DFSP # 430 - Targeting Tasks | allinfosecnews.com

May 14, 2024, 10:04 a.m. |

Digital Forensic Survival Podcast digitalforensicsurvivalpodcast.libsyn.com

Windows Scheduled Tasks are often used by attackers to establish persistence. As an analyst, you want to be aware of the different windows event codes that record these details. These artifacts come up in just about every windows compromise assessment, consider them core triage skills. There are several events, all of which I will go over in this episode. I will break them down from a DFIR point of view and give you the triage methodology...

analyst artifacts assessment attackers aware compromise event events persistence record skills targeting triage windows

More from digitalforensicsurvivalpodcast.libsyn.com / Digital Forensic Survival Podcast

DFSP # 432 - Control Bits 4 days, 20 hours ago | digitalforensicsurvivalpodcast.libsyn.com

bits connection control devices +9

DFSP # 431 - Finding Needles 1 week, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com

challenges compromise discovery escalation +4

DFSP # 430 - Targeting Tasks 2 weeks, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com

analyst artifacts assessment attackers +10

DFSP # 429 - Career Moves 3 weeks, 4 days ago | digitalforensicsurvivalpodcast.libsyn.com

career course dfir future +9

DFSP # 428 - It’s all about that XML 1 month ago | digitalforensicsurvivalpodcast.libsyn.com

artifacts compromise events evidence +9

DFSP # 427 - MOF Balls 1 month, 1 week ago | digitalforensicsurvivalpodcast.libsyn.com

app artifact attackers dfir +11

DFSP # 426 - SSH Forensics: Log Analysis 1 month, 2 weeks ago | digitalforensicsurvivalpodcast.libsyn.com

analysis analyst forensics important +9

DFSP # 425 - SSH Forensics: Host-Based Artifacts 1 month, 3 weeks ago | digitalforensicsurvivalpodcast.libsyn.com

artifacts explained fast forensics +7

DFSP # 424 - SSH Forensics: Understanding Secure Shell 1 month, 4 weeks ago | digitalforensicsurvivalpodcast.libsyn.com

access basics communications concepts +18

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com