Sunday fun day post! SANS DFIR Summit this week! I will be collecting links as usual and stashing them here.
Big community news for tomorrow! The DFIR Discord will be publishing their crowdsourced book – The Hitchhiker’s Guide to DFIR: Experiences From Beginners and Experts! There are chapters on everything from the history of the server to malware analysis to CTFs. While this version will be released tomorrow, there are additional chapters in the works. Help support the DFIR community by checking it out or contributing!
- Tools & Artifacts – Windows – new entries added – Windows 11 Changes, Office MRU, Logon, OpenSaveMRU, Cisco Webex Meetings, and MUICache
- Tools & Artifacts – iOS – new entry added – Jailbreak using unc0ver, Hidden Assets, and Full File System image after jailbreak
- Tools & Artifacts – File Systems – new entry added – $J
- Jobs – old entries cleaned up, new entries added – Connectwise, Proofpoint, Crowdstrike, Splunk, TrustedSec, RedHat, 3M, OUR BANK, Disney, Cellebrite, JPMorgan Chase, PepsiCo, AIG, and Microsoft
- Challenges and CTFs – new entries added – GrabThePhisher, Party Girl – Missing, Velociraptor Playground, UACTF 2022,
- Conferences – ResponderCon
- Annual Industry Reports – Vendor Assessment, Microsoft Vulnerabilities Report, and vmware Global Incident Response Threat Report
AboutDFIR stickers are still a thing! If you’re interested in one, please let us know! Here’s what they look like:
Can you believe summer is winding down!? Tomorrow is National Back to School Prep Day!