How to Investigate Infostealer Malware
If you’re not familiar with infostealer malware—a type of malware specifically designed to locate and exfiltrate credentials—consider yourself lucky. And consider being prepared.
Content Industry: Service Providers
CL0P: Hunting a New Kind of Ransomware
The Cybersecurity and Infrastructure Security Agency (CISA) & partners recently released a joint cybersecurity advisory uncovering techniques and tactics used by the threat actor behind the CL0P ransomware.
How To Get the Most Out of Your Magnet GRAYKEY Extractions
GrayKey extractions are an amazing tool for digital investigators and examiners, since getting a full file system image is crucial. For years, most forensic examinations of iOS devices were limited to data only available in an iTunes backup and only if you had the user’s passcode—with Android acquisitions not being much easier.
Magnet AXIOM Cyber 7.2 Is Now Available
We are happy to announce the release of Magnet AXIOM Cyber 7.2. In this release, we have added support for SHA256 hash calculations, an improved the viewer for LevelDB files, and added new and updated artifacts to keep your evidence sources current with the latest corporate applications and services. You can upgrade to the latest … Continued
Overview of Magnet AUTOMATE for Enterprise
Digital forensic workflows can be highly manual and time-consuming. Disconnected tools and manual touchpoints bog down DFIR teams—resulting in slower investigations and wasted resources. Increasing case volume and data only makes the struggle to keep up worse. It can take days or weeks to manually and sequentially collect the data required for thorough investigations. Magnet … Continued
A Guide to Peak Hardware Performance for Magnet AXIOM
Recently, I have seen user questions about hardware choices as it relates to performance with Magnet AXIOM or Magnet AXIOM Cyber. When it comes down to it, we all want our cases processed faster!
The Growing Importance of Digital Forensics and Incident Response (DFIR) in Corporate Environments
With the complexity and frequency of cyber threats targeting businesses growing at alarming rates, digital forensics and incident response (DFIR) has become an indispensable component of cybersecurity programs. DFIR teams in corporate environments are increasingly called on to unravel complex threats and uncover critical insights into incident response investigations, including ransomware attacks, data exfiltration, and … Continued
Hunting “Volt Typhoon” State-Sponsored Actor in Memory With Magnet AXIOM Cyber
The Cybersecurity and Infrastructure Security Agency (CISA) & partners recently released a joint cybersecurity advisory uncovering a new attack by a nation-state sponsored attacker dubbed as “Volt Typhoon” (also called BRONZE SILHOUETTE) where the threat actor leverages fileless techniques also known as “Living-Off-The-Land” (LOTL) techniques.
Best Practices for Ransomware and Data Extortion Memory Response
The Cybersecurity and Infrastructure Security Agency (CISA) & partners recently released a “#StopRansomware Guide” Cybersecurity Information Sheet (CSI) which aims at providing guidance to organizations to reduce the impact of ransomware incidents and a checklist of best practices for responding to these threats.
Leveraging AXIOM Cyber in Microsoft Azure
Forensic workstations can be expensive! Join us as we discuss the myriad of advantages when conducting forensic examinations in the Cloud. We will walk through the setup, installation, use, and advantages of using Magnet AXIOM CYBER in the Microsoft Azure. You’ll get a chance to see some of the benefits of this approach, including, cost savings, reducing redundancy, the ability to do off-network collections, and the advantage of using a clean VM for every examination.