Digital Forensic Survival Podcast

Nov 19 2024 456 ep. 19 mins 4.9k
Digital Forensic Survival Podcast artwork

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.

  Technology  Science
RSS feed Share
Copy RSS


Subscribe on Podcast Addict


DFSP # 457 WSL

Nov 19 2024 25 mins  
The Linux subsystem for Windows, create both opportunity and challenges for forensic analysts. It makes Windows an excellent platform for multi platform forensic analysis tasks, allowing it to take advantage of the many Linux tools available. The challenges are foreseeable, you have Linux artifacts, now commingled on a Windows platform, which makes forensic analysis that much more

DFSP # 456 network triage primer

Nov 12 2024 32 mins  
In this episode, we’ll explore the fundamentals of network triage, focusing on the key aspects of network traffic that are central to many investigations. Additionally, we’ll discuss some of the essential tools you can use to analyze and manage network data effectively.

DFSP # 455 Security Control Circumvention

Nov 05 2024 33 mins  
Today, we’re going to explore how to handle a critical security event: Unauthorized Modification of Information. This type of event occurs when a user alters information in a system—whether it’s an application, database, website, server, or configuration files—without prior authorization. These modifications can range from impersonation and unauthorized system updates to mo

DFSP # 454 MFA Bypass Attacks

Oct 29 2024 15 mins  
This week I talk about the attack methods being used to bypass MFA. We'll learn about real-world cases where MFA was circumvented, and discover best practices to strengthen defenses against these types of attacks...

DFSP # 453 Windows Startup Locations

Oct 22 2024 18 mins  
In today’s episode, we’ll focus on startup folders, which are perhaps the easiest to triage among all persistence mechanisms. But before diving in, let’s recap the journey so far to underscore the importance of a comprehensive approach rather than a one-off tactic. Each triage area we've covered plays a crucial role in identifying and stopping attacks...

DFSP # 452 AI and DFIR

Oct 15 2024 22 mins  
In 2024, AI has not only revolutionized how we defend against cyber threats but also how those threats are being carried out. We'll explore how AI is enabling faster, more efficient security incident responses, with real-world examples of its application in automated threat detection and response, advanced forensics, and more. But with every technological leap forward, there's a da

DFSP # 451 SQL Triage

Oct 08 2024 26 mins  
SQL injection poses significant risks by enabling attackers to access sensitive metadata, execute dynamic SQL commands, and alter system parameters. These actions can lead to unauthorized data access and system disruptions, especially if attackers gain elevated privileges. This week I'm talking about SQL attack patterns from a triage point of view to help you detect such activity w

DFSP # 450 Secure coding and DFIR

Oct 01 2024 19 mins  
I decided to talk this week about the Importance of Secure Coding Knowledge for Security Incident Response Investigations. Knowing secure coding principles helps identify the root causes of vulnerabilities and recognize attack patterns. It facilitates effective communication and collaboration with developers, ensuring accurate incident reports and actionable recommendations. Secure

DFSP # 449 Zero-Day or Hero-Day

Sep 24 2024 33 mins  
This week, we're covering zero-day vulnerability response from a Digital Forensics and Incident Response professional's perspective. In our roles, we often get involved in various tasks that require a security mindset, and one critical task is responding to zero-day vulnerabilities. To provide a real-world context, we'll integrate the recently disclosed zero-day exploit "Copy2Pwn"

DFSP # 448 WebShell Forensics

Sep 17 2024 20 mins  
Welcome to this week’s session, where we’ll delve into web shell forensics—an ever-critical topic in incident response investigations and threat-hunting strategies. Today, I’ll provide a breakdown that includes the latest developments, detailed triage techniques, and practical examples of what to look for during your investigations: