#cisawarning open-sources #Thorium platform for #malware , #forensic analysis

"Thorium enhances #cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools," CISA said on Thursday.

https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/

#CISA Open-Sources #Thorium Platform For #Malware , #Forensic Analysis - Slashdot

… a powerful #OpenSource platform developed with#Sandia National Labs that automates malware & forensic analysis at massive scale. …the platform can "schedule over 1,700 jobs per second & ingest over 10 million files per hour per permission group." From the report:

#Security teams can use Thorium for automating & speeding up various file analysis workflows, including but not limited to…

https://it.slashdot.org/story/25/07/31/2033245/cisa-open-sources-thorium-platform-for-malware-forensic-analysis?utm_source=rss1.0mainlinkanon&utm_medium=feed

Eyal Weizman - Intention génocidaire 1/2

#Architecte israélo-britannique et professeur à l’Université Goldsmiths, Eyal Weizman est le fondateur et le directeur du collectif de recherche et d’enquêtes #Forensic #Architecture. Cet article présente notre entretien avec Eyal Weizman et dévoile un extrait du chapitre 5/12: "Croisements: réalité matérielle et esprits coupables".

Par Diagrammes | En accès libre › https://blogs.mediapart.fr/diagrammes/blog/010825/eyal-weizman-intention-genocidaire-12?at_medium=rs-cm&at_campaign=mastodon&at_account=mediapartblogs

#CISA open-sources #Thorium platform for #malware, #forensic analysis

https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/

In search of riches, #hackers plant 4G-enabled #RaspberryPi in bank network

The researchers with security firm Group-IB said the “unprecedented tactic allowed the attackers to bypass perimeter defenses entirely.” The hackers combined the physical #intrusion with remote access #malware that used another novel technique to conceal itself, even from sophisticated #forensic tools.
#4g #security #privacy #GroupIB

https://arstechnica.com/security/2025/07/in-search-of-riches-hackers-plant-4g-enabled-raspberry-pi-in-bank-network/

Desde hace unos meses instalé una #pirogue en una pine64 rock64 de 4GB RAM, en breve documentaré el proceso, pero mientras comparto unas foticas.

A few months ago, I installed a #pirogue on an pine64 rock64 with 4GB of RAM. I’ll document the process soon, but in the meantime, here are some pics.

https://pts-project.org/

@pts #opensource #forensic #mobileforensics #networkanalysis

“…sciences in the #UK are in a precarious state. Last month, a multiyear all-parliamentary inquiry concluded that the field was in a “graveyard spiral” that had led to #miscarriages of #justice and compounded failures in the UK’s justice system.

These issues have been especially pronounced since 2012, when the government-owned #ForensicScienceService, with a staff of 1,600 people, was shut down, leading to a rise in commercial #forensic agencies. #AcademicResearch in forensics is in an equally dire situation, as universities experience funding cuts.

The future of #DundeeUniversity’s #Leverhulme Research Centre for Forensic Science was called into question earlier this year. Lay-offs are expected and staff staged walkouts at the centre, which has helped investigate war crimes in Kosovo and the inquiry into the deadly Grenfell Tower fire in London.

The result of this decline is that the highly #SpecialisedKnowledge needed for forensic science in the UK is at risk of quietly disappearing.”

#ForensicScience / #botany / #knowledge <https://archive.md/Yv6lL> / <https://www.ft.com/content/b8211cfe-218f-4aed-ae56-c82c132af551> (paywall)

Researchers confirm two #journalists were #hacked with #Paragon #spyware | TechCrunch

published a new report detailing the results of a new #forensic investigation into the #iPhones of Italian #journalist #CiroPellegrino and an unnamed “prominent” European journalist. The researchers said both journalists were hacked by the same Paragon customer, based on evidence found on the two journalists’ devices.
#privacy #surveillance #security

https://techcrunch.com/2025/06/12/researchers-confirm-two-journalists-were-hacked-with-paragon-spyware/

“Graphite Caught
First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted”

“On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists that consented for the technical analysis of their cases. The key findings from our forensic analysis of their devices are summarized below:
Our analysis finds forensic evidence confirming with high confidence that both a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, were targeted with Paragon’s Graphite mercenary spyware.
We identify an indicator linking both cases to the same Paragon operator.
Apple confirms to us that the zero-click attack deployed in these cases was mitigated as of iOS 18.3.1 and has assigned the vulnerability CVE-2025-43200.”

https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/

Forschungsfrage:
Wenn ich alles mit KI ändern, generieren, anpassen, entfernen kann?
A) Wie sieht das mit #Beweismitteln bei z.B. #Behörden aus?

Ja, wir leben schon in Zeiten v. Photoshop, KI kann hier aber deutlich mehr. Die Tools müssen dann auch für Privatpersonen ohne IT-Skills verwendbar/validierbar sein und wenn ich eine Anzeige erstatten müsste, will ich nich erst n' #DAW lernen müssen, um z.B. 'ne Tonspur validieren zu können. Ebenfalls wird "mach ein Screenshot mit der Website v. d. Atomuhr" nich´ mehr lange halten/bestand haben.

Klar könnte ich mit meinen #Openpgp key eine "Echtheit" beglaubigen, dass wäre aber allein von der Struktur falsch. Die PGP-Keys verifizieren nur, dass ich das Dokument signiert habe, nicht was ich signiert habe.

At least 206 Ukrainian soldiers died in Russian captivity amid brutal treatment

There have been multiple reports of #Ukrainian #POWs being tortured or #killed while in #Russian #captivity

As of May criminal investigations were underway regarding #execution of 268 Ukrainian POWs

AP reported, citing previous reports of #forensic expert who conducted the #autopsies of the POWs.

https://kyivindependent.com/over-200-ukrainian-soldiers-died-in-russian-captivity-ap-reports-4/

A 220-year-old mystery surrounding the remains of infamous German outlaw Johannes Bückler, known as #Schinderhannes, has at last been solved. An international research team used cutting-edge #forensic techniques to confirm that a skeleton long thought to be that of another criminal, “Schwarzer Jonas” (Black Jonas), is in fact Schinderhannes. The true destiny of Schwarzer Jonas’ remains remains a secret.

https://archaeologymag.com/2025/03/infamous-robber-schinderhannes-identified/ #science #history #FamilyHistory #Hunsrück #genome

LiDAR For Rapid Geomorphological Assessment In Relict Periglacial Landsystems
--
https://doi.org/10.1144/egsp30-2024-46 <-- shared paper
--
#GIS #spatial #mapping #remotesensing #earthobservation #LiDAR #A21 #transportation #motorway #UK #England #Kent #geology #engineeringgeology #earthworks #massmovement #risk #hazard #slope #failure #construction #groundworks #excavation #forensic #periglacial #landforms #glacial #deposition #landsystem #geohazards #geomorphology #model #spatialanalysis #casestudy

Super happy to see the open source sysdiagnose joining the hackathon.lu held in Luxembourg on April 8th and 9th, 2025.

sysdiagnose is an open-source framework developed to facilitate the analysis of the Apple sysdiagnose files and especially the one generated on mobile devices (iOS / iPadOS). In the light of targeted attacks against journalists, activist, representatives from the civil society and politicians, it empowered incident response team to review device behaviour and ensure their integrity. This tool is initially the result of a joint effort between EC DIGIT CSOC (European Commission DG DIGIT) and CERT-EU (https://cert.europa.eu/).

https://hackathon.lu/projects/#sysdiagnose-analysis-framework

Don't hesitate to register and add your project!

#opensource #dfir #forensic #hackathon #luxembourg

Thanks to @ddu and the team to join us.

#Forensic Methodology Report: How to catch #NSO Group’s #Pegasus - #AmnestyInternational
#privacy #surveillance

https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/

Ukraine Daily summary - Monday, November 25 2024

https://writeworks.uk/~/UkraineDaily/Ukraine%20Daily%20summary%20-%20Monday,%20November%2025%202024/

Police Freak Out at #iPhones Mysteriously #Rebooting Themselves, Locking Cops Out

officers are warning other officials and #forensic experts that iPhones which have been stored securely for forensic examination are somehow rebooting themselves
#security #privacy #reboot

https://www.404media.co/police-freak-out-at-iphones-mysteriously-rebooting-themselves-locking-cops-out/