AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Submit Resources

Submit Feedback/Resource/Research Idea
Use this singular form for all Research Ideas, Resource submissions, and Site Feedback. We welcome any and all submissions to help make the site more useful to the DFIR community.
Read More
Submit DFIR/CyberSec/InfoSec Job Posting
Are you an employer looking for a qualified candidate to apply to your job posting? Use this form to have your job posted on AboutDFIR.com
Read More

Blog

InfoSec News Nuggets 01/27/2023
Morgan Stanley penalizes employees as much as $1 million for WhatsApp breaches  Morgan Stanley has imposed financial penalties on employees who used messaging platforms such as WhatsApp for company b...
InfoSec News Nuggets 01/26/2023
Riot Games says it has received ransom note following hack, but won't pay up  Riot Games has said it will refuse to pay a ransomware demand to regain some of its source code following a recent cybera...
InfoSec News Nuggets 01/25/2023
LastPass owner GoTo says hackers stole customers’ backups  LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent brea...
InfoSec News Nuggets 01/24/2023
A Murderer Targeted Pregnant Moms In A Private Facebook Group, Feds Say  In late October 2022, Kelly, a first-time mom from Siloam Springs, Arkansas, posted in a private Facebook group for parents in...
InfoSec News Nuggets 01/23/2023
EU watchdogs agree on how to handle certain cookie consent dark patterns  Cookie consent banners that use blatant design tricks to try to manipulate web users into agreeing to hand over their data fo...
InfoSec News Nuggets 01/20/2023
Bank of America starts restoring missing Zelle transactions  Bank of America has started to restore missing Zelle transactions that suddenly disappeared from customers' bank accounts this morning, ca...
InfoSec News Nuggets 01/19/2023
Google Ads Malware Wipes NFT Influencer’s Crypto Wallet  An NFT influencer with the Twitter handle @NFT_GOD claims to have lost thousands of dollars worth of non-fungible tokens (NFTs) and crypto in ...
The Key to Identify PsExec
Summary: In one way or another, PsExec - a wildly popular remote administration tool in the Microsoft SysInternals Suite - peeks its head in the wild. Threat actors tend to leverage PsExec for variou...
InfoSec News Nuggets 01/18/2023
Feds Seize WeLeakInfo.com for Selling Access to Stolen Data  The FBI has shut down a website that offered hackers easy access to 12 billion records stolen in thousands of data breaches. On Thursday, ...
InfoSec News Nuggets 01/17/2023
Royal Mail's 'Cyber Incident' Turns Out to Be Ransomware  British postal service the Royal Mail has been hit by ransomware, rendering it unable to send any mail internationally and causing a huge bac...
AboutDFIR Site Content Update 01/15/23
Tools & Artifacts - Windows - new entries added - Program Compatibility Assistant, Security:4624 (Win11), and Notepad++ Tools & Artifacts - iOS- new entries added - Apple Watch Data and C...
InfoSec News Nuggets 01/13/2023
Microsoft retracts its report on Mac ransomware  Microsoft published on Jan. 5 — and then redacted on Jan. 6 — a report that detailed four ransomware families hitting macOS devices. When it comes to ...