Tag: Windows Incident Response

Human Behavior In Digital Forensics, pt II

On the heels of my first post on this topic, I wanted to follow up with some additional case studies that might demonstrate how digital forensics can provide insight into human activity and behavior, as part of an investigation. Targeted…

Read more →

Human Behavior In Digital Forensics, pt II

One the heels of my first post on this topic, I wanted to follow up with some additional case studies that might demonstrate how digital forensics can provide insight into human activity and behavior, as part of an investigation. Targeted…

Read more →

Human Behavior In Digital Forensics

I I’ve always been a fan of books or shows where someone follow clues and develops an overall picture to lead them to their end goal. I’ve always like the “hot on the trail” mysteries, particularly when the clues are…

Read more →

2023 Wrap-up

Another trip around the sun is in the books. Looking back over the year, I thought I’d tie a bow on some of the things I’d done, and share a bit about what to expect in the coming year. In…

Read more →

Round Up

MSSQL is still a thingTheDFIRReport recently posted an article regarding BlueSky ransomware being deployed following MSSQL being brute forced. I’m always interested in things like this because it’s possible that the author will provide clear observables so that folks can…

Read more →

…and the question is…

I received an interesting question via LinkedIn not long ago, but before we dive into the question and the response… If you’ve followed me for any amount of time, particularly recently, you’ll know that I’ve put some effort forth in…

Read more →

…and the question is…

I received an interesting question via LinkedIn not long ago, but before we dive into the question and the response… If you’ve followed me for any amount of time, particularly recently, you’ll know that I’ve put some effort forth in…

Read more →

Roll-up

One of the things I love about the industry is that it’s like fashion…given enough time, the style that came and went comes back around again. Much like the fashion industry, we see things time and again…just wait. A good…

Read more →

Roll-up

I don’t like checklists in #DFIR.  Rather, I don’t like how checklists are used in #DFIR. Too often, they’re used as a replacement for learning and knowledge, and looked at as, “…if I do just this, I’m good…”. Nothing could…

Read more →