loader from loading.io

DFSP # 237 - Attack Shimming

Digital Forensic Survival Podcast

Release Date: 09/01/2020

DFSP # 244 - Registry Persistence Part 3 show art DFSP # 244 - Registry Persistence Part 3

Digital Forensic Survival Podcast

This week is part 3 of examining the Windows Registry for evidence of persistence and the focus is on Windows Registry Modification Event Records.

info_outline
DFSP # 243 - Stomping the Clock show art DFSP # 243 - Stomping the Clock

Digital Forensic Survival Podcast

This week I talk about detecting time stomping on Windows and Linux systems.

info_outline
DFSP # 242 - Registry Persistence Part 2 show art DFSP # 242 - Registry Persistence Part 2

Digital Forensic Survival Podcast

This week I talk about examining the Windows Registry for evidence of persistence.

info_outline
DFSP # 241 - Forensic Hardware show art DFSP # 241 - Forensic Hardware

Digital Forensic Survival Podcast

This week I interview JASON ROSLEWICZ of SUMURI about the hardware that drives your forensics system.

info_outline
DFSP # 240 - MDM show art DFSP # 240 - MDM

Digital Forensic Survival Podcast

This week is part 3 of the Mobile Attack series.

info_outline
DFSP # 239 - Registry Persistence Part 1 show art DFSP # 239 - Registry Persistence Part 1

Digital Forensic Survival Podcast

This week I talk about examining the Windows Registry for evidence of persistence.

info_outline
DFSP # 238 - Bash Attacks show art DFSP # 238 - Bash Attacks

Digital Forensic Survival Podcast

This week I talk about the use of Bash commands in crypto-mining attacks.

info_outline
DFSP # 237 - Attack Shimming show art DFSP # 237 - Attack Shimming

Digital Forensic Survival Podcast

This week I talk about detecting persistence via Attack Shimming artifacts.

info_outline
DFSP # 236 - Apple FSEvents show art DFSP # 236 - Apple FSEvents

Digital Forensic Survival Podcast

This week I interview Steve Whalen of SUMURI about Apple FSEvent artifacts. Learn what they are and how to leverage them for investigations.

info_outline
DFSP # 235 - Scheduled Task Change show art DFSP # 235 - Scheduled Task Change

Digital Forensic Survival Podcast

This week I talk about examining Windows Scheduled Task change events for evidence of persistence.

info_outline
 
More Episodes

This week I talk about detecting persistence via Attack Shimming artifacts.