Shows
The Professional CISOFrom DFIR Godfather to AI Risk Advocate: Rob T. Lee on Cybersecurity’s Crossroads | RSA 2025In this special RSA Conference edition of The Professional CISO Show, host David Malicoat sits down with Rob T. Lee—Chief of Research at SANS Institute and a foundational figure in cybersecurity. With nearly three decades of experience spanning the Air Force, Mandiant, and SANS, Rob shares his insights on the evolving challenges of the CISO role, the toxicity of today’s security environments, and the urgent need for AI literacy across the industry.Rob dives deep into the accelerating threat landscape, the need for cyber safe harbors, and why he believes we’re on the verge of nor...2025-07-2348 min
ReportsDFIR Discussions: Another Confluence Bites the Dust: Falling to ELPACO-team RansomwareWe dive into our latest public report with Randy Pargman, Jake Ouellette, Kostas T., and Mangatas Tondang.Report: https://thedfirreport.com/2025/05/19/another-confluence-bites-the-dust-falling-to-elpaco-team-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/Music by FASSounds from Pixabay2025-06-1638 min
TLP - The Digital Forensics PodcastEpisode 21: How IRCO is Changing DFIR: The AI Copilot for Real-Time Cyber InvestigationsSend us a textLink to IRCO- Incident Response Copilot on Chat GPThttps://chatgpt.com/g/g-68033ce1b26481919b26df0737241bac-irco-incident-response-co-pilotIn this episode of TLP: The Digital Forensics Podcast, Clint dives deep into IRCO (a custom GPT designed specifically for DFIR and SOC analysts). From real-world cyber incidents to post-incident reporting and CTF training, IRCO acts like your AI-powered colleague: fast, focused, and built for real investigations or even CTF's.Learn how this tool understands your forensic workflows, decodes technical jargon, and supports smarter, f...2025-06-1015 min
Forensic FocusHexordia's Jessica Hyde: Navigating The Future Of Digital ForensicsJessica Hyde from Hexordia joins the Forensic Focus Podcast to discuss her unique journey from Marine Corps avionics technician to digital forensics expert. Jessica shares how her military background provided transferable skills for forensic investigations, emphasizing the importance of documentation, troubleshooting, and diverse perspectives in finding truth in digital evidence. The conversation explores critical topics including IoT forensics challenges, the urgent need for timely data acquisition before evidence degrades, and the role of AI in forensic analysis. Jessica also discusses her experience teaching at George Mason University since 2016, how students' questions enhance her own knowledge, and why...2025-05-1358 min
Forensic FocusCellebrite's 2025 DFIR Industry Trends Survey - Key InsightsHeather Barnhart and Paul Lorenz join the Forensic Focus Podcast to discuss key insights from Cellebrite's 2025 DFIR Industry Trends Survey. They dive into the challenges facing digital forensics today - from locked devices and encrypted applications to overwhelming case backlogs. The survey, which gathered responses from over 2,100 professionals across 95 countries, reveals notable trends: 98% of prosecutors consider digital evidence critical to their cases, and 80% of respondents believe AI can enhance investigation effectiveness. The discussion delves into the growing acceptance of cloud storage in forensics, the cautious adoption of AI in investigations, and the preference for in-person...2025-05-0652 min
ReportsNavigating Through The FogReport: https://thedfirreport.com/2025/04/28/navigating-through-the-fog/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/2025-04-2803 min
Breaking BadnessDFIR Foundations: Real-World Lessons in Containment, Eradication, and RecoveryIn this powerful continuation of our DFIR series, cybersecurity experts Daniel Schwalbe, David
Bianco, Lesley Carhart, and Sarah Sabotka dissect the heart of effective incident response,
containment, eradication, recovery, and lessons learned. Packed with firsthand war stories,
sharp tactical advice, and honest debates, this episode is a must-listen for anyone building or
refining their digital forensics and incident response capabilities. Tune in to learn why planning
matters, what to do (and not do) during a breach, and how to make the adversary's job harder,
one containment plan at a time.2025-04-2354 min
Forensic FocusThe DFIR Investigative Mindset: Brett Shavers On Thinking Like A DetectiveBrett Shavers joins the Forensic Focus Podcast to discuss the critical "investigative mindset" needed for effective digital forensics. Drawing from his unique background in undercover law enforcement operations and his transition to digital forensics, Brett shares invaluable insights on why technical skills alone aren't enough in DFIR. Digging into practical challenges with hosts Si and Desi, Brett tackles head-on why DFIR isn't an entry-level field, the importance of understanding human behavior behind digital evidence, and how to approach cases with both technical precision and investigative strategy. He discusses his journey authoring several influential books including "DFIR Investigative M...2025-04-2355 min
Forensic FocusAI Unpacked: Magnet Forensics' New Series On AI In DFIRBrandon Epstein joins the Forensic Focus Podcast to discuss the evolving landscape of digital forensics and the growing role of artificial intelligence in evidence analysis. Brandon shares his journey from being a major crimes detective in New Jersey to co-founding Medex Forensics (later acquired by Magnet), and discusses his current roles both at Magnet Forensics and as chair of the Scientific Working Group on Digital Evidence (SWGDE). In this wide-ranging conversation, he explains how AI is being responsibly implemented in forensic tools like Magnet Axiom's Copilot feature and Magnet Verify, highlighting the critical distinction between using AI...2025-04-141h 02
ReportsFake Zoom Ends in BlackSuit RansomwareReport: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/2025-03-3106 min
Technically UDigital Detectives - Uncovering Secrets in the Cyber World - DFIRIn this short episode, we take you on a fascinating journey into the world of digital forensics (DFIR). Join our hosts as they break down the science of uncovering digital evidence, from volatile and non-volatile data to the systematic process of collection, examination, analysis, and reporting. Learn how investigators recover deleted files, analyze encrypted data, and use cutting-edge tools to solve cybercrime.Tune in for a fun, engaging, and informative conversation that might make you think twice about your digital footprint!What is DFIR: (0:30)Types of Data: (0:50)2025-03-1503 min
Forensic FocusRob Fried's Award-Winning Approach To Digital ForensicsHosts Si and Desi welcome back Robert Fried, winner of the Top Professional Investigator award. Rob discusses his new book, ‘Forensic Data Collection 2.0,’ and shares insights on the evolving landscape of digital forensics. The conversation explores the importance of documentation in forensic investigations, balancing technical skills with human interaction, and meeting the challenges of AI and emerging technologies. Rob emphasizes building rapport with clients and stakeholders while mentoring the next generation of digital forensic examiners. Rob shares his fascinating journey from law enforcement training to private sector work, highlighting how the human element remains essential even...2025-03-131h 01
Decoded: The Cybersecurity PodcastOpen-Source DFIR Tools Deep Dive by Edward HenriquezDecoded: The Open-Source Arsenal – Deep Dive into DFIR Tools is a podcast episode hosted by Edward Henriquez that explores a variety of open-source tools critical for digital forensics and incident response (DFIR). The episode examines tools used in disk and memory forensics, such as Autopsy, The Sleuth Kit, Volatility, and Rekall, for analyzing compromised systems and memory dumps. It further discusses network forensics with Wireshark, Zeek, and Suricata for traffic analysis and threat detection. Additionally, the episode covers log and event analysis using the ELK Stack and Graylog, as well as malware analysis with YARA, Ghidra, and Radare2. Finally, it...2025-03-0731 min
UhkametsäKuulumisia ja kokemuksia DFIR tutkinnan haasteistaUhkametsän jaksot jatkuu nyt myös Podcastina! Pääpointti on Youtuben puolella mutta päätimme myös jatkaa jaksojen julkaisua podcast-muodossa kun tästä tuli myös toiveita.Tällä kertaa paljon kuulumisia sekä keskustelua DFIR-tutkintojen aikana havaitusta haasteista joita me olemme kohdanneet. Instagram: https://www.instagram.com/uhkametsa/Linkedin: https://www.linkedin.com/company/uhkametsa/2025-03-021h 08
Forensic FocusProtecting Investigators: Dr. Michael Bourke On Building A Healthier DFIR CommunityDr Michael Bourke joins the Forensic Focus Podcast to discuss the psychological impact of investigating internet crimes against children and how organizations can better support digital forensic investigators' mental health. As a distinguished clinical psychologist and researcher, Dr Bourke shares powerful insights from his extensive work in this field, explaining how repeated exposure to disturbing material can affect even the most resilient professionals. Dr Bourke introduces his innovative "sunburn analogy" to explain how secondary traumatic stress accumulates over time, discusses practical strategies for protecting investigators' wellbeing, and reveals details about the groundbreaking FORWARD Center, a new non-profit...2025-02-2448 min
ReportsConfluence Exploit Leads to LockBit RansomwareReport: https://thedfirreport.com/2025/02/24/confluence-exploit-leads-to-lockbit-ransomwareContact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/2025-02-2405 min
Forensic FocusDFIR In 2025 – AI, Smart Devices And Investigator Well-BeingSi and Desi kick off 2025 with a deep dive into critical trends shaping digital forensics. They tackle pressing challenges such as AI-driven threats, including deepfakes and AI-generated images, and examine the security risks associated with connected devices. The discussion also explores the ongoing impact of the pandemic on mental health, remote work, and the forensic community's well-being. With a focus on practical insights and support for forensic professionals, they cover evolving threats, emerging technologies, and the importance of mental resilience in the field. Stay tuned for updates on future podcast guests, conferences, and new tech developments. 2025-02-111h 01
ReportsCobalt Strike and a Pair of SOCKS Lead to LockBit RansomwareReport: https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2025-01-2708 min
Digital Forensics NowMind Matters: Navigating DFIR with BalanceSend us a textGet ready for a hands-on look at digital forensics and the challenges professionals tackle every day. We share a story about forensic guessing that highlights the importance of testing assumptions and following the evidence to avoid errors. The discussion emphasizes how staying grounded in facts can prevent investigations from going off track.We also highlight advancements in forensic tools and training. Learn about tools like Belkasoft, the UFADE tool for iOS device extraction, and SQBite for SQLite database analysis. These tools are improving efficiency and accessibility in the field. B...2025-01-241h 03
ReportsDFIR Discussions: The Curious Case of an Egg-Cellent ResumeWe discuss our latest report "The Curious Case of an Egg-Cellent Resume"
Host: @Kostastsale
Analysts: @_pete_0, Zach Stanford (aka @svch0st)
Report: https://thedfirreport.com/2024/12/02/the-curious-case-of-an-egg-cellent-resume/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
Music by FASSounds from Pixabay2025-01-2039 min
Forensic FocusCrypto Crime - No Such Thing?Nick Furneaux, a renowned figure in digital forensics and cryptocurrency investigations, joins the Forensic Focus podcast. He shares his journey into the world of digital forensics, his work on covert data extraction tools, and his development of expertise in memory and cryptocurrency forensics. The conversation explores Nick's new book, 'There's No Such Thing as Crypto Crime,' and the importance of discovering and properly investigating cryptocurrency-related activities within the broader context of traditional criminal investigations. Nick emphasizes the need for effective discovery tools for forensic investigators and highlights the evolving role of cryptocurrencies in various...2024-12-201h 03
ReportsThe Curious Case of an Egg-Cellent ResumeReport: https://thedfirreport.com/2024/12/02/the-curious-case-of-an-egg-cellent-resume/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2024-12-0207 min
Defend Your TimeThe Best Open-Source Tools for DFIRSOC Analyst Andrew Tranter shares a few of his favorite open-source tools that - when combined with Windows event logs - can uplevel your DFIR efforts. Andrew covers specific use cases as well as how to get started with Hayabusa (Yamato-Security), Chainsaw (WithSecureLabs), and Timeline Explorer (Eric Zimmerman).2024-11-2512 min
ReportsInside the Open Directory of the “You Dun” Threat GroupReport: https://thedfirreport.com/2024/10/28/inside-the-open-directory-of-the-you-dun-threat-group
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2024-10-2804 min
Enterprise Security Weekly (Video)Funding, acquisitions, DFIR reports, bad products, secure by design, and more! - ESW #379In the enterprise security news, Eon, Resolve AI, Harmonic and more raise funding Dragos acquires Network Perception Prevalent acquires Miratech The latest DFIR reports A spicy security product review Secure by Whatever New threats Hot takes All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-3792024-10-1153 min
ReportsNitrogen Campaign Drops Sliver and Ends With BlackCat RansomwareReport: https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2024-09-3006 min
Breaking Into CybersecurityBreaking into Cybersecurity - DFIR Career Advice w_Cathy UllmanBreaking into Cybersecurity - DFIR Career Advice w/Cathy UllmanDr. Catherine J. Ullman is a security researcher, speaker, author, and Principal Technology Architect and security at the University at Buffalo with over 20 years of highly technical experience. In her current role, Cathy is a digital forensics and incident response (DFIR) specialist, performing incident management, intrusion detection, investigative services, and personnel case resolution in a dynamic academic environment. She additionally builds security awareness among faculty and staff, educating and informing users about how to prevent and detect social engineering threats and compute and digitally communicate safely. Cathy...2024-09-2029 min
Forensic FocusThe Impact Of Traumatic Material On Well-Being in DFIRPaul Gullon-Scott BSc MA MSc MSc FMBPSS joins the Forensic Focus Podcast to discuss the mental health challenges faced by digital forensic investigators (DFIs), particularly in relation to secondary traumatic stress (STS). He explains how exposure to distressing content, such as child sexual abuse material (CSAM), can lead to burnout, anxiety, and depression. Drawing on his many years of experience in digital forensics and research, Paul highlights the lack of UK-specific studies in this area and shares his development of a well-being framework aimed at reducing the mental health toll on DFIs. This framework includes a grading...2024-09-1956 min
CybeersCybeers | State of Cyber - Annual DFIR ReportState of Cyber - Annual DFIR Report2024-08-2750 min
Secure Networks: Endace Packet Forensics FilesEpisode 57: Ryan Chapman - SANS Author and Instructor | Veteran DFIR ExpertRansomware has shifted from simple, isolated attacks to coordinated, human-operated campaigns that target entire organizations. In this episode of the Endace Packet Forensics Files, Michael Morris talks with Ryan Chapman, SANS Instructor and expert in Digital Forensic and Incident Response (DFIR) about these evolving threats. Ryan explains how attackers are becoming more methodical and sophisticated, focusing on disabling EDR/XDR solutions to evade detection and leaving organizations vulnerable to advanced attacks. One of the key challenges Ryan highlights is visibility. Without robust logging, packet capture, and monitoring tools, it’s nearly impos...2024-08-2628 min
ReportsBlackSuit RansomwareReport: https://thedfirreport.com/2024/08/26/blacksuit-ransomware/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/2024-08-2605 min
InfosecTrainWhy Choose Advanced Threat Hunting & DFIR Training Course with InfosecTrain?What is Threat Hunting?
Threat hunting is a proactive cybersecurity approach where security professionals seek out hidden threats within an organization’s network before they can cause significant harm. It involves searching for potential threats and malicious activities within a network or system that traditional security measures may be unable to detect. Unlike reactive security measures, such as antivirus software and firewalls that respond to known threats, threat hunting focuses on identifying and mitigating Advanced Persistent Threats (APTs) and other sophisticated threats that may have bypassed these defences.
What is DFIR?
DFIR, or Digi...2024-08-1605 min
Bytes with Bec and BenjiEp4. Nick Klein: Cyber Attacks and Digital Forensics Incident Response (DFIR)In this episode, we had the pleasure of chatting with Nick Klein, the Executive Director of Digital Forensics & Incident Response(DFIR) at Cyber CX. Nick's journey is fascinating; With over two decades of experience, Nick has become a go-to expert for presenting evidence in both criminal and civil cases, not just in Australia but internationally. He’s a trusted advisor for senior executives and boards during major cyber incidents, guiding them through the complexities of response coordination, forensic investigation, threat hunting, ransomware negotiations, and working with law enforcement. 2024-08-1649 min
ReportsThreat Actors' Toolkit: Leveraging Sliver, PoshC2 & Batch ScriptsReport: https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/2024-08-1205 min
InfosecTrainWhat is Cyber Threat Hunting and DFIR? | Steps of Malware Attack ExplainedAre you curious about how organizations detect and respond to cyber threats? In this Audio, we delve into the world of Cyber Threat Hunting and Digital Forensics and Incident Response (DFIR). We'll explore the steps involved in identifying and mitigating malware attacks, and discuss the critical role of DFIR in cybersecurity. Whether you're a beginner or a seasoned professional, this video provides valuable insights into the methodologies used to safeguard digital assets. Stay tuned and learn how to strengthen your organization's defense against cyber threats!2024-08-0547 min
Forensic FocusCombating The Rise Of AI-Generated Child Exploitation Material With Heather BarnhartHeather Barnhart from Cellebrite joins the Forensic Focus Podcast to discuss combating the rise of AI-generated child exploitation material. Heather shares her extensive experience and insights on the impact of AI and deepfakes on investigations, the challenges faced by law enforcement worldwide, and the importance of education in combating digital crimes. Heather also emphasizes the significance of validating forensic tools and the necessity of educating both professionals and the public about the ethical and legal implications of AI. 00:00 – Introducing Heather Barnhart and her background in DFIR 03:05 – The Evolution of Child Exploitation and AI 2024-07-2351 min
Cyber Caffeine - Hablemos de ciberseguridadCyber Caffeine #18 - Lessons Learned from DFIR InvestigationsJoin us on this episode of Cyber Caffeine by SISAP, where experts from our DFIR division, Apollo Cyber, share invaluable lessons learned from their experiences. Featuring Edith Santos (COO at Apollo Cyber), Aric Asti (Managing Director at Apollo Cyber), and Byron Méndez (DFIR Consultant at Apollo Cyber), this episode provides expert insights and practical advice to strengthen your cybersecurity posture. Don't miss it! #CyberCaffeine #SISAP #DFIR #CyberSecurity #Podcast Únete a nosotros en este episodio de Cyber Caffeine by SISAP, donde expertos de nuestra división DFIR, Apollo Cyber, comparten lecciones invaluables aprendidas de sus experiencias. Con Edith Santos (COO...2024-06-2847 min
Cyber Caffeine by SISAP - Hablemos de ciberseguridadCyber Caffeine #18 - Lessons Learned from DFIR InvestigationsJoin us on this episode of Cyber Caffeine by SISAP, where experts from our DFIR division, Apollo Cyber, share invaluable lessons learned from their experiences. Featuring Edith Santos (COO at Apollo Cyber), Aric Asti (Managing Director at Apollo Cyber), and Byron Méndez (DFIR Consultant at Apollo Cyber), this episode provides expert insights and practical advice to strengthen your cybersecurity posture. Don't miss it!
#CyberCaffeine #SISAP #DFIR #CyberSecurity #Podcast
Únete a nosotros en este episodio de Cyber Caffeine by SISAP, donde expertos de nuestra división DFIR, Apollo Cyber, comparten lecciones invaluables apr...2024-06-2847 min
ReportsIcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware DeploymentReport: https://thedfirreport.com/2024/06/10/icedid-brings-screenconnect-and-csharp-streamer-to-alphv-ransomware-deployment/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2024-06-1007 minTLP - The Digital Forensics PodcastEpisode 1 - Digital forensics trends and preparations, learning from real life case studies & DFIR training for getting startedSend us a textIn this first episode we kick off with Clint Marsden, the host of Traffic Light Protocol (TLP) where he talks about what its like to work in DFIR, how to get started with Cyber training, what to expect in future episodes, and of course a light touch on AI Forensics!Join us for the first episode. The next episodes coming up talk about the NIST SP 800-61 where we break down Preparation, Detection, Eradication and Recovery.Highlights:Current trends and best practices in digital forensics, emphasizing the...2024-05-1623 min
ReportsDFIR Discussions: From IcedID to Dagon Locker Ransomware in 29 DaysWe discuss our latest report "From IcedID to Dagon Locker Ransomware in 29 Days"
Host: @Kostastsale
Analysts: @r3nzsec & @angelo_violetti
Special Guest: @nas_bench
Report: https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
Music by FASSounds from Pixabay2024-05-1356 min
ReportsFrom IcedID to Dagon Locker Ransomware in 29 DaysReport: https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
2024-04-2907 min
ReportsDFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 2We discuss our latest report From OneNote to RansomNote: An Ice Cold Intrusion
Host: @Kostastsale
Analysts: @iiamaleks, @IrishD34TH, & @Miixxedup
Special Guest: @techspence
Feedback: https://forms.office.com/r/LR9NsEWYye
Report: https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
Music by FASSounds from Pixabay2024-04-1521 min
ReportsDFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 1We discuss our latest report From OneNote to RansomNote: An Ice Cold Intrusion
Host: @Kostastsale
Analysts: @iiamaleks, @IrishD34TH, & @Miixxedup
Special Guest: @techspence
Report: https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
Music by FASSounds from Pixabay2024-04-0925 min
ReportsFrom OneNote to RansomNote: An Ice Cold IntrusionFull Report -
https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion
Feedback: https://forms.office.com/r/YY6w3gwd6A2024-04-0107 min
CybeersCybeers | Events Special Las Vegas Part 1 | SANS DFIR Summit, BSides | Aug 2023 [🎙 #Cybeers Las Vegas 🇺🇸 Special] Richard Grainger, Nick Morgan and Milan Patel covered key takeaways from SANS DFIR Summit the team attended in Austin, TX and BSides Las Vegas. Key impressions cover: ▶ Bulk forensics at scale, ▶ process improvements, ▶ how to get results quicker, ▶ flow and impact of cloud forensics, but also validation on how we respond to ransomware attack cycles, ▶ cost-effective SIEM, ▶ process creation logs, ▶ Google Workspace forensics, and much more. ✳ SANS Institute is one of the world's largest providers of cybersecurity expertis...2024-03-1524 min
ReportsDFIR Discussions: SEO Poisoning to Domain Control: The Gootloader Saga ContinuesOur first DFIR Discussions podcast on our latest report SEO Poisoning to Domain Control: The Gootloader Saga Continues
Host: @Kostastsale
Analysts: @_pete_0, @malforsec, & @r3nzsec
Special Guest: @HackingLZ
Feedback: https://forms.office.com/r/mK2Jp8vPXj
Report: https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues/
Contact Us: https://thedfirreport.com/contact/
Services: https://thedfirreport.com/services/
Music by FASSounds from Pixabay2024-03-1152 min
The Cyber Threat PerspectiveEp82 - DFIR For IT & Security LeadershipIn this episode, we dive into the world of digital forensics and incident response. Spencer, Mark and Andrew discuss the various roles you might see on a DFIR team, the psychology of IR and the stages of incident response, the challenges of responding to cloud compromises, what comes after after the breach and so much more.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://click.spenceralessi.com/mylinks Work with Us: https://securit360.com2024-03-0655 min
ReportsSEO Poisoning to Domain Control: The Gootloader Saga ContinuesReport - https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues
Provide feedback for a chance to win free swag - https://forms.office.com/r/MwZXkBrUNv2024-02-2608 min
ReportsBuzzing on Christmas Eve: Trigona Ransomware in 3 HoursReport: https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/
Feedback: https://forms.office.com/r/pPajTA4Vwy
2024-01-2906 min
The MooncastEVERYTHING you need to know about CYBERSECURITY w/Steven from My DFIR | Ep. 41 | The MooncastEVERYTHING you need to know about CYBERSECURITY w/Steven from My DFIR | Ep. 41 | The Mooncast
My DFIR website:
https://www.mydfir.com/
My DFIR YouTube:
https://youtube.com/@MyDFIR?si=5we6oiYTtkLgpfPa
LinkTree:
https://linktr.ee/moonboycapitalventures2023-12-0446 min
Forensic FocusProtecting Victims From Stalkerware And Tech-Enabled AbuseSi and Desi talk to Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, and Emma Pickering, Head of Tech and Economic Abuse at Refuge. They discuss the impact of digital forensics and incident response (DFIR) in cases of domestic abuse. They highlight the prevalence of tech-enabled abuse, such as the use of stalkerware, and the need for comprehensive support and safety plans for survivors. They also talk about the challenges faced by law enforcement in investigating and prosecuting these cases, as well as the importance of training and awareness in addressing tech-enabled abuse. The conversation...2023-11-1555 min
Forensic FocusTeaching Digital Forensics With Professor Sarah MorrisSi and Desi are joined by Professor Sarah Morris, Digital Forensics Academic and Practitioner, to talk about DFIR at Southampton University, and Sarah’s innovative approach to lecturing. They explore a range of topics, from electronic storage detection using robots, to strength-testing Faraday bags. They also venture into the realm of forensics in unexpected places, like unravelling mysteries hidden within a washing machine. Plus, Sarah offers a rare insider's perspective on the biometrics and forensics ethics group, an advisory non-departmental public body sponsored by the Home Office.2023-09-0652 min
The Cyber RiddlerGetting started with DFIR - Paula JanuszkiewiczIn this episode we talked about Digital forensics and Incident response aka DFIR, how to get started, and how crucial it is to deal with incidents. We also talked about various topics including memory dump and analysis, ransomeware and stories from the past about interesting incidents. This episode was starring Paula Januszkiewicz, CQURE CEO.Who's Paula?https://thecyberriddler.com/person/paula-januszkiewiczFind the full description on the blog post available in the podcast website below:https://thecyberriddler.com/blog/getting-started-with-dfir-paula-januszkiewiczThis episode has a video as well, you...2023-07-1244 min
The Cybersecurity Defenders Podcast#39 - A conversation about DFIR with Devon Ackerman, Global Service Line Leader for Digital Forensics and Incident Response KrollOn today's episode of The Cybersecurity Defenders Podcast we are joined Devon Ackerman, Global Service Line Leader for Digital Forensics and Incident Response (DFIR) services at Kroll Cyber.Prior to Kroll, Devon served as a Supervisory Special Agent at the FBI's Operational Technology Division in the CART Field Operations Unit. He navigated digital forensic issues, managed 56 FBI Division executive management relationships, organized team deployments during mass incident response events such as the San Bernardino Domestic Terrorism shooting (Apple iPhones), and served as a senior certified Forensic Examiner (CART) for on-scene collections and forensic analysis.As...2023-06-0628 min
Digital Forensic Survival PodcastDFSP # 376 - Zero-Day and DFIRThis week I talk about the role and typical responsibilities DFIR professionals may be called up to take to assist with a zero-day response.2023-05-0225 min
Digital Forensic Survival PodcastDFSP # 376 - Zero-Day and DFIRThis week I talk about the role and typical responsibilities DFIR professionals may be called up to take to assist with a zero-day response.2023-05-0225 min
ITCS PIZZATIME TECH PODCAST#127 - Hey, you've been hacked?! Über Digital Forensics and Incident Response (DFIR), EYITCS - Tech Konferenz, IT-Jobmesse & Festival. Digital und Technik News mit Themen zu KI (Künstlicher Intelligenz), Big Data, Cloud Computing u.v.m
"Hey, du wurdest gehackt. Zahle innerhalb der nächsten 6h 100 Bitcoin, um den Zugang zu deinen Daten wiederzuerlangen und weitere 100 Bitcoin, dass wir die Daten nicht veröffentlichen." - Und was jetzt? Stress, Adrenalin, Panik!
Passiert das einer Firma, kommt u.a. das Digital Forensics & Incident Response (DFIR) Team von EY zur Hilfe. Was in den nächsten Stunden nach einem solchen Vorfall passiert und, wie man digitale Spuren sichert, erzählt uns heute Domin...2023-03-0555 min
Cyber Security HeadlinesVM Server problems, Google Translate BEC, DFIR burnout increasesFebruary updates break some Windows Server 2022 VMs BEC groups use Google Translate to target high value victims Evolving cyberattacks and alert fatigue creating DFIR burnout Thanks to today's episode sponsor, US, yes, CISO Series “If it is important it will likely be in the Cyber Security Headlines update in the morning… And it allows me and my team to dig in a little more on aspects that might affect our technology stack,” said Shawn Bowen, CISO for World Fuel Services. Security leaders listen and make decisions based on what they h...2023-02-1707 min
Shared Security PodcastHow to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR)Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how he got started, his advice to anyone that wants to pursue a career in DFIR, and […]
The post How to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR) appeared first on Shared Security Podcast.2022-11-1428 min
Shared SecurityHow to Break Into a Cybersecurity Career – Digital Forensics and Incident Response (DFIR)Matt Scheurer, host of the ThreatReel Podcast and Assistant Vice President of Computer Security and Incident Response in a large enterprise environment, joins us to discuss starting a career in digital forensics and incident response (DFIR). Matt discusses how he got started, his advice to anyone that wants to pursue a career in DFIR, and what the future may hold for the DFIR industry. We also have a fun discussion about the "possibility" of aliens in Dayton Ohio. Thanks to NordLayer for sponsoring this episode! Secure your business network with NordLayer. As a listener...2022-11-1428 min
Forensic FocusHTCIA, DFRWS-APAC, and the DFIR Events Industry: A CritiqueYou can’t put a price on bants! Friends and enemies welcome as this week Christa, Si, and Desi recap HTCIA and DFRWS. Deep dive into ticket prices and accessibility. Wonder whether there is innovation in the vendor space. Consider running their own virtual Forensic Focus conference in 2023. They briefly touch on neurodiversity, potential guests, and we all get treated to Si’s long preamble and and slightly shorter outro. Show Notes: DFRWS APAC 2022 Program - https://dfrws.org/apac-2022-program/ BSides AUS - https://www.bsidesau.com.au/ BSides UK - ht...2022-11-141h 16
Forensic FocusThe Great Resignation in DFIRIn this episode, co-hosts Desi, Si, and Christa compare and contrast the concerns and pressures of the DFIR world vs. other industries. Starting with burnout as a function of increases in both cyber incidents and online crime, we also discuss: - The risks of backfilling gaps in cyber without computer science fundamentals. - More work and fewer resources leading to backlogs, which factor in burnout and resignations as well as actions like the UK barristers' strike. - The importance of mentorship, representation, and manager training to facilitate strong team dynamics and mitigate risks. 2022-09-1937 min
FTK Over the AirSeason 1 - Ep. 14: DFIR Life after Law EnforcementIn this week's episode, Justin sits down with Dan Sumpter of Exterro, Chris DeLeon of Texas Central Bank, and Amanda Fields of Blue Cross Blue Shield, to talk about making the transition to digital forensics careers after working in law enforcement. With over 50 years of law enforcement experience combined, this group discusses the strengths from their public sector careers that gave them an advantage when transitioning into private DFIR investigations. They dive into team dynamics, data acquisition, remote work, zero trust obligations, and even reporting.2022-09-071h 01
FIRST Impressions PodcastEpisode 18: Vishal Thakur, Director of DFIR at Ankura Consulting, FIRSTCON22 SpeakerIn this episode, FIRST Podcasters interview FIRSTCON22 Speaker, Vishal Thakur, who is the Director of DFIR at Ankura Consulting. Together the group discusses how to live in the on-going “ransomware pandemic” and the importance of practicing good security hygiene. Tune in for tips on how to successfully communicate and streamline communication when attacked and how tabletop exercises can better prepare your team for the next one. 2022-07-2900 min
Forensic FocusFrontline Managed Services' Kyle Campbell on DFIR & E-Discovery Career Skills & PathwaysKyle Campbell, Vice-President of Litigation Support at Frontline Managed Services, joins Christa Miller to talk through the breakdown of silos between digital forensics, e-discovery, and incident response, and the continued increases in complexity and interconnectivity of data sources as well as the impact of data privacy laws and evolving case law on preservation and collection. To collaboratively solve problems and add value and insights to clients and courts in this landscape, e-discovery and digital forensics professionals need technical and communication skills in information governance, data privacy, and data security -- and the ability to explain them clearly and simply.2022-07-1839 min
Security Happy HourDFIR and BECOn the blue team side of security, forensics plays a vital role, then you have the rise of business email compromises so how can one find when bad is bad.Tonight's guest is Alex WaintraubBecome a supporter and let out your inner Cyber Warrior with upcoming engagements and merch! Any support goes directly back into the production of the podcast and to provide our fellow warriors with meaningful connections and discussions.Connect with our guests:Alex Waintraubhttps://twitter.com/1RThr3atHunt3rLinkedIn: https://www.linkedin.com...2022-07-051h 07
Forensic FocusDFIR Consultant Kat Hedley on Finding the History -- and Future -- of DFIR at Bletchley ParkThis episode follows up our 2021 article about #DFIRfit and its #DFIRforGood fundraising efforts. We start by talking about the #Bricks4Codebreakers effort, a little of what it was like to work at Bletchley Park during World War II, and how the women and men who staffed the facility blazed a trail not only for digital forensics as a profession, but also for the industry's current-day diversity, inclusion and equity efforts.2022-04-1122 min
Forensic FocusThe EFF's Eva Galperin on Using DFIR Skills To Help Victims of Stalkerware and AbuseIn this episode, we highlight some of the hidden barriers to digital forensics professionals' ability to use their skills to help victims of stalking and domestic violence: how abuse dynamics keep victims from reporting to police, how police and courts can actually fuel the problem, and how emotionally difficult offering assistance can be. At the same time, though, the work can be deeply rewarding, and Eva offers a few resources for educating yourself on how these dynamics work.2022-03-0722 min
Forensic FocusMason ToupsMason Toups, a DFIR analyst with Sola Security, and Emre Tinaztepe, founder and CEO of Binalyze, join host Christa Miller to talk about the essential elements of incident response, the human factors that are often at the root of a cyber incident, threat actors' own psychology, and how easier communication between responders can facilitate security operations for all.2022-02-0637 min
Forensic FocusLecturer Jade James on Her DFIR Career Transition From Lab to AcademiaUniversity lecturer Jade James talks about her career path from digital forensics lab work into academia, including why pursuing a Master's degree has been crucial to her professional growth, some of the personal obstacles she overcame to earn it, and her current role as a lecturer teaching university students.2022-01-2340 min
Forensic FocusMagnet Forensics' Stephen Boyce on Collaboration, Automation, and Developing DFIR SkillsDr. Steven Boyce, Director of the Magnet Forensics Digital Investigation Suite (MDIS), describes collaborative evidence review for non-technical investigators, automation, and centralized case data management -- along with the new skills needed to support them.2022-01-1036 min
Forensic FocusRecruiter Pete Strouse on Making New DFIR Career Moves in 2022Covered in this episode are: Generalist vs. specialist DFIR pros The need for training and awareness across a wider pool of people -- as well as openness to a variety of backgrounds and redefining what a "good candidate" looks like Ways for job-hunters to optimize their LinkedIn profile and networking efforts 2022-01-0337 min
מדברים סייברCarlos Cajigas - DFIR Join us for the special English episode of the show this week. It was a great joy to welcome our guest this week all the way from Puerto Rico, to attend the 1st ever SANS course in Israel.A former digital forensics detective and a current expert in the field of digital forensic investigation, Carlos Cajigas.You won't want to miss Carlos' insightful stories, as well as DFIR (Free) tools, tips, and tricks for IR and visibility. 2021-10-2435 minDigital Forensic Survival PodcastDFSP # 288 - Max DFIR ImpactMost of my episodes are about computer forensic artifacts and methods. Once in a while I like to cover non-technical topics, such as thoughts and recommendations about career development, subject matter expertise strategies, and impact exposure or delivery of your work. These soft skills are important to your career success. So this week will be on maximizing DFIR exposure in your current role, whatever that role may be. I will cover how to connect the work you do with the high-level strategies that are important to your management or your customers.2021-08-2412 min
Forensic FocusLodrina Cherne On Diversity In Digital ForensicsWhen we talk about diversity in DFIR, are we referring to hiring people who look different from us, or do we also mean people who think differently? Welcome to the Forensic Focus podcast, where monthly we interview experts from the digital forensics and incident response community on a host of topics ranging from technical aspects to career soft skills. I'm your host, Christa Miller. Today we're talking about diversity, though not just in terms of demographic diversity. We also want to talk about the diverse set of experiences that each practitioner brings to digital forensics, th...2020-09-2136 min
Le Comptoir Sécu[SECHebdo] 28 juillet 2020 - Drone DJI, Garmin & Ransomware, SANS DFIR, Miitre, Facebook vs NSO, VPN & logs, Token & détection de fuites, CornerVuln, etc.2020-07-2800 min
The Forensic Lunch with David Cowen and Matthew SeyerForensic Lunch 10/25/19 - Champlain DFA Defcon DFIR CTF - Martin Korman - RegipyThe Forensic Lunch! This week with the Champlain Digital Forensics Association talking about the Defcon DFIR CTF and Martin Korman talking about his project regipy2020-04-1558 minThe Forensic Lunch with David Cowen and Matthew SeyerForensic Lunch 2/1/19 Blanche Lagny Amcache DFIR ReviewThe Forensic Lunch 2/1/19! The twice a month, usually, podcast/videocast that's all about DFIR This week we have: Blanche Lagny talking about her paper on Amcache The DFIR Review crew talking about .. DFIR Review! crew entails: Jessica Hyde Vico Marziale Brett Shavers Tony Knutson2020-04-151h 02
Down the Security Rabbithole Podcast (DtSR)DtSR Episode 390 - DFIR 20-20Send the hosts a message - try it now!This week, Brian Carrier joins DtSR to talk about digital forensics and incident response in 20/20. Forensics and incident response has had to evolve and change as devices become more mobile, smaller, and purpose-built. Brian talks through what this change has meant, and how tools and techniques have had to evolve to deal not only with the explosion of device types, but also sizes and various log capabilities (or none at all). Guest Brian Carrier Twitter: @Carrier4n6 LinkedIn: https://www.linkedin.com/in/carrier4n6/ 2020-04-1436 min
NoLimitSecuDFIR ORCEpisode #252 consacré à DFIR ORC (un outil de collecte libre pour l’analyse forensic) Avec Jean Gautier
The post DFIR ORC appeared first on NoLimitSecu.2020-01-1200 min
Forensic FocusBrett Shavers On DFIR Training And Mental Health In Digital Forensics2019-10-1714 min
Cyber Defense IndonesiaEps 3 : DFIR - Selayang PandangPodcast kali ini membahas tuntas tentang DFIR. Sudah pernah tahu apa itu DFIR dalam Information Security? Apa arti istilah kedua term tersebut? Langkah-langkah untuk terjun ke dunia DFIR. Apa saja rekomendasi dalam DFIR? Dan untuk Threat Hunting itu sendiri seperti apa? Tools yang bisa digunakan? Dan yang terakhir prospek karir untuk DFIR itu sendiri. Simak Podcast CDEF kali ini. Salam Defense!!!2019-06-231h 55
Digital Forensic Survival PodcastDFSP # 169 - Will The Future Kill DFIR?DFIR are professionals often worry if advances in artificial intelligence and automation are going to put them out of work. This week I address the issue and give my projection, based on expert sources, of what the future of forensics will look like.2019-05-1424 min
Digital Forensic Survival PodcastDFSP # 163 - DFIR Job InterviewsThis week I share my thoughts on DFIR job interviews. How to prepare. Things to consider. Pitfalls to avoid.2019-04-0221 min
The Many Hats ClubEp. 14, beast_fighter: DFIR and OSINT investigationsJoin Stu (@CyberSecStu) as he talks with Beast_Fighter, a DFIR and OSINT investigator and an author of the Buscador OSINT VM. The main topic is open source intelligence, but many other topics are covered, including:
Beast_fighter's Unusual Journey to his current role,
What people and companies are missing2018-04-3000 min
Purple Squad SecurityEpisode 26 – DFIR in the Cloud with Jonathon PolingFrom the crowd to the cloud, we shift focus this episode to a topic that may be holding back some infosec professionals from embracing the cloud - namely what to do when you're attacked? Digital Forensics and Incident Response (DFIR) is a topic we've covered in the past, but that was from a more traditional view. I'm fortunate enough to have Jonathon Poling (@JPoForenso) join me again to revisit DFIR, but this time from a cloud perspective. What's easier, what's harder, and what's different? Have a listen to find out! Some links of interest:
Margarita Shotgun
AW...2018-04-0849 min
BrakeSec Education PodcastDFIR Hierarchy of Needs, and new malware attacksMaslow's Hierarchy of needs was developed with the idea that the most basic needs should be satisfied to allow for continued successful development of the person and the community inevitably created by people seeking the same goals. DFIR is also much the same way in that there are certain necessary basics needed to ensure that you can detect, respond, and reduce possible damage inflicted by an attack. In my searching, we saw a tweet about a #github from Matt Swann (@MSwannMSFT) with just such a ' #DFIR hierarchy of needs'. We discuss everything that is...2017-12-081h 02Digital Forensic Survival PodcastDFSP # 089 - So you want to DFIR?This week I interview a DFIR practitioner about some of the little known facts about a career in the industry.2017-10-3134 minDigital Forensic Survival PodcastDFSP # 087 - DFIR DegreesThis week I interview a DFIR professional about his decision to get a Masters Degree in cyber security.2017-10-1730 minPurple Squad SecurityEpisode 005 – #DFIR to Someone ElseDigital Forensics and Incident Response - DFIR. The mere mention of the acronym brings forth memories of CSI, plastic bags and agents in suits coming to collect all manner of evidence. In this episode I speak with Jonathon Poling, a DFIR expert who has graciously agreed to talk DFIR with me! Another great listen, Jonathon has a lot of great experience in the field and much to share. Have yourself a listen! Some links of interest:
Jonathon's Blog: http://ponderthebits.com/
Jonathon's Twitter: @JPoForenso
Slack Sign-Up Link: https://signup.purplesquadsec.com
Want t...2017-10-011h 03Digital Forensic Survival PodcastDFSP # 080 - DFIR Operational AssessmentThis week I talk about 4 questions about your DFIR unit from an operations standpoint to identify holes and get a better sense of your investigative capabilities.2017-08-2921 min
Down the Security RabbitholeDtSR Episode 252 - DFIR with Lesley CarhartIn this smasher of an episode James and I are joined by Lesley Carhart live from Enfuse Conference in Las Vegas to talk about the DFIR (Digital Forensics and Incident Response) as a broad field. There is SO much to talk about here, you'll want to listen twice. Make sure that if you missed Enfuse this past year, you don't miss 2018. It's a great conference where you get to meet and talk with folks like Lesley and many others in this field.2017-07-1151 min
Down the Security Rabbithole Podcast (DtSR)DtSR Episode 252 - DFIR with Lesley CarhartSend the hosts a message - try it now!In this smasher of an episode James and I are joined by Lesley Carhart live from Enfuse Conference in Las Vegas to talk about the DFIR (Digital Forensics and Incident Response) as a broad field. There is SO much to talk about here, you'll want to listen twice. Make sure that if you missed Enfuse this past year, you don't miss 2018. It's a great conference where you get to meet and talk with folks like Lesley and many others in this field.Support the s...2017-07-1151 min