How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR)

Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics ...

What Is GitOps and How Will it Impact Digital Forensics?

GitOps is arguably the hottest trend in software development today. It is a new work model that is widely adopted due to its simplicity and the strong benefits it provides for development ...
Taking Forensic Disk Images from the OVH Cloud

Taking Forensic Disk Images from the OVH Cloud

| | Breach, csu, DFIR, forensics
This article explains how a disk image can be taken from a virtual machine running on the public cloud. The acquired disk image can then be used with offline forensic tools like ...
Mini Memory CTF - A Memory Forensics Challenge

Carving Packets from Memory

Someone who says 'We're gonna pull the packet captures out of the router' probably has no clue how to capture network traffic. In the Lindell case, statements like these were results of ...
Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

Ben Reardon – Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software ...

Analyzing an Instance of Meterpreter’s Shellcode

In my previous post on detecting and investigating Meterpreter's Migrate functionality, I went down a rabbit hole on the initial PowerShell attack spawned by and Excel macro. In that payload was a ...

Video: The Bots Are Coming! A Blue Teamer Survival Guide

See the SOC of Tomorrow and How to Survive It! Video and Slide Deck from EH-Net Live! Nov 2018 We've all heard the stories of millions of available jobs in InfoSec that ...