Digital Podcast

7MS #340: Forensics 101 Reloaded and The CryptoLocker Music Video


Join Now to Share


7 Minute Security show

Summary: <p>Last week I had the fun privilege of speaking twice at the <a href="http://www.mngts.org/itsym/" rel="nofollow noreferrer noopener" target="_blank">Minnesota Goverment IT Symposium</a> on the following topics:</p> <ul> <li> <p><strong>Forensics 101</strong>: This was a "reloaded" talk that I started earlier this year (and covered in episode <a href="https://7ms.us/7ms-299-windows-system-forensics-101/" rel="nofollow noreferrer noopener" target="_blank">299</a> and <a href="https://7ms.us/7ms-300-windows-system-forensics-101-part-2/" rel="nofollow noreferrer noopener" target="_blank">300</a>). At a high level, the talk covered:</p> <ul> <li>Hunting malware with <a href="https://blogs.technet.microsoft.com/clinth/2016/09/07/automating-the-sysinternals-hunting-malware-technique/" rel="nofollow noreferrer noopener" target="_blank">Sysinternals</a> </li> <li>Creating system images with <a href="https://accessdata.com/product-download" rel="nofollow noreferrer noopener" target="_blank">FTKImager</a> </li> <li>Dumping memory with <a href="https://www.volatilityfoundation.org/24" rel="nofollow noreferrer noopener" target="_blank">Volatility</a> and ripping icky stuff out of memory images with their <a href="https://volatility-labs.blogspot.com/2016/08/automating-detection-of-known-malware.html" rel="nofollow noreferrer noopener" target="_blank">1-2-3 punch</a> article</li> <li>Seeking out DNS tunneling/exfil using <a href="https://securityonion.net/" rel="nofollow noreferrer noopener" target="_blank">Security Onion</a> </li> </ul> </li> <li> <p><strong>Pecha Kucha</strong>: this talk, which is in a <a href="https://www.pechakucha.org/" rel="nofollow noreferrer noopener" target="_blank">20x20 format</a> is part PSA about how to <em>not</em> click bad links, part cautionary tale (and music video!) about how the promise of a free burrito can ruin your business! Check out the video <a href="https://www.youtube.com/watch?v=jcXatteft8M&amp;feature=youtu.be" rel="nofollow noreferrer noopener" target="_blank">here</a>, and special thanks to <a href="https://twitter.com/joekl3in" rel="nofollow noreferrer noopener" target="_blank">Joe Klein</a> for providing the awesome pics to go along with the storyboard - you're a champ.</p> </li> </ul><p>Also, check out the <a href="https://digitalforensicsurvivalpodcast.com/" rel="nofollow noreferrer noopener" target="_blank">Digital Forensics Survival Podcast</a> which is <em>awesome</em> for learning more about forensics and IR.</p>