More ransomware actors like FERAL SPIDER are hitting the ESXi jackpot and encrypting entire VMs. Read more of what we've seen and how to mitigate and protect ESXi in our Hypervisor Jackpotting Part 2 blog: https://t.co/UdKOOZn8fa
The Apple Unified Log (AUL) is both a blessing and a curse for responders. In this blog, we explain why Apple implemented it, how it works, what type of information it records and how to use it. https://t.co/aNy4YpJYWg via @JaiMusunuri#cybersecurity
🔍 First talk of Day 2 @ #OBTS digs into Unified Logging (AUL). @JaiMusunuri & Erik Martin do a great 👍 job showing us how to filter predicates to hunt quickly through AUL and it’s increased granularity compared to older log formats 🤩!
@JaiMusunuri & @kshitijk demo tool AutoMacTC: an open-source Python framework that can be quickly deployed to gather forensic data on macOS devices at this #BHEU Arsenal presentation. https://t.co/SVtxkwiDa1
Join @JaiMusunuri & @kshitijk as they discuss tool “AutoMacTC” an open-source Python framework that can be quickly deployed to gather forensic data on macOS devices at this #BHEU Arsenal presentation. https://t.co/XmDvzQbZN9
A new #AutoMacTC module is now available to parse #macOS Terminal saved state files: https://t.co/uPLY8VIdJx
You can learn more about reconstructing Terminal saved state files here: https://t.co/y8B7ovisu5
#DFIR
New blog from @JaiMusunuri & Phil Pineda show how to aid #digitalforensics investigations by reconstructing #macOS Terminal sessions to recover an adversary’s commands from an interactive session, even if an adversary is trying to cover their tracks. https://t.co/FodLykxDFF #DFIR
@TheKshitijKumar & @jaimusunuri discuss AutoMacTC: an open-source Python framework that can be quickly deployed to gather forensic data on macOS devices. Don’t miss out on this #BHUSA Arsenel demo! https://t.co/xCh79ET6m1
See @TheKshitijKumar & @jaimusunuri showcase AutoMacTC: an open-source Python framework that can be quickly deployed to gather forensic data on macOS devices, from the artifacts that matter most to you and your investigation at #BHUSA Arsenal https://t.co/nzgDNjc8SA
Great to see a public release of this tool. A rare open source tool enabling Mac incident response. Nice work @JaiMusunuri, @TheKshitijKumar, @TheEricJohn, et al.