This week Jason Roslewicz from SUMURI returns for some ransomware talk.
This week I Cover my all-time favorite Windows event, security event 4688: new process creation. If you do windows, incident, response, forensics, this is a must-know know artifact.
This week I talk about SVCHOST; how it fits into the Windows operating system, and how to think about it from a DFIR point of view.
This week I talk with Interview with Yugal Pathak about organizational forensic readiness.
This week I talk about the role and typical responsibilities DFIR professionals may be called up to take to assist with a zero-day response.