It’s always important to consider OPSEC when performing incident response. We regularly work with clients to ensure that they don’t cause issues for themselves during the investigation. Tipping your hand to the attacker can result in a failed containment, which likely will lead to a failed remediation. Today, while teaching my last SANS Incident Response […]
One of the problems we’ve experienced over the years with Linux memory forensics was the difficulty of obtaining a memory dump. This is because most acquisition tools require a loadable kernel module to be built on the exact same kernel version as the target. Building the kernel module on the target itself has several problems: […]
On November 21, 2017 I did a webcast for the SANS Institute to discuss memory forensics. During the webcast, we discussed a number of custom plugins for Volatility to assist in the analysis of memory images. I’ve posted the plugins here. Enjoy!
With several recent and prominent information/cyber security attacks making the headlines, top industry executive sharing his thoughts on how savvy companies should prepare for the next, inevitable information security event. Augusta, Georgia – June 6, 2017 – Rendition Infosec, the nation’s leading provider of information security solutions and consultation, today announced that the company is […]