Good work requires time. And time requires planning and careful scheduling.
Results will be as good as the direction, time available, and evidence completeness allow us.
Good work requires time. And time requires planning and careful scheduling.
Results will be as good as the direction, time available, and evidence completeness allow us.
Which one are you?
Hvis du tænker på at lave it sikkerhed, specielt forensics, så overvej om du også skal lære lidt elektronik. Det er sjovt, og som dette opslag viser, også meget brugbart. https://infosec.exchange/@hisolutions/114929386907268057 #dfir #4n6
Dear infosec-Community:
Imagine you would have two exactly indentical Job-Opportunities:
But one forces you to use Windows as your daily driver while the other allows you to use Unix/MacOS/TempleOS.
How much compensation would you want in your yearly salary for using windows?
#career #operatingsystem #FediHire #DFIR #SANS #windows
Thank you for answering and/or sharing
On a recent engagement a USB #keylogger was found. My colleague Cass and I analyzed the key logger to find leads towards the threat actor. We have written down what we learned on our side quest:
https://research.hisolutions.com/2025/07/a-tale-of-practical-keylogger-forensics/
#DFIR #Forensics
New in our Research-Blog: A Tale of Practical Keylogger Forensics
On a recent engagement, an interesting hardware side quest popped up.
A client had found a #keylogger and, naturally, Cass Rebellin and @jrt wanted to know what the adversary had seen and if they could gather any useful traces towards the perpetrator.
The full story https://research.hisolutions.com/2025/07/a-tale-of-practical-keylogger-forensics/
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
RIFT just got an upgrade!
Now supports FLIRT signature generation on Linux
Perfect for reverse engineering Rust malware https://github.com/microsoft/RIFT
#DFIR #ReverseEngineering #RustLang #FLIRT #MalwareAnalysis
Dr Zoe Billings and Mark Pannone from Adapt & Evolve join the Forensic Focus Podcast to discuss their unique approach to mental health and well-being in digital forensics. https://www.forensicfocus.com/podcast/digital-forensics-and-stress-understanding-your-bodys-signals/ #DigitalForensics #DFIR #WellBeing
CIRCL Virtual Summer School - VSS 2025 A Look Back at Our Successful Virtual Summer School! Videos Are Now Available.
You got me...
If you suffer a breach, I am absolutely saying you should review and secure your netinf, not just stick a ZT shaped plaster on top of it.
Especially if you have default creds, ejected MSSP and unauth'd routing protocols in the mix.
"Scope with Velociraptor. Analyze with Cyber Triage."
Sounds like great fun. Brian and Mike are both very high on my list of favorites
"And the AI should make it all quick and easy."
The competent #DigitalForensics examiner curse.
Digging @realhackhistory Videos after a long day of #DFIR feels *Chefs kiss*
REMINDER: The Call for Speakers for #FTSCon is open! The deadline is July 23.
See the full details in our blog post: https://volatilityfoundation.org/announcing-ftscon-2025-in-person-malware-and-memory-forensics-training/
Exciting Announcement!
Join us tomorrow at 14:00 CET for the Kunai Workshop Virtual Summer School (VSS) organized by @circl
What You'll Learn:
- The basics of Kunai
- Using Kunai tools (https://github.com/kunai-project/pykunai#)
- Configuring Kunai with @misp IoCs
- Building advanced log filtering and detection rules
- How to use Kunai and Yara
Program and Prerequisites:
Make sure to check out the program and complete the prerequisites before joining: https://github.com/kunai-project/workshops/tree/main/circl-vss-2025#readme
How to Join VSS: https://www.circl.lu/pub/vss-2025/
Don't miss this opportunity to enhance your skills with Kunai! See you there!