windowsir.blogspot.com
Windows Incident Response: Books
http://windowsir.blogspot.com/p/books.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Windows Forensics and Incident Recovery. Windows Forensic Analysis ( 1/e. Perl Scripting for Windows Security.
brimorlabsblog.com
BriMor Labs: Teslacrypt vs open source tools
http://www.brimorlabsblog.com/2015/03/telsacrypt-vs-open-source-tools.html
Welcome to the BriMor Labs blog. BriMor Labs is located near Baltimore, Maryland. We specialize in offering Digital Forensics, Incident Response, and Training solutions to our clients. Friday, March 20, 2015. Teslacrypt vs open source tools. Today's blog post is going to cover a new "variant" of ransomware that has been deemed "Teslacrypt", which was highlighted in a fairly detailed post by Vadim Kotov from Bromium Labs. If you would like to dig into them on your own! The processes created by Teslacrypt2...
windowsir.blogspot.com
Windows Incident Response: Ghost Busting
http://windowsir.blogspot.com/2015/07/ghost-busting.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Monday, July 13, 2015. First, read Jack's post, Don't wait for an intrusion to find you. Okay, maybe not.but.
windowsir.blogspot.com
Windows Incident Response: RegRipper plugin update
http://windowsir.blogspot.com/2015/06/regripper-plugin-update.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Thursday, June 11, 2015. I just pushed out an update to the appcompatcache.pl. So, what does this mean? Done That...
windowsir.blogspot.com
Windows Incident Response: June 2015
http://windowsir.blogspot.com/2015_06_01_archive.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Tuesday, June 23, 2015. The Blue Team Myth. The 2015 M-Trends Report. The 2015 TrustWave Global Security Report.
windowsir.blogspot.com
Windows Incident Response: Links
http://windowsir.blogspot.com/2015/06/links.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Sunday, June 07, 2015. If you haven't heard, the new SANS DFIR "Evidence of." poster. What's New in Windows 10.
windowsir.blogspot.com
Windows Incident Response: Hunting, and Knowing What To Hunt For
http://windowsir.blogspot.com/2015/06/hunting-and-knowing-what-to-huntnot-for.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Monday, June 22, 2015. Hunting, and Knowing What To Hunt For. Sometimes you can be warned of the impending approa...
windowsir.blogspot.com
Windows Incident Response: RegRipper Updates
http://windowsir.blogspot.com/2012/08/regripper-updates.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Saturday, August 11, 2012. Such as this one describing the plugin architecture. Speaking of plugins, Hal Pomeranz.
windowsir.blogspot.com
Windows Incident Response: BSidesCincy Follow up
http://windowsir.blogspot.com/2015/07/bsidescincy-follow-up.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Sunday, July 26, 2015. I had the distinct honor of speaking at @BSidesCincy. Addendum, 30 July. Finally, slide 4 ...
windowsir.blogspot.com
Windows Incident Response: Thoughts on RegRipper Support
http://windowsir.blogspot.com/2012/07/thoughts-on-regripper-support.html
The Windows Incident Response Blog is dedicated to the myriad information surrounding and inherent to the topics of IR and digital analysis of Windows systems. This blog provides information in support of my books; "Windows Forensic Analysis" (1st thru 4th editions), "Windows Registry Forensics", as well as the book I co-authored with Cory Altheide, "Digital Forensics with Open Source Tools". Tuesday, July 17, 2012. Thoughts on RegRipper Support. RegRipper has sort of taken off. When someone has wanted a...
SOCIAL ENGAGEMENT