Let's Defend - HTTP/2 Rapid Reset

Description We are hosting a gallery website for public arts, we faced slowness issues however our deployment team decided to utilize HTTP/2 as when scrolling a webpage with multiple images, a web browser can cancel images that fall outside the viewport, meaning that images entering it can load faster. Everything went smoothly in our testing environment but after going live with the new protocol suddenly everything stopped working. We were able to capture the traffic from the web server, can you help us to figure out what happened?...

July 6, 2023 · 2 min · MMOX

Let's Defend - Linux Disk Forensics

Description Dean downloaded a cracked software application from an unofficial source and subsequently discovered that his personal data has been leaked. An investigation is now underway to determine the cause of the data leak and mitigate any potential damage. Tools Tools Required 1- FTKimger 2- Notepad++ 3- Scripting Writeup Q1 What distribution system was used by the victim, including its version? By open the disk image on FTK imager. now we need to start investgiating and find out the system and the version....

July 6, 2023 · 2 min · MMOX

Let's Defend - LockBit

Description: You are a Digital Forensics and Incident Response (DFIR) analyst tasked with investigating a ransomware attack that has affected a company's system. The attack has resulted in file encryption, and the attackers are demanding payment for the decryption of the affected files. You have been given a memory dump of the affected system to analyze and provide answers to specific questions related to the attack. Q1: Using a memory dump analysis, can you determine the date and time that the device was infected with the malware?...

April 13, 2023 · 4 min · MMOX