forensics

When did user cyberjunkie successfully log into his computer? (UTC) 27/03/2023 14:37:09 There are two Event IDs for login: 4624 (successful logon) and 4648 (logon attempted using explicit credentials) ![[Pasted image 20240117155123.png]] The user tampered with firewall settings on the system. Analyze the firewall event logs to find out the Name of the firewall rule added? Metasploit C2 Bypass The last log when I filtered by firewall event logs (the most recent) was a suspicious rule called Metasploit C2 Bypass....

Recently I completed Tier 1 of Target’s Cyber Defense Challenge offered to members of the WiCys (Women in Cybersecurity) organization. It was a CTF comprised of four categories: cryptography/steganography, reverse engineering, USB forensics, and cyber threat intelligence. In this third part, I will go over the challenges in the USB forensics section. Challenges Find the Blue Yeti 100 points We believe that while one of the ransomware operators was out in public they dropped this USB device....