Tags → #ransomware
-
File Carving: Encrypted Virtual Hard Disks
A significant development in ransomware attacks in recent years is the encryption of virtual hard disks. Is there a way to obtain at least some data out of these encrypted disks?
-
Puzzle Pieces: RDP Bitmap Cache
Learn how the RDP Bitmap Cache provides valuable snippets that fill gaps in forensic investigations, revealing Threat Actors activities during RDP sessions.