Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.

http://digitalforensicsurvivalpodcast.libsyn.com/podcast

Eine durchschnittliche Folge dieses Podcasts dauert 18m. Bisher sind 321 Folge(n) erschienen. Dieser Podcast erscheint wöchentlich.

Gesamtlänge aller Episoden: 4 days 5 hours 19 minutes

subscribe
share





DFSP # 286 - Lateral MM Fast Triage 2 [5145]


This week we continue with the Windows fast triage series. We are up to lateral movement and talking about admin shares. On topic this week is event 5145 which is a Windows log that records verbose information about network share objects and it is an...


share







 2021-08-10  15m
 
 

DFSP # 285 - Linux Malware Triage


This week I wanted to take a break from Windows forensics and talk about Linux malware triage. The Linux platform offers forensic analysts the opportunity to do a very decent job performing malware triage. What I mean by this is that you do not need...


share







 2021-08-03  20m
 
 

DFSP # 284 - Fast Triage case study: non-Windows core processes


This week we’re going to take a look at how standard triage methodology can detect advanced attack techniques. Even as a newer examiners, if you learn the standard triage methods that I have covered in the fast triage series, you will find the...


share







 2021-07-27  15m
 
 

DFSP # 283 - CSA Cloud Threats 5


This week we take another look at the top threats to cloud computing. On tap This week is account hijacking. All analysts working in the DFIR field today must be aware of threats to cloud computing in order to be effective in their roles. 


share







 2021-07-20  10m
 
 

DFSP # 282 - Lateral MM Fast Triage


This week I talk about lateral movement fast triage. This is the next topic in the Windows fast triage miniseries and it aligns with the goal of the entire series, which is to help new or any analyst identify the most accessible artifacts that may be...


share







 2021-07-13  12m
 
 

DFSP # 281 - Fast Triage case study: persistence


This week I’m doing another walk-through to illustrate how standard triage methodology can detect advanced attack techniques. Sometimes as a newer examiner, it’s easy to become overwhelmed with the technical detail necessary to understand and...


share







 2021-07-06  12m
 
 

DFSP # 280 - Malware Fast Triage


This week I’m covering malware fast triage. It occurred to me that I should revisit this issue for a couple of different reasons. I remember covering this many years ago and I believe that’s why I haven’t thought about doing anything on it...


share







 2021-06-29  17m
 
 

DFSP # 279 - CSA Cloud Threats 4


This week is about the top threats to cloud computing.


share







 2021-06-22  14m
 
 

DFSP # 278 - Process Triage & CMD


This week is a continuation of the Windows fast triage miniseries. While other aspects of the triage miniseries had fairly contained artifacts to examine, new process triage presents a large and complex landscape to the analyst. I have already broken...


share







 2021-06-15  17m
 
 

DFSP # 277 - Learning from the Red Team II


A while back I did an episode on “learning from the red team” which focused on methods blue team members can utilize to better understand attacks and the artifacts affected by those attacks. One of the advantages of this method that I did not...


share







 2021-06-08  10m