This week I talk about how to approach investigations involving remote desktop connections.
This week I talk about Windows core processes from a DFIR point of view.
This week I talk about Powershell attack IOCs.
This week I talk about how to triage Windows events for network connection activity.
This week is my annual career assessment review - or, my guidelines of how to evaluate your past performance and your future goals.