DFSP # 407 - More About Lateral Movement and Kerberos
This week it's more about lateral movement and kerberos events.
19:20
DFSP # 406 - All the BIN Directories
In a typical Linux "bin" directory, you can find various types of executable files and scripts...
14:48
Werfault is in interesting artifact in that there is not a lot of documentation on it but yet it...
14:38
Certutil, a powerful command-line utility, possesses the potential for misuse by malicious actors...
12:18
DFSP # 403 - Lateral Movement Kerberos Auth Events
This week I'm going to cover an important Windows event that provides valuable information about...
15:39
DFSP # 402 - Linux Root Directory Files for DFIR
In Linux and Unix-based operating systems, the "root" account is the superuser or administrator...
18:25
DFSP # 401 - INF Fetch Execute
This week we are taking a bit of a deep dive into an advanced attack technique to accomplish...
15:39
This week I am going to focus on a specific remote execution technique that you may see in the...
14:15
DFSP # 399 - Lateral Movement Failed Logon Events
Finding and analyzing failed logons sometimes is just as important as finding suspicious, actual...
13:03
This week I will discuss the use of the OODA loop and JOHARI window in security incident response...
16:05
DFSP # 397 - Linux Home Directory Files for DFIR
This week I'm talking about the linux file system from the point of view of a forensic analyst....
20:48
This week I will talk about investigating data spill cases involving exposed URLs. This is a...
18:46
DFSP # 395 - Lateral Movement and Admin Logons
This week is on lateral movement detection techniques. Inspecting Domain Admin account logons is...
18:37
DFSP # 394 - Functional Documentation
This week I want to talk about the value of having functional documentation for your...
15:48
DFSP # 393 - Linux Subsystems for Windows
The linux subsystem for windows, create both opportunity and challenges for forensic analysts. It...
24:37
DFSP # 392 - Simulation Training
This week I'm going to talk about tabletop exercises as part of a security training program. I...
20:51
DFSP # 391 - Investigation Lifecycle
This week I'm talking about The NIST (National Institute of Standards and Technology)...
26:25
This week I'm talking about linux forensic triage strategy. In particular, I'm covering SSH. SSH...
17:25
The USN Journal, also known as the Update Sequence Number Journal, is a feature of the Windows...
15:15
DFSP # 388 - Web 3.0 Talk with SUMURI
This week Jason Roslewicz from SUMURI returns for some web 3.0 and virtual reality talk.
37:59
Premium
Plus