
DFSP # 251 - The Rise of Crypto SIM Swapping
This week I interview Haseeb Awan, CEO of EFANI, about the rise of SIM swapping attacks. Haseeb explains the attack, how attackers carry it out, and provides some mitigation strategies.
8 Des 202032min

DFSP # 250 - Network Triage Part 1
This week is the first part of the Network-Fast-Triage mini-series. The first installation is the network investigation primer.
1 Des 202014min

DFSP # 249 - Linux Fileless Attacks
This week I go over a method to detect fileless malware on Linux systems.
24 Nov 202015min

DFSP # 248 - Searchsploit
This week I talk utilizing the ExploitDB for DFIR investigations. Searchsploit is a command line search tool for Exploit-DB that allows you the power to perform detailed off-line searches through your...
17 Nov 202018min

DFSP # 247 - Startup Locations
This week is the last part of the Persistence-Fast-Triage mini-series. The final installation covers Windows startup locations.
10 Nov 202014min

DFSP # 246 - Investigation Lifecycle
This week I talk about the IR Investigation Lifecycle, or, the elements included within the incident handling process to ensure a complete investigation.
3 Nov 202017min

DFSP # 245 - Fetch and Execute
This week I talk about the use of RUNDLL32 to exploit information files (.INF) to "fetch and execute" malware.
27 Okt 202016min

DFSP # 244 - Registry Persistence Part 3
This week is part 3 of examining the Windows Registry for evidence of persistence and the focus is on Windows Registry Modification Event Records.
20 Okt 202020min


















