
DFSP # 419 - What the Flux
This week, we're delving into the realm of fast flux, a cunning technique employed by attackers to cloak their true, malicious domains. Its effectiveness is the reason behind its widespread use, makin...
27 Feb 202427min

DFSP # 418 - Core Insights: Navigating MFT in Forensics
In this week's exploration, I'm delving into the intricate realm of the Master File Table (MFT), a pivotal forensic artifact in Windows investigations. The MFT provides a valuable gateway to decode ev...
20 Feb 202422min

DFSP # 417 - Unlocking Linux Secrets
This week I delve into the intriguing domain of Linux malware triage. The Linux platform presents forensic analysts with a unique opportunity to excel in performing malware triage effortlessly. The be...
13 Feb 202432min

DFSP # 416 - Persistence Mechanisms on Windows
This week I'm going to talk about New Service Installation details recorded in Windows event logs. These have a number of advantages for your triage methodology and I will have all the details coming ...
6 Feb 202425min

DFSP # 415 - Dealing with Third-Party Incidents
Organizations leverage third-party services more and more for business advantages. For the security professional, this means the organizational data you're charged with protecting is under the control...
30 Jan 202420min

DFSP # 414 - CRON Forensics
Cron become important and Linux forensics when you're talking about persistence. Think scheduled tasks if you want a Windows equivalent. The artifact is not that difficult to analyze once you understa...
23 Jan 202414min

DFSP # 413 - Ransomware Initial Response
Ransomware cases can be particularly challenging, especially during the initial response. They tend to be fast-paced and require the responder to simultaneously prioritize a number of tasks. Each of t...
16 Jan 202416min

DFSP # 412 - Conhost Forensics
Conhost, or the Console Application Host, often comes up during investigations. Understanding what it is, the evidence may contain and how to extract that information becomes important...
9 Jan 202419min


















