Growing up Mennonite in Lancaster County with no computer, and no television, only to become a Digital Forensic Analyst and Incident Response Specialist living in New York City, has been quite a journey. My friends tell me the uniqueness of my life requires a blog, but I tell them, I haven't changed much, really.
Personal blog, nothing on here represents my employer.
Monday, December 30, 2019
Thursday, December 12, 2019
The World's First Kringle Coin!
Mary Ellen & Friends - Holiday Hack!
What an honor it is to hold the world's first SANS HolidayHack KringleCoin. It was presented to me, in person, by Ed Skoudis himself, who drove all the way from SANS CDI in D.C., straight to Manhattan to personally hand me this award. I truly consider it one of my biggest professional achievements. Thank you so much, Ed Skoudis, SANS Institute, and BNY Mellon for hosting the event! If you missed our "live" NYC KringleCon party, and the excellent talk from our Guest Speaker, Vitali Kremez, the video is now posted: https://lnkd.in/ez_DwSp
Sunday, December 8, 2019
Save the Date!
I AM FREAKING OUT!! SAVE THE DATE!! If you are in NYC, I am planning an EPIC event the night of 12/17!!!
Download v1.0 of my #KringleCon CheatSheet NOW! Enjoy!
Saturday, August 17, 2019
Holiday Hack Sneak Peek 2019
It seems the SANS Annual Holiday Hack Challenge buzz begins earlier and earlier every year. This year is no exception. My first Holiday Hack CheatSheet of the season is here! HUGE shout-out to our RedTeam mole, @ssampana_tr for infiltrating the @edskoudis party in Vegas during BlackHat USA DEF CON week and reporting back clues. Download v1.0 of my #KringleCon CheatSheet NOW! Enjoy!
Wednesday, March 20, 2019
About DFIR - Moar!
I’m overdue for an update, so here we go! I came across some pretty cool stuff recently. I know I’ve said this before, but it really is a fantastic time to be involved in DFIR!
Nick Caldwell won me over with the very first article of his I came across, and he hasn’t disappointed me since! He’s such a solid force of wisdom:
The Worst Career Advice I Ever Received
https://medium.com/@nickcaldwell/latest
@NickCald
Unless you live in a cave, you probably already knew this, but Eric Zimmerman has a new tool out, looks amazing! KAPE - Kroll Artifact Parser and Extractor
https://learn.duffandphelps.com/kape
@EricRZimmerman
I came across this “Malware Dynamic Analysis” nugget by Veronica Kovah, one of so many great and FREE training resources available on OpenSecurityTraining.info:
http://opensecuritytraining.info/MalwareDynamicAnalysis.html
@VeronicaKovah
Microsoft Security Intelligence puts out an annual Report, guess I knew that but forgot about it. Really enjoyed this most recent one!
Microsoft's Annual Security Intelligence Report
Podcasts worth mentioning:
CISO-SecurityVendor Relationship Podcast with David Spark and Mike Johnson:
https://cisoseries.com/podcast
@DSpark
@YanceySlide
Defense in Depth Podcast with David Spark and Allan Alford:
https://cisoseries.com/podcast
@DSpark
@AllanAlfordinTX
Simple Leadership Podcast:
@cmccarrick
http://SimpleLeadership.io/category/podcast
World Class Investigator Podcast:
@HuntedJulie
https://itunes.apple.com/ca/podcast/world-class-investigator/id1330196085
Human Factor Security Podcast:
@Jenny_Radcliffe
https://humanfactorsecurity.co.uk/podcast-2
The OSINT Podcast:
@JakeCreps
http://osintpodcast.com
Hackable Podcast by McAfee:
https://HackablePodcast.com
Inside Intercom Podcasts:
https://radiopublic.com/inside-intercom-podcast-GmMPaG
ATM Malware Tracker: (Caution Malware!)
@cybercrimewhq
http://atm.cybercrime-tracker.net
13 Cubed DFIR Learning Series:
@DavisRichardG
https://www.youtube.com/user/davisrichardg
Fixed: https://aboutdfir.com/articles
http://mc.fhstp.ac.at/sites/default/files/Anubis.pdf BAD URL, NEW URL:
Now you can grab it here
Updated BelkaSoft, Carnegie Mellon, and eForensics training listings.
Sunday, January 27, 2019
About DFIR - Catching Up
I took some time this weekend to catch-up a bit with AboutDFIR and add some of the content I've been too busy to share. I've got tons more, so that will be coming as time allows. I know Devon has stated it, but I'll reiterate, the links that we add often have context and so I've decided to take a few minutes to add some backstory around the new additions I've made this weekend.
First, under "Certifications and Trainings", I've added the free class The Cuckoo's Egg Decompiled that Chris Sanders gives (yes free, and yep, "the" Chris Sanders!). Not sure how that wasn't already on here, but hey, now it is, so don't miss that one! Next, under CTF's (one of my favorite categories), I've added two really cool links from a wonderful gentleman, Mr. John York, whom I met last month while playing the phenomenal "Holiday Hack" that Ed Skoudis and the CounterHack team puts together every year. John has not only won the annual "Holiday Hack" in the past, he's placed in other years as well. He teaches at the Shenandoah Valley Governor's School, and has put a unique spin on "Holiday Hack", using it to teach his students about cyber security: KringleCon Lessonized and Holiday Hack 2017 Lessonized.
Then, also through playing "Holiday Hack", I met Mr. Jim Kirn who told me he really likes a tool called OSquery, so I added that under "Intelligence Portals". And, one more friend I met through "Holiday Hack" (you really need to play that CTF because you make so many wonderful friends) is Mr. Mike Felch. I actually met Mr. Felch through playing "Holiday Hack" last year, but we reconnected again this year and I realized he is part of the CoinSec PodCast, so check that out.
For all the OSCP fans out there, I came across a real gem that's really gonna help you "Try harder", and he's from my hometown! I can't wait to buy him a soda next time I'm in Lancaster, PA! Shout-out to Mr. Michael LaSalvia and his Youtube Channel: Path to OSCP - he's got other really great videos on there as well. He's totally passionate and such a great teacher!
Then, there's the Google Phishing Quiz that was all over Twitter this past week, so I stuck that under the "Malware Analysis" section. I also learned about yet another ISAC, the Health-ISAC, so I added that one along-side all the others we have listed.
Lastly, I had the great privilege of sitting down to lunch with Evan Gaustad who used to work for Target and has now branched out on his own. Evan is no stranger to the stages of large conferences and it's not every day that I get to chew the fat with someone of his ilk, so that was a really great treat. Evan told me how much he really likes using LogicHub and so I added that tool under "Intelligence Portals".
First, under "Certifications and Trainings", I've added the free class The Cuckoo's Egg Decompiled that Chris Sanders gives (yes free, and yep, "the" Chris Sanders!). Not sure how that wasn't already on here, but hey, now it is, so don't miss that one! Next, under CTF's (one of my favorite categories), I've added two really cool links from a wonderful gentleman, Mr. John York, whom I met last month while playing the phenomenal "Holiday Hack" that Ed Skoudis and the CounterHack team puts together every year. John has not only won the annual "Holiday Hack" in the past, he's placed in other years as well. He teaches at the Shenandoah Valley Governor's School, and has put a unique spin on "Holiday Hack", using it to teach his students about cyber security: KringleCon Lessonized and Holiday Hack 2017 Lessonized.
Then, also through playing "Holiday Hack", I met Mr. Jim Kirn who told me he really likes a tool called OSquery, so I added that under "Intelligence Portals". And, one more friend I met through "Holiday Hack" (you really need to play that CTF because you make so many wonderful friends) is Mr. Mike Felch. I actually met Mr. Felch through playing "Holiday Hack" last year, but we reconnected again this year and I realized he is part of the CoinSec PodCast, so check that out.
For all the OSCP fans out there, I came across a real gem that's really gonna help you "Try harder", and he's from my hometown! I can't wait to buy him a soda next time I'm in Lancaster, PA! Shout-out to Mr. Michael LaSalvia and his Youtube Channel: Path to OSCP - he's got other really great videos on there as well. He's totally passionate and such a great teacher!
Then, there's the Google Phishing Quiz that was all over Twitter this past week, so I stuck that under the "Malware Analysis" section. I also learned about yet another ISAC, the Health-ISAC, so I added that one along-side all the others we have listed.
Lastly, I had the great privilege of sitting down to lunch with Evan Gaustad who used to work for Target and has now branched out on his own. Evan is no stranger to the stages of large conferences and it's not every day that I get to chew the fat with someone of his ilk, so that was a really great treat. Evan told me how much he really likes using LogicHub and so I added that tool under "Intelligence Portals".
Saturday, December 15, 2018
HolidayHack 2018 CheatSheet
SANS HolidayHack 2018 is going to drop any hour now. I've compiled a list of tips that I've come across to help get you started. Enjoy!
HolidayHackCheatSheet 2018
HolidayHackCheatSheet 2018
Subscribe to:
Posts (Atom)
