary Update will also work with the MinnowMax, Raspberry Pi 2, and DragonBoard 410c developer boards.To read this article in full or to leave a comment, please click here

Google education guru: Classroom laptop bans make no sense

Google Chief Education Evangelist Jaime Casap’s oldest daughter scored a full ride to college on a swimming scholarship but she only lasted one semester out of frustration with the lack of technology at the school. She had been used to taking notes on her laptop in high school, for example, but was told she couldn’t bring her device into the college classroom. “I’ve been in education for 10 years and I remember talking to CIOs at universities saying technology is not a differentiator for their schools…that students don’t pick schools based on their technology,” says Casap, an adjunct lecturer in innovation at Arizona State University, where his daughter wound up attending and graduating from. “I can tell you that’s starting to change.”To read this article in full or to leave a comment, please click here

Qualcomm up in arms over LTE-U testing framework

The announcement this week of a final testing protocol aimed at discovering, once and for all, whether LTE-U technology can coexist peacefully with existing Wi-Fi networks has the LTE-U camp up in arms, as Qualcomm issued a thunderous denunciation of the Wi-Fi Alliance’s framework. The plan, said Qualcomm senior vice president for government affairs Dean Brenner, is heavily biased against LTE-U and offers no real opportunity to demonstrate the technology’s ability to work harmoniously alongside Wi-Fi networks. +ALSO ON NETWORK WORLD: Wi-Fi, LTE-U enter new phase of coexistence debate + LTE-U: A quick explainerTo read this article in full or to leave a comment, please click here

Qualcomm up in arms over LTE-U testing framework

34% off Go Cubes Chewable Coffee – Deal Alert

Successfully funded on Indiegogo, Go Cubes are a more creative way to get your fix. They're made with real cold-brewed coffee -- the equivalent of 1/2 cup (50mg) in each chewable cube. They're also crafted with precise amounts of other safe, effective supplements that improve the caffeine intake for enhanced focus & clarity, so you can get the most out of your day. They come in 3 flavors, and with this particular deal you get a box of 20 four-packs (80 cubes) in assorted flavors for $39. That's 34% off the typical list price of $59. If you love coffee, and the idea of "mocha", "drip" and "latte" flavored gummy cubes makes your mouth water, then this deal is right up your alley. See the discounted Go Cubes now on Amazon.To read this article in full or to leave a comment, please click here

Worth Reading: Real world security and the Internet of Things

Right now, the only way to patch most home routers is to throw them away and buy new ones. And the security that comes from replacing your computer and phone every few years won’t work with your refrigerator and thermostat: on the average, you replace the former every 15 years, and the latter approximately never. A recent Princeton survey found 500,000 insecure devices on the Internet. That number is about to explode. —Schneier on Security

The post Worth Reading: Real world security and the Internet of Things appeared first on 'net work.

Making The Case For Big Xeon Iron

The two-socket Xeon server has been the default workhorse machine in the datacenter for so long and to such a great extent that using anything else almost looks aberrant. But there are occasions where a fatter machine makes sense based on the applications under consideration and the specific economics of the hardware and software supporting those applications.

All things being equal, of course companies would want to buy the most powerful machines they can, and indeed, Intel has said time and time again that customers are continuing to buy up the Xeon stack within the Xeon D, Xeon E5, and …

Making The Case For Big Xeon Iron was written by Timothy Prickett Morgan at The Next Platform.

Why some risk assessments fail

At the Black Hat conference in Las Vegas, CSO’s Steve Ragan chats with Itzik Kotler, CTO and co-founder of SafeBreach, about why many companies end up failing in their security risk assessments, as well as how some companies are tackling these failures to improve their overall security.

Tablets continue to fall out of favor

If you think PC sales are in the toilet, you should look at what's happening in the tablet world. For the second quarter in a row, sales are down by double digits as consumers and businesses alike seek something more functional.Tablets have a bunch of things going against them. Primarily, the problem is they are a consumption device, not a creation device, and people want something more powerful. In addition, phablets and large smartphones have eaten into the market, there are no compelling reasons to upgrade because new generations are only a little better than the old, and the chief advocate for tablets, Steve Jobs, is no longer among us.The result, according to IDC, is a 12.3 percent decline in sales year over year for the second quarter of 2016. That comes on the heels of a 14.7 percent decline in Q1. IDC said this is due to vendors restructuring their product lines and customers delaying purchases as the market shifts focus towards productivity-oriented devices such as detachables.To read this article in full or to leave a comment, please click here

The 15 best cities for information security pay

High-flying salaries in some unexpected placesImage by Greg GjerdingenBefore moving to this top city for InfoSec pay, you might want to read the latest John Sanford novel, brace for a bitter cold winter and develop a taste for tater tot hot dish. Yes, that's right, if you want to get the most bang for your InfoSec salary buck, a move to Minneapolis might be in your future.To read this article in full or to leave a comment, please click here(Insider Story)

The 15 best cities for information security pay

(Insider Story)

How millennials are shaping the future of work

Technology is moving the workplace along at lightning speed and not all businesses are ready to catch up. But that modernization is key to the future of work, according to a recent study commissioned by Dell and Intel. Penn Schoen Berland (PSB) conducted 3,801 online interviews earlier this year, speaking with individuals working in nine different markets, including education, government, financial services, healthcare, manufacturing, media, and entertainment and retail. They focused on the future of work and what these workers expect from their employers moving forward. "Not only is technology impacting the future office, it's redefining the office and greatly influencing the way we all currently work," says Kelli Hodges, global manager, Mobility at Dell.To read this article in full or to leave a comment, please click here

Will Supreme Court settle network neutrality issue?

Net neutrality foes work to get the U.S. Supreme Court to weigh in and settle the matter of network neutrality, perhaps the most contentious issue in technology policy over the last decade.[ Related: U.S. appeals court upholds net neutrality rules, but fight is not over ]It is certainly possible, because opponents of the policy advanced by the Federal Communications Commission aren't conceding the fight after their recent legal setback.Last week, U.S. Telecom, CTIA and other trade organizations and allied groups appealed to a federal appeals court to rehear the case in a proceeding that would involve all active judges, not just the three-judge panel that upheld the FCC's open Internet order in June by a 2-1 split.To read this article in full or to leave a comment, please click here

Will Supreme Court settle network neutrality issue?

8 tips to get more bang for your big data convergence bucks

How technology convergence can help CIOs do more with lessImage by ThinkstockCIOs and other IT decision-makers are used to having to do more with less. In the world of big data, they may be able to achieve orders-of-magnitude cost savings and productivity gains due to the convergence of development, IT ops and business intelligence (BI) strategy, exploiting advancements in open source software, distributed computing, cloud economics and microservices development.To read this article in full or to leave a comment, please click here

Surveys suss out Windows 10 enterprise migration timelines

Enterprises are eager to get Windows 10 onto their workers' PCs. Or they're in no rush.They see the just-released Anniversary Update as a major milestone. Or they don't.And some expect to have a majority of their PCs running Windows 10 in just a year from now. Or they believe it'll take twice that long.Recent surveys of IT administrators, managers and professionals displayed those opinions, and more, showing little consensus on anything other than the broadest trends that first, corporate IT likes Windows 10 a lot more than it did Windows 8, and second, Windows 10 will replace Windows 7 as the go-to operating system.Windows 10's adoption in the enterprise will be critical to the OS's success, especially from this point forward: The consumer-centric free upgrade offer has expired and the historic slump in PC shipments, mostly blamed on consumers' refusal to buy new systems to replace aged ones, continues unabated.To read this article in full or to leave a comment, please click here

Amazon remains top dog in Gartner’s cloud Magic Quadrant

Stop me if you’ve heard this before, but Gartner’s IaaS Magic Quadrant is out and Amazon Web Services is the clear the market leader, with Microsoft Azure is giving it a run for its money.It’s been a similar narrative for the past few years, but today Gartner basically said the market is status quo in 2016. The research firm’s MQ report is seen as an annual benchmark for the industry, a sort of checkpoint to see where the various vendors sit. Once again, it’s Amazon on top, Microsoft in second and a whole boatload of other vendors lumped into a category of “everyone else.”AWS: The ‘safe choice’ Amazon Web Service’s IaaS cloud is so mature and feature-rich that it’s defaulted to become the “safe choice” in the IaaS cloud market, Gartner says. AWS’s offerings available to the market are not only “many times the aggregate size of all other providers in the market,” Gartner says, but the company has a “multi-year” competitive advantage over every other competitor too.To read this article in full or to leave a comment, please click here

Social engineering tricks and why CEO fraud emails work

At the Black Hat conference in Las Vegas, CSO’s Steve Ragan talks with Stephanie Carruthers, owner of Snow Offensive Security, about why business email compromise (aka CEO fraud) works so well against companies. She also discusses several tricks that phishers will use to gain trust among corporate employees when preparing for an attack.

26% off Tracer360 All-Season Illuminated Reflective LED Visibility Vest – Deal Alert

This innovative Tracer360 visibility vest averages 5 out of 5 stars on Amazon from over 325 customers (90% rate a perfect 5 stars -- read reviews). It is designed for maximum comfort and visibility year-round while cycling, running, walking, on a motorcycle or any other application where visibility is a concern, particularly at night. It features a full 360 degrees of illumination and 3M reflectivity, designed to catch the attention of the most distracted drivers up to 1/4 mile away. It flashes, strobes or blinks and features a variety of colors, fully selectable/adjustable even while running. Lightweight and breathable, this vest won't trap moisture and can be worn year-round over a jacket just as easily as a t-shirt. Its list price of $69.99 has been reduced by 26% to $51.50. See the highly rated and discounted Tracer360 illumination vest on Amazon.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,542 2,543 2,544 2,545 2,546 … 3,616 Next »