Info

Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
RSS Feed
Digital Forensic Survival Podcast
2024
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February


All Episodes
Archives
Now displaying: Page 7
May 4, 2021

This week I continue with the fast triage method for processes with a focus on historical records.

Apr 27, 2021

This week I cover threat modeling from a DFIR point-of-view. It provides a standard framework to classify and rate the severity of vulnerabilities discovered during investigations.

Apr 20, 2021

This week I run through a threat intel resource you may use for standardized attack information.

Apr 13, 2021

This week I revisit Svchost and the triage methods to apply.

Apr 6, 2021

This week is about the top threats to cloud computing.

Mar 30, 2021

This week is a case study that demonstrates the power behind IR fundamental methodology.

Mar 23, 2021

This week I continue with the fast triage method for processes with a focus on, well, everything else!

Mar 16, 2021

This week is about the top threats to cloud computing.

Mar 9, 2021

This week is about preparing for Golden SAML attacks for both Incident Response and Threat Hunting.

Mar 2, 2021

This week is about applying basic statistical analysis to threat hunting. The results are effective!

Feb 23, 2021

This week is about theatrics in security and how to avoid the trap.

Feb 16, 2021

This week I revisit Windows Core Processes and the triage methods to apply to them.

Feb 9, 2021

This week I talk about vulnhub, a free resource to practice ethical hacking skills and sharpen your DFIR skills.

Feb 2, 2021

This week I revisit Windows Core Processes and the triage methods to apply to them.

Jan 26, 2021

This week is the fourth part of the Network-Fast-Triage mini-series. In this installation I cover triage techniques for Windows event logs that record blocked network activity.

Jan 19, 2021

This week is about supply chain security posture from a DFIR point-of-view.

Jan 12, 2021

This week I go over a method to detect kernel process masquerading on Linux systems.

Jan 5, 2021

This week I interview author Shawn Livermore about the myth of the "tech-genius."

Dec 29, 2020

This week is the third part of the Network-Fast-Triage mini-series. In this installation I cover triage techniques for Windows event logs that record network port-binding.

Dec 22, 2020

This week is the second part of the Network-Fast-Triage mini-series. In this installation I cover triage techniques for Windows event logs that record network connections.

Dec 15, 2020

This week I cover triage techniques for werfault.exe. The process does not have the best documentation which makes it a challenge to triage.

Dec 8, 2020

This week I interview Haseeb Awan, CEO of EFANI, about the rise of SIM swapping attacks. Haseeb explains the attack, how attackers carry it out, and provides some mitigation strategies.

Dec 1, 2020

This week is the first part of the Network-Fast-Triage mini-series. The first installation is the network investigation primer.

Nov 24, 2020

This week I go over a method to detect fileless malware on Linux systems.

Nov 17, 2020

This week I talk utilizing the ExploitDB for DFIR investigations. Searchsploit is a command line search tool for Exploit-DB that allows you the power to perform detailed off-line searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.

1 « Previous 4 5 6 7 8 9 10 Next » 17