Skip to content

WindowsTechs.com

Collaborate Disseminate

Menu

Primary menu

  • Home

Author Archives: Unknown

Analysis: Situational Awareness + Timelines

Posted on September 3, 2022 by Unknown

I’ve talked and written about timelines as an analysis process for some time, in both this blog and in my books, because I’ve seen time and again over the years the incredible value in approaching an investigation by developing a timeline (including mi… Continue reading Analysis: Situational Awareness + Timelines→

Posted in Uncategorized

LNK Builders

Posted on September 3, 2022 by Unknown

I’ve blogged a bit…okay, a LOT…over the years on the topic of parsing LNK files, but a subject I really haven’t touched on is LNK builders or generators. This is actually an interesting topic because it ties into the cybercrime economy quite nicely… Continue reading LNK Builders→

Posted in .lnk, builder, generator, toolmarks

When Windows Lies

Posted on August 27, 2022 by Unknown

“When Windows Lies”…what does that really mean? Mari had a fascinating blog post on this topic some years ago; she talked about the process DFIR analysts had been using to that point to determine the installation date of the operating system. In… Continue reading When Windows Lies→

Posted in Uncategorized

Kudos and Recognition

Posted on August 25, 2022 by Unknown

During my time in the industry, I’ve seen a couple of interesting aspects of “information sharing”. One is that not many like to do it. The other is that, over time, content creation and consumption has changed pretty dramatically.Back in the day, folk… Continue reading Kudos and Recognition→

Posted in Uncategorized

Who "Owns" Your Infrastructure?

Posted on August 13, 2022 by Unknown

That’s a good question.You go into work every day, sit down at your desk, log in…but who actually “owns” the systems and network that you’re using? Is it you, your employer…or someone else?Anyone who’s been involve in this industry for even a short… Continue reading Who "Owns" Your Infrastructure?→

Posted in Uncategorized

Researching the Windows Registry

Posted on August 11, 2022 by Unknown

The Windows Registry is a magical place that I love to research because there’s always something new and fun to find, and apply to detections and DFIR analysis! Some of my recent research topics have included default behaviors with respect to running m… Continue reading Researching the Windows Registry→

Posted in Uncategorized

An Attacker’s Perspective

Posted on August 8, 2022 by Unknown

Something I’ve thought about quite often during my time in DFIR is the threat actor’s perspective…what is the attacker seeing and thinking during their time in an infrastructure. As a DFIR analyst, I don’t often get to ‘see’ the threat actor’s action… Continue reading An Attacker’s Perspective→

Posted in Uncategorized

An Attacker’s Perspective

Posted on August 8, 2022 by Unknown

Something I’ve thought about quite often during my time in DFIR is the threat actor’s perspective…what is the attacker seeing and thinking during their time in an infrastructure. As a DFIR analyst, I don’t often get to ‘see’ the threat actor’s action… Continue reading An Attacker’s Perspective→

Posted in Uncategorized

Virtual Images for Testing

Posted on August 1, 2022 by Unknown

Many within the DFIR community make use of virtual systems for testing…for detonating malware, trying things within a “safe”, isolated environment, etc. However, sometimes it can be tough to get hold of suitable images for creating that testing envir… Continue reading Virtual Images for Testing→

Posted in Uncategorized

EDR Blindness, pt II

Posted on July 31, 2022 by Unknown

As a follow-on to my earlier blog post, I’ve seen a few more posts and comments regarding EDR ‘bypass’ and blinding/avoiding EDR tools, and to be honest, my earlier post stands. However, I wanted to add some additional thoughts…for example, when cons… Continue reading EDR Blindness, pt II→

Posted in Uncategorized

Post navigation

← Older posts
Newer posts →

Primary Sidebar Widget Area

Infocon Status

Internet Storm Center Infocon Status

Recent Posts

  • Amazon dropped this Blink video doorbell and security camera bundle to 43% off – and we recommend it July 16, 2026
  • Google Renames NotebookLM to Gemini Notebook July 16, 2026
  • The Biggest Data Breaches of 2026 So Far, Ranked by Impact July 16, 2026
  • Apple’s iPad Mini Will Reportedly Get an OLED Screen This Fall July 16, 2026
  • Russian trio indicted for allegedly running bulletproof hosting providers that spurred cybercrime July 16, 2026

Tag Cloud

Agriculture Alzheimer's Disease Art Audio Automation Bluetooth Building and Construction Campervan Camping Cancer Coronavirus (COVID-19) Cycling Dementia Diabetes DNA Electric Vehicles Food Home House Huawei Indiegogo MIT Mobility Moon New Atlas Audio NVIDIA Off-grid Off-road Pedal-assisted Photography Physics Radio Repair RV Samsung Satellite Sony SpaceX spoofing sustainable design The Immune System Tiny Footprint Training Water Zoom

Archives

  • Facebook
  • Twitter
  • Linkedin
  • Email
Copyright © 2026 WindowsTechs.com. All Rights Reserved.
Theme: Catch Box by Catch Themes
Scroll Up