Background:
In today's cybersecurity landscape, there are many attack types. One of them is hardware-based, which can be leveraged by threat actors to connect special keystroke injection devices into [...] Read more
Background:
Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more
Background:
When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more
Background:
In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more
Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more
Background:
In one of our previous articles, I've introduced the process of preparing a USB drive/tool for forensic analysis. Now, it is time to delve one level deeper and explore the key points that [...] Read more
Background:
That being said, the incident response subprocess, from the perspective of budgeting and complexity, is not necessarily easy. However, today's tooling and built-in tools provide us with [...] Read more
Background:
During the incident response stage of "Log Collection," it is highly valuable to collect comprehensive data from the servers, especially when the affected system is running Windows OS. [...] Read more
Background:
In a previous article, I discussed the high-level preparations needed to acquire an image of a machine requiring forensic analysis. However, have you considered the caveats related to [...] Read more
Background:
In our previous article, we discussed the preparation needed for the "log collection" stage of incident response, which is essential for the "analysis" stage. We covered how to prepare [...] Read more
 is analyzing a server for vulnerabilities. The analyst is sitting at a desk, l.webp)
![Building a Forensic USB Drive: Tools and Techniques for Imaging [ PART 1.5 ]](https://threat.boutique/content/images/20241019113239-Designer (3).jpeg)
![Forensic Analysis Preparation for Windows Operating Systems in Incident Response: Utilizing Volatility for Memory Analysis [ PART 2 ]](https://threat.boutique/content/images/20240914154544-Designer.jpeg)