Unknown – Page 6 – WindowsTechs.com

Investigative Scenario, 2024-03-12

Posted on March 14, 2024 by Unknown

Investigative ScenarioChris Sanders posted another investigative scenario on Tues, 12 Mar, and this one, I thought, was interesting (see the image to the right).First off, you can find the scenario posted on X/Twitter, and here on LinkedIn.Now, let’s g… Continue reading Investigative Scenario, 2024-03-12→

PCAParse

Posted on February 27, 2024 by Unknown

I was doing some research recently regarding what’s new to Windows 11, and ran across an interesting artifact, which seems to be referred to as “PCA”. I found a couple of interesting references regarding this artifact, such as this one from Sygnia, and… Continue reading PCAParse→

A Look At Threat Intel, Through The Lens Of The r77 Rootkit

Posted on February 24, 2024 by Unknown

It’s been almost a year, but this Elastic Security write-up on the r77 rootkit popped up on my radar recently, so I thought it would be useful to do a walk-through of how someone with my background would mine open reporting such as this for actionable … Continue reading A Look At Threat Intel, Through The Lens Of The r77 Rootkit→

Lists of Images

Posted on January 23, 2024 by Unknown

There’re a lot of discussions out there on social media regarding how to get started or improve yourself or set yourself apart in cybersecurity, and lot of the advice centers around doing things yourself; setting up a home lab, using various tools, etc… Continue reading Lists of Images→

EDRSilencer

Posted on January 15, 2024 by Unknown

There’s been a good bit of discussion in the cybersecurity community regarding “EDR bypasses”, and most of these discussions have been centered around technical means a threat actor can use to “bypass” EDR. Many of these discussions do not seem to take… Continue reading EDRSilencer→

Human Behavior In Digital Forensics, pt III

Posted on January 10, 2024 by Unknown

So far, parts I and II of this series have been published, and at this point, there’s something that we really haven’t talked about.That is, the “So, what?”. Who cares? What are the benefits of understanding human behavior rendered via digital forensic… Continue reading Human Behavior In Digital Forensics, pt III→

Human Behavior In Digital Forensics, pt II

Posted on January 6, 2024 by Unknown

On the heels of my first post on this topic, I wanted to follow up with some additional case studies that might demonstrate how digital forensics can provide insight into human activity and behavior, as part of an investigation.Targeted Threat ActorI w… Continue reading Human Behavior In Digital Forensics, pt II→

Human Behavior In Digital Forensics

Posted on January 3, 2024 by Unknown

II’ve always been a fan of books or shows where someone follow clues and develops an overall picture to lead them to their end goal. I’ve always like the “hot on the trail” mysteries, particularly when the clues are assembled in a way to understand tha… Continue reading Human Behavior In Digital Forensics→

2023 Wrap-up

Posted on December 31, 2023 by Unknown

Another trip around the sun is in the books. Looking back over the year, I thought I’d tie a bow on some of the things I’d done, and share a bit about what to expect in the coming year.In August, I released RegRipper 4.0. Among the updates are some plu… Continue reading 2023 Wrap-up→

Round Up

Posted on December 18, 2023 by Unknown

MSSQL is still a thingTheDFIRReport recently posted an article regarding BlueSky ransomware being deployed following MSSQL being brute forced. I’m always interested in things like this because it’s possible that the author will provide clear observable… Continue reading Round Up→