I have been experimenting with creating backups for the raspberry pi. My backup philosophy is to backup everything on these little machines as I have a tendency to install packages…
Today’s phishing expedition involves an email from hkr.glbi@hotmail[dot]com. Subject line reads “IT. Desk shared “Fwd; I shared School-Transcript-April-2020″ with you.” This email is a rather lame phishing attempt, but none…
I have been working on a malware investigation for a few weeks. A compromised system was suspected of participating in an attack on another system on the internet. Having identified…
I have added a few pages to archive documents related to large breaches from 2018. You can find links in the Documents menu above. I am sure I will be…
Author’s Note: This article was inspired by a blog posting over at the SANS Storm Center Infosec Forums. The article, Tracking Newly Registered Domains by Xavier Mertens details ways to…
This is going to be a quick post about using Splunk to look for anomalous activity in your O365 instance. I occasionally have the need to look for abnormal logins…
TLDR: Vermont Winter: 3 My Body: -3 This winter has been exceptionally bad for me and getting around. I have fallen twice on campus and once today in my driveway.…
Some friends that turn to me for information security advise recently asked my thoughts on the recent announcement of the data dump announced earlier this morning. I have not updated…
I recently found it necessary to quickly grab a large amount of SYSTEM registry files to determine the current control set and time zone information. FTK displays this information upon…
In my last post, I mentioned two useful FTK filters for quickly finding files of interest. Below are two more that may be helpful to a digital investigator examining a…