Originally posted by DEF CON / @defcon@twitter.com: https://twitter.com/DFIR_ADD/status/1664720176917389312#m

RT by @defcon: Thrilled to announce our workshop will be at @defcon 31 with @Mr_Forensics and @S3curityNerd! Dive with us into the depths of #DFIR as we unveil cyber threats. Perfect for experts or newbies alike. Stay tuned for registration details. Let's dispel the digital darkness together!

Originally posted by DEF CON / @defcon@twitter.com: https://twitter.com/gleeda/status/1663691896579923969#m

RT by @defcon: I am happy to announce that I will be giving a training at @defcon this summer on Windows Memory Forensics!

#dfir #memoryforensics

Une belle découverte du matin, très bon outil autour du Threat Hunting, Forensic de WithSecure

"ChainSaw" - Rapidly Search and Hunt through Windows Forensic Artefacts

Lien repo ==> https://lnkd.in/eEj_C2bW

Source ==> https://lnkd.in/eeJkwKRn

#infosec #cybersecurity #blueteam #threat #windows #dfir

Mi charla del último SANS DFIR Summit 2022 fue un gran desafío personal y una muy agradable experiencia que espero pueda serle util a la comunidad cyber😊
#Ciberseguridad #InfoSec #ThreatIntelligence #BlueTeam #SOC #CyberSecurity #dataengineering #SANS #DFIR #DFIRSummit

https://youtu.be/Epe3hWqiqnE

RT @Jipe_
CERT-FR has published an advisory related to an ongoing ESXi ransomware campaign. As of today ESXi 6.x (< 6.7) / CVE-2021-21974 would be exploited by the threat actor. The campaign has been observed by 3 French hosting providers. #dfir #cybersecurity https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-015/

At APTA, we just updated our artifact for #Velociraptor. It helps incident responders and cybersecurity analysts dig through Windows event log files faster. Using unsupervised learning techniques, we calculate novelty scores for all events.

You can try it out here: https://github.com/APTA-Technologies/APTAAnomaly

#dfir #incidentresponse #cybersecurity #machinelearning #startups

This #JupyterHub image was specially built for my #SANS #DFIR 2022 talk. The repository comes with a Docker image of jupyterhub installed along with a Jupyter notebook example.
#jupyternotebook #docker #dfir #cybersecurity

https://hub.docker.com/r/whatdoeskmean/jupyter4dfir

Did you miss the #SANS #DFIR Summit 2022?

No worries! This is a curated list of links and resources brought to the #DFIRSummit attendees this year (Including mine ☺️)

#CyberSec #InfoSec

https://start.me/p/xbwgd0/sans-dfir-2022

Based on my last #SANS #DFIR Summit talk, I'm upgrading an IR Notebook which demonstrates a simple way to analyze and enrich #logs using #Python, Threat Intel #API, Google Sheets, and Google DataStudio dashboard.

#ThreatIntelligence #BlueTeam #InfoSec #CyberSecurity #IncidentResponse #SOC

Hello fediverse! Here's my #introduction. I'm a practitioner in the #infosec and #dfir field. Currently employed doing breach response, investigations, and developing AWS IR automation workflows. Love tinkering with tech, coding, and experimenting with "new things", which lead me to setup this personal Mastodon instance rather than joining an existing one. I'm a big Austin FC fan, enjoy sci-fi, coffee, craft beer, and whiskey. Any typos are due to cats walking across my keyboard.

Hi everyone, I'm not new to Mastodon though haven't used it much since a previous instance I used went offline. Given recent events with mainstream social media I decided to spin up my own instance. So, here's my #introduction!

I do #infosec things mostly, everything from #DFIR and #malware research to #CTI and #OSINT. I'm also a dog on the internet 🐶

Looking forward to connecting with some of you! Much love 💜

RT @CraigHRowland@twitter.com

This is how you de-cloak Linux malware masquerading as a kernel thread. I'll show you how to simulate this attack and how to investigate it with simple command line tools.

#DFIR #infosecurity #Linux #forensics

https://www.sandflysecurity.com/blog/detecting-linux-kernel-process-masquerading-with-command-line-forensics/

🐦🔗: https://twitter.com/CraigHRowland/status/1244777339558363137