Sunday, August 30, 2020

Recovering Luddite?

Growing up Mennonite in Lancaster County with no computer, and no television, only to become a Digital Forensic Analyst and Incident Response Specialist living in New York City, has been quite a journey. My friends tell me the uniqueness of my life requires a blog, but I tell them, I haven't changed much, really.

Personal blog, nothing on here represents my employer.

SANS SOF-ELK CheatSheet

Finally! Successfully got the SANSInstitute PhilHagen SOF-ELK up and running in VirtualBox!  I struggled a bit with what others in #DFIR seemed to do with ease, so I created a CheatSheet I'm sharing in the off-chance it could lessen someone else's pain!  http://bit.ly/SOFELK

Wednesday, February 26, 2020

Thursday, December 12, 2019

The World's First Kringle Coin!


Mary Ellen & Friends - Holiday Hack!



What an honor it is to hold the world's first SANS HolidayHack KringleCoin. It was presented to me, in person, by Ed Skoudis himself, who drove all the way from SANS CDI in D.C., straight to Manhattan to personally hand me this award. I truly consider it one of my biggest professional achievements. Thank you so much, Ed Skoudis, SANS Institute, and BNY Mellon for hosting the event! If you missed our "live" NYC KringleCon party, and the excellent talk from our Guest Speaker, Vitali Kremez, the video is now posted: https://lnkd.in/ez_DwSp

Saturday, August 17, 2019

Holiday Hack Sneak Peek 2019

  

It seems the SANS Annual Holiday Hack Challenge buzz begins earlier and earlier every year.  This year is no exception.  My first Holiday Hack CheatSheet of the season is here!  HUGE shout-out to our RedTeam mole, @ssampana_tr for infiltrating the @edskoudis party in Vegas during BlackHat USA DEF CON week and reporting back clues.  Download v1.0 of my #KringleCon CheatSheet NOW!  Enjoy!

Wednesday, March 20, 2019

About DFIR - Moar!


I’m overdue for an update, so here we go!  I came across some pretty cool stuff recently.  I know I’ve said this before, but it really is a fantastic time to be involved in DFIR!

Nick Caldwell won me over with the very first article of his I came across, and he hasn’t disappointed me since!  He’s such a solid force of wisdom: 


The Worst Career Advice I Ever Received

https://medium.com/@nickcaldwell/latest
@NickCald 

Unless you live in a cave, you probably already knew this, but Eric Zimmerman has a new tool out, looks amazing!  KAPE - Kroll Artifact Parser and Extractor 

https://learn.duffandphelps.com/kape 
@EricRZimmerman 

I came across this “Malware Dynamic Analysis” nugget by Veronica Kovah, one of so many great and FREE training resources available on OpenSecurityTraining.info: 

http://opensecuritytraining.info/MalwareDynamicAnalysis.html 
@VeronicaKovah 

Microsoft Security Intelligence puts out an annual Report, guess I knew that but forgot about it.  Really enjoyed this most recent one! 

Microsoft's Annual Security Intelligence Report

Podcasts worth mentioning: 


CISO-SecurityVendor Relationship Podcast with David Spark and Mike Johnson: 

https://cisoseries.com/podcast
@DSpark 
@YanceySlide 

Defense in Depth Podcast with David Spark and Allan Alford: 

https://cisoseries.com/podcast
@DSpark 
@AllanAlfordinTX 

Simple Leadership Podcast: 

@cmccarrick 
http://SimpleLeadership.io/category/podcast 

World Class Investigator Podcast: 

@HuntedJulie 
https://itunes.apple.com/ca/podcast/world-class-investigator/id1330196085 

Human Factor Security Podcast: 

@Jenny_Radcliffe 
https://humanfactorsecurity.co.uk/podcast-2

The OSINT Podcast: 

@JakeCreps 
http://osintpodcast.com

Hackable Podcast by McAfee: 

https://HackablePodcast.com

Inside Intercom Podcasts: 

https://radiopublic.com/inside-intercom-podcast-GmMPaG 

ATM Malware Tracker: (Caution Malware!)

@cybercrimewhq 
http://atm.cybercrime-tracker.net

13 Cubed DFIR Learning Series: 

@DavisRichardG 
https://www.youtube.com/user/davisrichardg

Fixed: https://aboutdfir.com/articles 

http://mc.fhstp.ac.at/sites/default/files/Anubis.pdf BAD URL, NEW URL: 
Now you can grab it here

Updated BelkaSoft, Carnegie Mellon, and eForensics training listings.