You're listening on your earbuds and bend to lace your shoes and, boom! the volume is pounding in your ears because your handkerchief pressed on the volume up button. Idiots! Samsung doesn't do this - they warn you about hearing damage.
If you want to go over 50%, why not require the use of the GUI?
Idiots of Apple. Screw the need for features. Quality is all you need.
Fluffy, but you might get something..
|
Gratitude |
Count your blessings in the morning, write down, don't type :) |
|
Forgiveness |
Think about yourself as if you are your best friend. People make
mistakes and that's how you learn |
|
Compassion |
what did he say? |
|
Love |
wha? |
He doesn't do a good job of breaking the pillars into specific actions you can take - aside from the gratitude journal.
David also created the Apollo - that uses vibrations to increase your feeling of safety and reduce anxiety.
You want to mute one or the other selectively. How?
Warning - since Teams is from M$FT, it works reliably. With Zoom, there could be some pain. I found the mute button ineffective with Zoom and left the webinar and re-joined and then had two Zooms in the Volume Mixer and one of them worked to mute :)
https://www.csitech.co.uk/training/ram-analysis/
Advanced RAM Analysis and Forensics - 4 Day Course for about $2300.
We are pleased to announce the updated 2021 4 day Advanced RAM Analysis
course.
As before the course is primarily hands on but provides much more flexibility. A significant time is spent in advanced memory data extraction and analysis techniques including reconstruction of file systems, password location, decryption and deconstruction of memory resident Malware such as Stuxnet.
Also interesting, is creating and scripting your own memory analysis toolkit.
A 32 GIG ruggedized USB key (download for online course) is supplied for each student to keep with all software and RAM dumps.
Syllabus
• Live Forensic procedures
• Live Windows RAM imaging (Cmd line and GUI based)
• Imaging Linux RAM
• Imaging Intel Mac’s (OSX)
• Testing downloaded tools
• Creating and scripting your own toolkits
• Script disk imaging
• Scripting memory imaging
• Volatile data extraction
• Reverse copying key files and folders
• Advanced Memory (RAM) analysis
• Extraction of data to enhance a disk investigation
• Extraction of elements such as Internet History, timelines and
passwords
• Extracting data from Hiberfil and Crashdump files
• Recreating the entire file system with automated forensic data
extraction
www.csitech.co.uk
• Using Volatility to extract:-
▪ Running processes
▪ Open network sockets
▪ Open network connections
▪ DLLs loaded for each process
▪ Open files for each process
• Finding HTML pages in a Browser process
▪ Open registry handles for each process
▪ Extracting process spaces with their associated files
▪ OS kernel modules
▪ Mapping physical offsets to virtual addresses (strings to
process)
▪ Understanding the PEB
▪ Understanding the VAD
▪ Extracting executables from memory samples
▪ Extracting and analysing operating system files
▪ Extracting and analysing user files
▪ Extracting the MFT
▪ Virus checking RAM dumps
▪ Extraction of network packet data and analysis
• Enhanced network analysis
• New Decryption section
▪ Hands-on extraction of Truecrypt and Veracrypt Master
Keys and container decryption
▪ Hands-on extraction of Bitlocker Master Keys and drive
decryption
▪ Cracking of OSX Keychain without password
• New Malware section
▪ ID’ing suspect processes
▪ Following the malware into Services and Registry
▪ Mapping the IP connections
▪ Extraction of the malware and analysis
▪ Deconstruction of Stuxnet
▪ Understanding what the Malware is doing
▪ Much more…
• New Registry Section
▪ Location and extraction of specific registry keys
▪ Extracting the SAM and decrypting passwords
▪ Finding other passwords
▪ Locating useful keys (TypedURLS, System info etc)
▪ Again, loads more
www.csitech.co.uk
• OSX Memory analysis
▪ Data carving
▪ Process recovery
▪ New Volatility commands
• Linux RAM investigation
▪ Data carving
▪ Recovering processes
▪ Login sessions
▪ Network information
▪ Routing tables
▪ Malware investigation
• Creating your own RAM analysis script to take away
• Final day practical exam and review
To discuss your training needs, or to organize a course, please contact Nick
Furneaux – nick@csitech.co.uk
Data mining exposes spikes in communication among perpetrators in Russia's military establishment ahead of key events, like the Navalny poisoning. These are the detectives making sure the world knows about Russia's crimes against humanity.
https://www.economist.com/podcasts/2021/08/10/how-open-source-intelligence-is-disrupting-statecraft
Watch the lovely Alice Himsworth (Senior Legal Counsel @ Google) chat the founder Elliot Higgins : https://www.youtube.com/watch?v=rqsfOz9fdmQ
Buy the book (don't worry, I get nothing :) : https://www.amazon.com/We-Are-Bellingcat-Global-Sleuths/dp/1635577306
I love the thing, but, wanting it today for a new PC, couldn't find it.
What I did find, M$ has made the WSL installation much simpler - just a simple command in powershell.
So, where do you find "WSL terminal" which beats the crappy thing they call "bash" :
https://github.com/mintty/wsltty
It's wsltty, or mintty.
Enjoy.
Does it happen only to me? You do the good old drag and drop thing and you get a dialog telling you the percent completion. Problem is, with a large file, when it hangs, even if things are going on okay without you knowing it, you're mostly hosed. You kill the copy and then go to that directory and see most of the file has been copied, but you'd never guess. A waste of effort anyway.
What's better? Some form of linux - like the WSL - but, even Git bash might be your friend here. Why? Because because GiT and Windows are best friends ever since you know what. So, you can right click on the source folder in File Explorer, and say "Git bash here" and open up a terminal in that folder - not having to guess what to use to get there in unix - seriously, how would you know it needs to be //tsclient/C/Users/whatever?
When? You downloaded a large file onto one PC but now you want it on another one and don't have a USB stick large enough to get the entire season of House there.. So, you use Remote Desktop Connection into the destination PC, and, in that PC, you now find your folder and say Git bash here and then copy to /c/Users/<name>/wherever... and that's much more reliable - so much smoother when you stay command-line.
