Player FM - Internet Radio Done Right
179 subscribers
Checked 4d ago
تمت الإضافة منذ قبل nine عام
المحتوى المقدم من Michael and Digital Forensic Survival Podcast. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Michael and Digital Forensic Survival Podcast أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
المدونة الصوتية تستحق الاستماع
برعاية
S
Species Unite
![Species Unite podcast artwork](https://cdn.player.fm/images/26573582/series/BU2mPKVF5pbhtydv/32.png 32w, https://cdn.player.fm/images/26573582/series/BU2mPKVF5pbhtydv/64.png 64w, https://cdn.player.fm/images/26573582/series/BU2mPKVF5pbhtydv/128.png 128w, https://cdn.player.fm/images/26573582/series/BU2mPKVF5pbhtydv/256.png 256w, https://cdn.player.fm/images/26573582/series/BU2mPKVF5pbhtydv/512.png 512w)
![Species Unite podcast artwork](/static/images/64pixel.png)
1 Ella Driever and Sneha Sharma: The Timberline Pack 26:17
26:17
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب26:17![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
“We don't want Idaho to have a bad reputation. This is our home state. We love our home state. It's beautiful. We pride ourselves on our nature. We pride ourselves on our wildlife. And instead, we are continuing to do things that are… that are sickening.” - Ella Driever In 1995, wolves were reintroduced to central Idaho, and in 2003 a Boise High school called Timberline officially adopted a local wolf pack. Throughout the 2000, students went on wolf tracking trips and in their wolf packs range. But in 2021, Idaho's legislature passed Senate Bill 1211, 1211 allows Idaho hunters to obtain an unlimited number of wolf tags, and it also allows Idaho's Department of Fish and Game to use taxpayer dollars to pay private contractors to kill wolves. That means bounties on wolves, including on public lands. And in 2021, the Idaho Fish and Game Commission expanded the wolf hunting season and hunting and trapping methods. So it's not too surprising to learn that also in 2021, the Timberline pack disappeared. The students, the ones that cared about wolves, at least, were devastated. Last summer I went to D.C. with some of the Species Unite team for a wolf rally on Capitol Hill. While I was there, two young women gave a talk about what happened at Timberline in 2021. Their names are Ella Driver and Sneha Sharma. They both graduated from Timberline High School and were there when their wolf pack disappeared. Please, listen and share.…
DFSP # 454 MFA Bypass Attacks
Manage episode 447425794 series 166409
المحتوى المقدم من Michael and Digital Forensic Survival Podcast. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Michael and Digital Forensic Survival Podcast أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
This week I talk about the attack methods being used to bypass MFA. We'll learn about real-world cases where MFA was circumvented, and discover best practices to strengthen defenses against these types of attacks...
469 حلقات
Manage episode 447425794 series 166409
المحتوى المقدم من Michael and Digital Forensic Survival Podcast. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Michael and Digital Forensic Survival Podcast أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
This week I talk about the attack methods being used to bypass MFA. We'll learn about real-world cases where MFA was circumvented, and discover best practices to strengthen defenses against these types of attacks...
469 حلقات
كل الحلقات
×Today’s episode is all about Windows event logs that record blocked network connections. Blocked network events are interesting because they might signal that an attacker’s secondary or tertiary toolset isn’t working as intended. That’s good news from a security standpoint...
Today I cover an evolving threat in the cybersecurity world: data brokers. From a computer forensics standpoint, this threats pose unique challenges. While breaches capture headlines, data brokers play a major (and sometimes overlooked) role in fueling cybercrime. In this session, we will explore how these threats operate, why they are dangerous, and how computer forensics professionals can combat them.…
The Common Vulnerability Scoring System (CVSS) is a powerful tool for assessing the severity and impact of security vulnerabilities. In digital forensics and incident response, CVSS scores can provide critical context to prioritize investigations and focus on the most significant risks. This episode I will explore how leveraging CVSS scoring enhances vulnerability assessments during incident response, enabling teams to make data-driven decisions.…
![Artwork](/static/images/128pixel.png)
1 DFSP # 466 Malware Triage for File Types 23:54
23:54
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب23:54![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Understanding the behavior and characteristics of common file types used in attacks, such as executables, scripts, and document files, is essential for effective analysis. In this episode, we will explore practical approaches to triage malware, focusing on key indicators and techniques for prioritizing investigations.…
Windows permit events, often overlooked, offer valuable details about allowed network connections that can reveal patterns of malicious activity. In this episode, we will dive into how analyzing these events can enhance network triage, enabling security teams to detect, scope, and respond to threats more effectively.…
Security risk assessments can be a tool for guiding and prioritizing incident response investigations. By evaluating the potential impact and likelihood of various threats, these assessments provide a structured framework to identify and mitigate risks effectively. This episode will explore how integrating security risk assessments into incident response workflows enhances response strategies.…
This week, we’re focusing on the Windows Prefetch artifact—a cornerstone in Windows forensics, especially for user endpoint investigations. In this episode, I’ll break down the Prefetch artifact from an investigative perspective, covering how to effectively leverage its evidence in forensic analysis. I’ll also highlight any recent changes to the artifact that may impact its value, ensuring you’re aware of everything you need to know for your investigations.…
This week, we’re exploring malware triage techniques. Unlike full binary analysis, malware triage is often seen as an essential skill that every digital forensic and incident response professional should master. In this episode, I’ll walk you through the core elements of malware triage, helping you understand the various skills needed to meet industry expectations. By the end, any analyst should feel confident in examining a binary and applying these techniques to uncover potential malicious content.…
This week, we’re diving into how to triage for PSEXEC evidence. PSEXEC leaves traces on both the source and target systems, making it essential to identify artifacts on each to determine whether a system was used as an attacker’s tool or was the target of an attack. While PSEXEC has somewhat fallen out of favor due to increased use of PowerShell for similar activities, it remains a commonly abused utility among attackers. In this episode, we’ll break down the key artifacts and methodologies for effective triage.…
Understanding how to search for executables is a critical skill in computer forensics. There are major differences in how executables are handled between Windows and Linux systems, so techniques that work on Windows won’t always translate effectively to Linux. In this episode, I’ll break down some triage techniques to help you quickly identify suspicious executables on Linux systems.…
Welcome to today’s episode! We’re diving into network triage, focusing specifically on listening ports. While we often look for active connections, identifying suspicious services listening on a port can be equally crucial in your investigation. It’s essential to gather this information for both current, real-time data and historical analysis, providing a more complete view of network activity.…
In this episode, we’ll dive into two essential forensic artifacts in Windows: shellbags and the Program Compatibility Assistant (PCA). Shell bags provide valuable evidence of file and folder access, offering insights into user activity and file navigation. We’ll also explore PCA, which can reveal important information about file execution history. Together, these artifacts play a crucial role in uncovering key forensic details during investigations.…
The Linux subsystem for Windows, create both opportunity and challenges for forensic analysts. It makes Windows an excellent platform for multi platform forensic analysis tasks, allowing it to take advantage of the many Linux tools available. The challenges are foreseeable, you have Linux artifacts, now commingled on a Windows platform, which makes forensic analysis that much more difficult when examining such a system as evidence. This week I'm going to break down the Linux subsystems for forensic investigators…
In this episode, we’ll explore the fundamentals of network triage, focusing on the key aspects of network traffic that are central to many investigations. Additionally, we’ll discuss some of the essential tools you can use to analyze and manage network data effectively.
![Artwork](/static/images/128pixel.png)
1 DFSP # 455 Security Control Circumvention 33:29
33:29
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب33:29![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Today, we’re going to explore how to handle a critical security event: Unauthorized Modification of Information. This type of event occurs when a user alters information in a system—whether it’s an application, database, website, server, or configuration files—without prior authorization. These modifications can range from impersonation and unauthorized system updates to more sophisticated techniques such as SQL injections, privilege escalations, and configuration file tampering.…
مرحبًا بك في مشغل أف ام!
يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.