We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

forensics

Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
Tech Optimizer
March 20, 2025

Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs

Microsoft Incident Response has identified a new remote access trojan (RAT) called StilachiRAT, which extracts sensitive information from infected computers, including passwords, cryptocurrency wallet details, operating system specifications, and device identifiers. StilachiRAT has a self-reinstatement mechanism that allows it to reinstall itself if removed. It targets digital wallets from platforms like Coinbase Wallet, Phantom, Trust Wallet, Metamask, OKX Wallet, and Bitget Wallet. The malware can harvest credentials from web browsers, monitor clipboard data, gather system information, detect camera presence, and track active Remote Desktop Protocol (RDP) sessions. It can extract credentials from Google Chrome, monitor clipboard activity, and maintain its presence using the Windows service control manager. StilachiRAT can impersonate users to monitor RDP sessions and employs anti-forensics mechanisms to evade detection. Discovered in November of the previous year, it has not yet achieved widespread distribution. Microsoft advises users to download software from official websites, use robust security software, install reputable antivirus, be vigilant against phishing attacks, avoid clicking on unexpected links, and consider using a VPN and password manager for enhanced security.
Batman: Arkham Knight graphics overhaul makes it look like a PS6 game
AppWizard
December 15, 2024

Batman: Arkham Knight graphics overhaul makes it look like a PS6 game

Batman: Arkham Knight has received a graphics overhaul that enhances its visual quality to compete with next-generation consoles like the PS6. Originally released in 2015, the game is part of Rocksteady Studios' Arkham trilogy and features gameplay elements such as FreeFlow Combat, stealth, and the Batmobile. The studio's recent project, Suicide Squad: Kill the Justice League, has struggled commercially since its early 2024 launch, prompting speculation about a possible remake of Batman: Arkham Asylum. A vibrant modding community has improved the game's visuals, showcasing ray-tracing effects with NVIDIA RTX 4090 at 4K resolution and 60 frames per second. Batman: Arkham Knight is available on PC, PlayStation, Xbox, and Nintendo Switch.
JPCert Details on Event Tracing Over EventLog for Windows Forensics
Tech Optimizer
November 15, 2024

JPCert Details on Event Tracing Over EventLog for Windows Forensics

EventLogs are essential for Windows operating system forensics but have limitations in identifying suspicious activities, necessitating additional audit logs or tools like Sysmon. Event Tracing for Windows (ETW) is a significant feature that enhances Windows forensics by collecting and managing EventLogs. ETW consists of four components: Providers (which generate events), Consumers (which process events), Sessions (which relay events), and Controllers (which manage sessions). ETW logs a wide range of operating system behaviors, making it valuable for forensic investigators. Notable ETW providers for incident investigation include Microsoft-Windows-Threat-Intelligence, Microsoft-Windows-DNS-Client, Microsoft-Antimalware-AMFilter, Microsoft-Windows-Shell-Core, Microsoft-Windows-Kernel-Process, and Microsoft-Windows-Kernel-File. Some ETW events are saved as files, while others are accessed in real-time from buffers, allowing for the recovery of information even if ETL files are deleted. JPCert has developed an ETW Scanner plugin for Volatility to extract ETW events from memory images, aiding incident response. The LwtNetLog ETW session collects network-related data, helping investigators identify malware communication and other activities. ETW's detailed logging capabilities and tools like the ETW Scanner enhance the ability to detect threats that traditional logging methods may miss.
Search