U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators #cybersecurity #infosec #privacy #news thehackernews.com/20...

My team just released dfiq.org, which is "a collection of Digital Forensics Investigative Questions and the approaches to answering them."

The idea came from the will to organize investigative approaches to similar cases to increase consistency across response efforts. #dfir #infosec

"My arsenal of AWS security tools" is a catalog of open-source tools for AWS protection, including defensive, offensive, auditing, and DFIR solutions.

github.com/toniblyx/my-...

My team had an encounter in a recent #DFIR situation where we saw a #CobaltStrike feature in use by the perpetrators we hadn't seen before: "sleep mask", which obfuscates memory content while the beacon is inactive, making #Yara signatures come up empty. Blog post here:
cyber.wtf/2023/10/13/c...

DFIR Reference Frameworks

Large collection of links to documentation that explains the meaning of terms from different areas of DFIR.
Incident Response
Malware Analysis
Threat Intelligence
Proactive Response
Threat Hunting
Insider Threat
github.com/joshlemon/DF...
Contributor twitter.com/joshlemon

Digital Forensics Lab

(lesson slides)

- Basic Computer Skills for DFIR
- Basic Networking Skills for DFIR
- Computer and DFIR
- Computer Forensics Case Study
- Mobile/IoT Forensics Case Study
- Forensic Intelligence Repository
- AI for Forensics

github.com/frankwxu/dig...

This is my #autopsy #forensics install and tips list for my #DFIR analysis system.
Does anyone have other tips to share?

www.fancy4n6.com/docs/resourc...

#ForensicMiner

A really good #DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals

#infosec #cybersecurity #threatintelligence

github.com/YosfanEilay/...

I imported 7 friends from Twitter to Bluesky