News - IMF Securityhttps://www.imfsecurity.com/news/Sun, 28 Jul 2019 20:55:25 +0000en-USSite-Server v@build.version@ (http://www.squarespace.com)LOG-MD version 2.2.1 is availableIMF SecuritySun, 28 Jul 2019 20:55:46 +0000https://www.imfsecurity.com/news/2019/7/28/log-md-version-221-is-available568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:5d3e0bbdeed6280001aa379fVersion 2.2.1 is out! It took us a while because we converted LOG-MD to Unicode to better support foreign language and other Windows API and Unicode characters. This introduced a lot of bugs that had to be fixed to the Unicode format.

With version 2.2 and later the 32bit version of LOG-MD Free Edition is no longer supported. Microsoft has announced it has End-of-Lifed Windows 32bit, so it is now only available to LOG-MD-Professional users on request.

]]>LOG-MD Free Edition and LOG-MD Professional version 2.0 releasedIMF SecurityMon, 12 Mar 2018 01:18:19 +0000https://www.imfsecurity.com/news/2018/3/11/log-md-free-edition-and-log-md-professional-version-20-released568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:5aa5d54c71c10b34ddfaa1a8We are proud to announce that LOG-MD Free Edition and LOG-MD Professional version 2.0 has been released.  Updates include:

1.  Added a 'no enforcement' option for audit log compliance requirements so you can collect whatever logs are enabled and collecting.

2.  Added PowerShell version and audit log settings information

3.  Fixed a bug that caused harvesting of logs to stop if a variable in the message could not resolve

4.  Command line summary and detailed WhoIs lookup of IPv4 addresses

5.  Pro only - Added VirusTotal lookup of hashes and/or files for 5 reports, which can create 10 more reports, including support for Sysmon

]]>LOG-MD Professional version 1.2 releasedIMF SecurityThu, 20 Jul 2017 00:59:35 +0000https://www.imfsecurity.com/news/2017/7/19/log-md-professional-version-12-released568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:596fff31d2b85712f22cd3aaVersion 1.2 of LOG-MD-Professional has been released adding the following features:

  • AutoRuns Report - Take an Autoruns report and apply a Master-Digest that you create with LOG-MD-Pro to eliminate known good files and then apply an Autoruns Whitelist to further exclude Autoruns that have parameters that the Master-Digest cannot exclude.  
  • Locked Files Report - As a part of the Hash Compare a Locked Files report is generated to help discover malicious locked binaries.
  • DNS Client Event logs are now an option to be collected.  Gather that DNS info for potential blocking or further investigation of suspect domains.
  • Minor bug fixes
  • Updated Manual with lots of details

Watch our videos to help you learn about LOG-MD, what it can do, and actual Malware Discovery hunting using LOG-MD, including so called "Fileless or non-malware malware" 

]]>LOG-MD Free Edition version 1.2 releasedIMF SecurityWed, 19 Jul 2017 03:39:04 +0000https://www.imfsecurity.com/news/2017/7/18/log-md-free-edition-version-12-released568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:596ed23129687ff623204a7eVersion 1.2 of LOG-MD-Free Edition has been released adding the following features:

  • AutoRuns Report - Compare a baseline autoruns to a suspect autoruns report using tools like WinMerge or Notepad++ to find new and potentially malicious AutoRuns.
  • Locked Files Report - Look for locked binaries trying to hide from other security tools and the process locking them so you can unhook the handle and clean the system!  Compare a baseline locked file report to a suspect system using tools like WinMerge or NotePad++, or just parse the file for .EXE, DLL, .BAT, .CMD, .PS1, .VBS, etc.
  • DNS Client Event logs are now an option to be collected.  Gather that DNS info for potential blocking or further investigation of suspect domains.
  • Minor bug fixes
  • Updated Quick Start Guides

Watch our videos to help you learn about LOG-MD, what it can do, and actual Malware Discovery hunting using LOG-MD, including so called "Fileless or non-malware malware" 

]]>LOG-MD-Professional 1.1 released - Harvest SRUM data for Windows 8.1 and 10IMF SecurityMon, 30 Jan 2017 20:42:02 +0000https://www.imfsecurity.com/news/2017/1/30/log-md-professional-11-released-harvest-srum-data-for-windows-81-and-10568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:588fa3ff579fb3faffaefd0cVersion 1.1 of LOG-MD-Professional has been released adding the ability to harvest "System Resource Utilization Monitor" (SRUM) data for Windows 8.1 and 10.  SRUM provides the ability to see how many bytes an application sent or received in hourly slices up to the last 60 days.  This data can help you determine how much data you might have lost per application as well as when a system might have first been compromised, within the last 60 days.  The data is updated hourly or on shutdown so you may have to run LOG-MD-Pro again after the cache is purged to the SRUM database.

]]>LOG-MD RC-1 ReleasedIMF SecurityTue, 05 Apr 2016 19:37:03 +0000https://www.imfsecurity.com/news/2016/4/5/log-md-rc-1-released568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:57041310b09f95d76fd6840b

We have released LOG-MD RC-1 for public consumption.  You may try our Free Edition or Profession versions.  Just visit the LOG-MD pages and browse our features and capabilities.

Sign up for our Newsletter to keep up to date on updates, releases, training and conferences!

]]>Welcome to IMF Security, home of LOG-MD, the Log and Malicious Discovery tool for IT, Information Security, Active Defenders, Incident Responders and Auditors.IMF SecurityTue, 12 Jan 2016 12:58:21 +0000https://www.imfsecurity.com/news/2016/1/12/the-launch-of-log-md-professional568a6c0e25981d3d913a55d1:5694f77b57eb8dbe263a02e2:5694f78157eb8dbe263a0310News RSS

Double Opt-in, never sold. Subscribe to get news and updates on LOG-MD and IMF Security.

* indicates required
]]>