pentestpartners.com2d
Did security gaps at Antwerp port enable drug smuggling operations?
Then a while ago I had a call from the journalists behind the Panama Papers investigation. They had been looking at some ...
pentestpartners.com6d
BEC-ware the Phish (part 2): Respond and Remediate Incidents in M365
Part two covers the response and remediation actions in M365. The response steps help to contain an incident and buy time to ...
pentestpartners.com8d
You lost your iPhone, but it’s locked. That’s fine, right?
The default iPhone settings allow Siri access from the lock screen, with voice-activated commands like “Hey Siri” or pressing ...
pentestpartners.com9d
Maritime lawyers assemble!
Maritime cyber insurance has been playing catch-up with maritime cyber security for a while now. It was all pretty good until the availability of cheap VSAT meant that ships became constantly ...
pentestpartners.com9d
What goes into testing a ship?
Testing a ship involves identifying and mitigating cybersecurity risks using the “Identify, Prevent, Detect, Respond, Recover” framework. Guidelines include MSC.428(98) ...
pentestpartners.com14d
Mounting memory with MemProcFS for advanced memory forensics
MemProcFS was created by Ulf Frisk with the first release of v1.0 on github showing around 2018. Ulf Frisk is a well-known figure in the field of memory forensics and digital investigations. The tool ...
pentestpartners.com1mon
BEC-ware the phish (part 1). Investigating incidents in M365
We’ve seen an increase in multi-stage Adversary in the Middle (AiTM) phishing BEC in M365. These usually originate from a compromised trusted party, and lead to a series of AiTM attacks and follow-on ...
pentestpartners.com21d
Using Volatility for advanced memory forensics
In this two post series I want to highlight how memory forensics plays a crucial role in enhancing forensic investigations. Specifically by providing access to volatile data that cannot be retrieved ...