Recent Posts

Posted in INFOSEC

Reports & Testimony related to Equifax & Marriott Data Breaches

I have added a few pages to archive documents related to large breaches from 2018. You can find links in…

Continue Reading...
Posted in INFOSEC

Threat Hunting Using Newly Registered Domain Lists – Part 1

Author’s Note: This article was inspired by a blog posting over at the SANS Storm Center Infosec Forums. The article,…

Continue Reading...
Posted in INFOSEC

Helpful Splunk Search for Office 365

This is going to be a quick post about using Splunk to look for anomalous activity in your O365 instance….

Continue Reading...
Posted in Life

Falling as an Adult Sucks!

TLDR: Vermont Winter: 3 My Body: -3 This winter has been exceptionally bad for me and getting around. I have…

Continue Reading...
Posted in INFOSEC

Passwords & Data Breaches

Some friends that turn to me for information security advise recently asked my thoughts on the recent announcement of the…

Continue Reading...
Posted in Forensics

FTK Windows Server 2008 SYSTEM Filter

I recently found it necessary to quickly grab a large amount of SYSTEM registry files to determine the current control…

Continue Reading...
Posted in Forensics

More FTK Filters

In my last post, I mentioned two useful FTK filters for quickly finding files of interest. Below are two more…

Continue Reading...
Posted in Forensics

FTK Filters are Your Friend

I have been working on a forensic investigation of about 20 Windows Server 2008 R2 VMs using FTK 4.2. FTK…

Continue Reading...
Posted in INFOSEC

Going Paperless: Where Paper Meets Bits and Bytes

A client consulted me about going to a paperless environment. His company utilizes several different forms and numerous other documents…

Continue Reading...
Posted in INFOSEC

Logging User Activities within Linux with bash scripts

I am just starting to learn the power of bash scripting. So, this script below may not be the best…

Continue Reading...