This Week In 4n6

No sponsor this week. If your organisation is interested, head over here to find out more. Digital Forensics Myanmar Network Action Predictor (Browser Forensic) SSD Recovery, Limitation and Suggestion Nicholas Dubois at HexordiaThe Secret Header: How iMessage Link Previews “Skip” YouTube Ads Hideaki Ihara at port139 AIによる低レイヤ解析：Ext4/Ext3ディレクトリエントリ削除の論理とバイナリの変容 Windows 11 IME履歴を解き明かす Velociraptor 調査の舞台裏：Windows.Triage.Targets の解析とカスタマイズ 取得対象のダミーファイルを作成する：Test-ForensicCollection.ps1 Matthew PlascenciaDisassemble that […]

BerlaConnecting Occupants to Vehicles Through Device Data Damien AttoeA Forensic Look at the Grok Android App Oleg Afonin at Elcomsoft Browser Forensics in 2026: App-Bound Encryption and Live Triage Web Browser Forensics in Digital Triage ForensafeBelkaCTF #6: Bogus Bill Kenneth G Hartman at Lucid Truth TechnologiesBFU vs AFU: What Attorneys Need to Know About Phone […]

No sponsor this week. If your organisation is interested, head over here to find out more. Akash PatelCase Studies: Building Effective Timelines with Plaso (Log2Timeline) Christian Peter“Far over the misty mountains cold – iLEAPP Threema Parser” Derek EiriExtracting and Matching Faces with API Forensics’ Exponent Faces Martin Korman at DFIR DudesRegipy MCP: Natural Language Registry […]

Strengthen Your Identity Posture Before Attackers Find the Gaps In this cheat sheet, you’ll discover:• The four highest-risk identity categories to remediate today.• A step-by-step ISPM maturity model and 90-day implementation plan.• How to eliminate toxic permissions, enforce MFA, and remove dormant identities at scale. Download the ISPM Cheat Sheet Sponsored by Permiso Damien AttoeThe […]

Strengthen Your Identity Posture Before Attackers Find the Gaps In this cheat sheet, you’ll discover:• The four highest-risk identity categories to remediate today.• A step-by-step ISPM maturity model and 90-day implementation plan.• How to eliminate toxic permissions, enforce MFA, and remove dormant identities at scale. Download the ISPM Cheat Sheet Sponsored by Permiso Akash PatelMemory […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Inside the Salesloft-Drift Breach: What It Means for SaaS & Identity Security In this session, Permiso’s CTO will cover:– How attackers moved from GitHub → AWS → Salesforce using stolen OAuth tokens.– Why this “all-machine” attack is a wake-up call for SaaS supply chains and NHIs.– Practical steps to detect and contain similar threats in […]

Learn Scattered Spider’s Updated TTPs & How to Defend Against Them In this webinar, Permiso’s CTO and Head of P0 Labs Threat Research will discuss:– How Scattered Spider’s methods have evolved over the last couple of years.– Where they are focusing their attacks now, and how they are doing it.– How the Permiso platform discovers […]

Learn Scattered Spider’s Updated TTPs & How to Defend Against Them In this webinar, Permiso’s CTO and Head of P0 Labs Threat Research will discuss:– How Scattered Spider’s methods have evolved over the last couple of years.– Where they are focusing their attacks now, and how they are doing it.– How the Permiso platform discovers […]

Learn Scattered Spider’s Updated TTPs & How to Defend Against Them In this webinar, Permiso’s CTO and Head of P0 Labs Threat Research will discuss:– How Scattered Spider’s methods have evolved over the last couple of years.– Where they are focusing their attacks now, and how they are doing it.– How the Permiso platform discovers […]

Download Permiso’s CISO Guide to Detecting & Preventing Identity Attacks. The guide breaks down:– The top identity-based attack vectors across SaaS, PaaS, IaaS, and IdPs– Real-world breach examples from Okta, Snowflake, Cloudflare, and others– How adversaries exploit non-human identities and abuse MFA gaps– What CISOs must do to align identity with their broader security strategyAnd More Sponsored […]

Download Permiso’s CISO Guide to Detecting & Preventing Identity Attacks. The guide breaks down:– The top identity-based attack vectors across SaaS, PaaS, IaaS, and IdPs– Real-world breach examples from Okta, Snowflake, Cloudflare, and others– How adversaries exploit non-human identities and abuse MFA gaps– What CISOs must do to align identity with their broader security strategyAnd More Sponsored […]

Christopher Eng at Ogmini Fun CVE on Trains – Foamers Beware Expectations vs Reality – Digital Forensic Science Master’s Degree Part 9 Hackers N’ Hops CTF Hackers N’ Hops CTF – Part 2 CFP Submission – Finalizing Submission MB x MS Aviv Yaniv at Courisity is a Drug Walk Through Guide for Kusto Detective Agency […]