#DFIR

Craig H. Rowland

CraigHRowland

Let's talk Linux log tampering. If these commands show you anything, it's time to take a look: #DFIRutmpdump /var/run/utmp | grep -E "(^\[0\]|^\[.[0-9]+\])"utmpdump /var/log/wtmp | grep -E "(^\[0\]|^\[.[0-9]+\

Jackie ✨

find_evil

Incident Response is primarily a procedural sport — and there are opportunities for both generalists and specialists in specific technologies to participate. But programming itself (beyond scripting like PowerShell and

Christopher Glyer

cglyer

As impact/frequency of cyber attacks increase, so does frequency that #DFIR analyst & incident response lead reports/status updates get scrutiny from counsel (both internal & external)In this thread I’m going

Katelyn Ilkani

cyberkatelyn

Are you stuck in some aspect of your life - personal or professional? You need a mentor. I’ve been spending an obsessive amount of time on this topic; let me

Nick Carr

ItsReallyNick

So you want to talk about the massive software supply chain intrusion & the most carefully-planned, complex espionage I’ve ever helped uncover?Start here: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages

Christopher Glyer

cglyer

2020 was full of major cyber events. Here is an end of year #ff thread of some of the most impactful people and research that I leveraged in my work

By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.