Today we’ll briefly discuss crosschecking Team Cymru’s Malware Hash Registry against files found in memory or hibernation files by Volatility. We’re going to do it by hand at the command line, as a quick exercise in some ways to manipulate both tools and think through command line problems. Please note Team Cymru places restrictions on… Read More Using Team Cymru’s MHR with Volatility
I had a discussion today with a particular charming infosec pop star about what differentiates ‘DFIR‘ from other infosec job roles and how it relates to them. This is a question I get asked a lot by ladies and gents interested in making a jump into information security careers, so let’s have a brief discussion… Read More What is ‘DFIR’? And how do ‘Digital Forensics’ roles vary?