SANS Digital Forensics and Incident Response Blog: Category - Threat Hunting & Incident Response Summit

WannaCry Ransomware Threat : What we know so far - WEBCAST slides

The WannaCry ransomware worm is unprecedented for two reasons. First, it's a ransomware worm. Second, it appears to be using a recently patched exploit that was stolen from NSA to propagate. Jake Williams' firm, Rendition Infosec, has been tracking the use of this exploit since it was publicly released and completed another internet-wide scan of … Continue reading WannaCry Ransomware Threat : What we know so far - WEBCAST slides


Webcast Summary: New SANS Cheat Sheet: A Guide to Eric Zimmerman's Command Line Tools

Thank you for attending the SANS New Cheat Sheet: "A Guide to Eric Zimmerman's Command Line Tools" webcast. For webcast slides and recording visit:http://www.sans.org/u/raj To download the Cheat Sheet visit:http://digital-forensics.sans.org/u/rao To download Eric's Command line tools visit:https://ericzimmerman.github.io/ In this webinar, Eric covered several tools that can be used to show evidence of execution … Continue reading Webcast Summary: New SANS Cheat Sheet: A Guide to Eric Zimmerman's Command Line Tools


Ken Johnson DFIR Scholarship

Ken Johnson, husband of Jessica Towle Johnson, and father of two beautiful young children, Savannah and Brady, was tragically taken from this life on April 4, 2016 at the age of 38. Ken was an amazing husband and father. He was married to his best friend on February 19, 2000. His love for his … Continue reading Ken Johnson DFIR Scholarship


Critiques of the DHS/FBI's GRIZZLY STEPPE Report

Author credit: FOR578 Threat Intelligence course Robert M. Lee Source: Blog originally posted 12/30/2016 Attend the Webcast:"Analyzing the DHS/FBI's GRIZZLY STEPPE Report" Jan 6 2017 at 1 pm ET On December 29th, 2016 the White House released a statement from the President of the United States (POTUS) that formally accused Russia of interfering with the … Continue reading Critiques of the DHS/FBI's GRIZZLY STEPPE Report


SANS Threat Hunting and Incident Response Summit - Call For Presentations

Call for Speakers- Now Open Summit Dates: April 18-19, 2017 Call for Presentations Closes on 21 October 2016 Apply here: http://dfir.to/ThreatHuntCFP The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS and … Continue reading SANS Threat Hunting and Incident Response Summit - Call For Presentations