SANS Digital Forensics and Incident Response Blog

Inhibiting Malicious Macros by Blocking Risky API Calls

Microsoft Office Macros have been the bane of security analysts' lives since the late 1990s. Their flexibility and functionality make them ideal for malware authors to use as a primary stage payload delivery mechanism, and to datethe challenge they pose remains unsolved. Many organisations refrain from blocking them completely due to the impact it … Continue reading Inhibiting Malicious Macros by Blocking Risky API Calls


Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year

The SANSDFIR Summit and Training 2018is turning 11!The 2018 event marks 11 years since SANS started what is todaythedigital forensics and incident response event of the year, attended by forensicators time after time. Join us and enjoy the latest in-depth presentations from influential DFIR experts and the opportunity to take an array of hands-on SANS … Continue reading Top 11 Reasons Why You Should NOT Miss the SANS DFIR Summit and Training this Year


SANS Threat Hunting and Incident Response Summit 2018 Call for Speakers - Deadline 3/5

Summit Dates:September 6 & 7, 2018 Call for Presentations Closes onMonday, March 5, 2018 at 5 p.m CST Submit your presentation here The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS … Continue reading SANS Threat Hunting and Incident Response Summit 2018 Call for Speakers - Deadline 3/5


11th Annual Digital Forensics and Incident Response Summit Call for Presentations deadline Jan 15th 2018

Call for Presentations- Now Open The 11th Annual Digital Forensics and Incident Response Summit Call for Presentations is now open through 5 pm EST on Monday, January 15, 2018. If you are interested in presenting, we'd be delighted to consider your practitioner-based case studies with communicable lessons. The DFIR Summit offers speakers the opportunity to … Continue reading 11th Annual Digital Forensics and Incident Response Summit Call for Presentations deadline Jan 15th 2018


Meltdown and Spectre - Enterprise Action Plan

Meltdown and Spectre - Enterprise Action Plan by SANS Senior Instructor Jake Williams Blog originally posted January 4, 2018 by RenditionSec MELTDOWN SPECTRE VULNERABILITIES Unless you've been living under a rock for the last 24 hours, you've heard about the Meltdown and Spectre vulnerabilities. I did a webcast with SANS about these vulnerabilities, how they … Continue reading Meltdown and Spectre - Enterprise Action Plan