Digital Forensic Survival Podcast

podcast

Suscribirse

Digital Forensic Survival Podcast

DFSP # 423 - Guiding Lights: Cyber Investigations Investigation Lifecycle

This week I'm discussing a fundamental aspect of cybersecurity: incident response preparation....

Añadir a ... 

DFSP # 422 - EVTX Express: Cracking into Windows Logs Like a Pro

Today I'm talking Windows forensics, focusing on Windows event logs. These logs are very valuable...

Añadir a ... 

DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled

In this podcast episode, we talk about Linux's `memfd` – a virtual file system allowing the...

Añadir a ... 

DFSP # 420 - Failing, Stopping and Crashing

This week we explore into the world of Windows service event codes and their role in forensic...

Añadir a ... 

DFSP # 419 - What the Flux

This week, we're delving into the realm of fast flux, a cunning technique employed by attackers...

Añadir a ... 

DFSP # 418 - Core Insights: Navigating MFT in Forensics

In this week's exploration, I'm delving into the intricate realm of the Master File Table (MFT),...

Añadir a ... 

DFSP # 417 - Unlocking Linux Secrets

This week I delve into the intriguing domain of Linux malware triage. The Linux platform presents...

Añadir a ... 

DFSP # 416 - Persistence Mechanisms on Windows

This week I’m going to talk about New Service Installation details recorded in Windows event...

Añadir a ... 

DFSP # 415 - Dealing with Third-Party Incidents

Organizations leverage third-party services more and more for business advantages. For the...

Añadir a ... 

DFSP # 414 - CRON Forensics

Cron become important and Linux forensics when you’re talking about persistence. Think scheduled...

Añadir a ... 

DFSP # 413 - Ransomware Initial Response

Ransomware cases can be particularly challenging, especially during the initial response. They...

Añadir a ... 

DFSP # 412 - Conhost Forensics

Conhost, or the Console Application Host, often comes up during investigations. Understanding...

Añadir a ... 

DFSP # 411 - NTLM Credential Validation

This week I'm talking about detecting evidence of lateral movement on Window systems using NTLM...

Añadir a ... 

DFSP # 410 - Linux Temp Directories

Temporary directories play a significant role in computer forensic investigations as they can...

Añadir a ... 

DFSP # 409 - Regsvcs and Regasm Abuse

This week I’m talking about Regsvcs /Regasm exploitation, which is a Windows tactic attackers use...

Añadir a ... 

DFSP # 408 - Nesting

This week I’m talking about Nested Groups and the risk they pose for security. Built-in to the...

Añadir a ... 

Añadir a ... 

DFSP # 406 - All the BIN Directories

In a typical Linux "bin" directory, you can find various types of executable files and scripts...

Añadir a ... 

DFSP # 405 - Werfault Attacks

Werfault is in interesting artifact in that there is not a lot of documentation on it but yet it...

Añadir a ... 

DFSP # 404 - Certutil Attacks

Certutil, a powerful command-line utility, possesses the potential for misuse by malicious actors...

Añadir a ...