3 April 2019
Active Directory is a prime target in mostly all cyberattacks, and attackers often attempt to gain Domain Admin privileges and maintain their access. It is therefore crucial for security teams to monitor the changes occurring on Active Directory. ANSSI presented at the Amsterdam 2019 FIRST Technical Colloquium a forensic tool which aim is to create a timeline of Active Directory changes with replication metadata.
26 February 2019
SPARTA is a new Cybersecurity Competence Network supported by Europe’s H2020 Program. It aims to coordinate and develop the implementation of high-level research and innovation in digital security, in order to strengthen the strategic autonomy of the European Union. The SPARTA consortium assembles, for the first time, 44 actors from more than 14 Member States, bringing together the expertise of different kind of stakeholders, be they research institutes, private organisations or national authorities, including ANSSI.
8 February 2019
17 December 2018
14 November 2018
9 November 2018
3 October 2018
22 February 2019
GNU/Linux distributions are highly heterogeneou, the control of the system platform is a complex task; expertise becomes really necessary as the number of services and servers increases. However, some hardening measures can be implemented based on the expected security level, which will depend on the sensitivity of the data handled or hosted by the system […]
21 January 2019
Frequently overlooked and understudied, this database is rarely fully exploited when doing incident response. Indeed, its correct interpretation is complex: a lot of special cases can occur that have to be taken into account when performing an analysis. However, the information collected by the AmCache is extremely useful and the lack of awareness about this […]
