This week is the third part of the Network-Fast-Triage mini-series. In this installation I cover triage techniques for Windows event logs that record network port-binding.
This week is the second part of the Network-Fast-Triage mini-series. In this installation I cover triage techniques for Windows event logs that record network connections.
This week I interview Haseeb Awan, CEO of EFANI, about the rise of SIM swapping attacks. Haseeb explains the attack, how attackers carry it out, and provides some mitigation strategies.
This week I talk utilizing the ExploitDB for DFIR investigations. Searchsploit is a command line search tool for Exploit-DB that allows you the power to perform detailed off-line searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.
This week I talk about the IR Investigation Lifecycle, or, the elements included within the incident handling process to ensure a complete investigation.