I’ve been really lazy about this, but here’s my #introduction post
My name is Chelsea, but honestly call me pinky irl and I’ll still respond. I have my PhD in IT regarding redefining risk so that it can be calculated in automatically for small businesses. I work in #infosec in particular #dfir (more so the #IR portion) - currently as a mix of a SOC analyst and threat hunter. I also teach!
I love helping the community and volunteer as a staff member for #bsidessatx. As a result if you’re ever looking to get involved, I’ll be happy to point you the right way (but as always, no guarantees). I’ve also previously presented at Defcon Blue Team Village, SANS Blue Team Summit, and Texas Cyber Summit.
Outside of #infosec I spend a majority of my time playing #ffxiv 
I’ve been considering talking about this more, as I don’t often discuss infosec due to a constant burn out and imposter syndrome.
I’m bisexual/pansexual (happy to identify as either) and a gray asexual which just keeps life interesting 
I have currently she/her pronouns, although some days im leaning toward she/they
There is a new #Fediverse bot that facilitates web forensic analysis of websites.
You can submit a domain for crawling by messaging @lookyloo, and it will respond with the analysis results.
#cybersecurity #threatintel #dfir
services is provided by @circl
Thanks to @rafi0t for the new bot.
@hacks4pancakes (@dragosinc) will join us on March 19 for our Foundations of DFIR panel!
While that's a few weeks away, you can check out Lesley's blog post on The Shifting Landscape of OT Incident Response which illustrates the importance of specialized incident response and digital forensics in maintaining the security and integrity of OT systems.
Find it here: https://www.dragos.com/blog/the-shifting-landscape-of-ot-incident-response/
If you want to catch Lesley along with panelists @danonsecurity, David Bianco, and Sarah Sabotka for unique insights on bolstering your DFIR foundations, save your spot here: https://www.domaintools.com/webinar-getting-back-to-the-foundations-of-dfir/?utm_source=Mastodon&utm_medium=Social&utm_campaign=DFIR-To-You
We’re hiring a technical writer for my team here at @huntress in case anyone is interested! Feel free to reach out with questions 😃
For my #infosec and #dfir friends on the fedi: If you collect browser history files during investigations from time to time, you might find this tool useful: https://browser.dog
Built this last weekend and thought I put it out there for everyone to use.
Find all disk images on #github
Use Autopsy & find secrets.
Git Dork:
path:**/*.iso OR path:**/*.img OR path:**/*.dmg OR path:**/*.vmdk OR path:**/*.vdi OR path:**/*.vhd OR path:**/*.vhdx OR path:**/*.qcow2 OR path:**/*.img.gz OR path:**/*.sparseimage OR path:**/*.xva OR path:**/*.bin
The 12th annual @volatility #PluginContest is OPEN for submissions! Contribute to the open source forensics community, gain visibility for your work + have a chance to win prizes! Details here: https://volatilityfoundation.org/the-12th-annual-volatility-plugin-contest-is-open/
Submission Deadline: 31 December 2024
My latest, on the more unusual IR cases we see in the industrial space. https://www.dragos.com/blog/the-shifting-landscape-of-ot-incident-response/ #ICSSecurity #DFIR #cybersecurity
Incident response plans are incredibly important for both IT and OT cybersecurity. They guide you in stressful crises, and aid in both tactical procedures and decision making.
I cannot state enough how important it is that your organization has plans for every environment, those plans are tested by your organization in realistic scenarios, and that ultimately you write and edit the bulk of those plans yourself.
There are skeevy consulting companies who will sell you almost anything - from premade IR plans to services that build them for you without your involvement. However, I can absolutely guarantee without serious project-scale care and feeding from your own stakeholder personnel and environmental considerations, they will fall flat in an emergency. You wouldn't want your hospital to download a premade triage plan for another size or functional org from scribd.
Can't stress enough how important it is to take the time to plan, even if you bring in consultants to guide and advise you.
We just released our Threat Report covering some things we saw within the last year in the #SMB space @huntress
#dfir #cti #threatreport #threatintel
https://www.huntress.com/resources/2024-cyber-threat-report?direct
I’m an independent consultant specializing in Incident Response, Digital Forensics, and Expert Witness work. I’m passionate about Unix/Linux, having started my career as a Unix Sys Admin back in the 1980’s. You may have heard of me because of my training work with the SANS Institute or Antisyphon.
You can find the courseware for my Linux Forensics class available for free at https://archive.org/details/HalLinuxForensics
Other presentations and technical writing at https://deer-run.com/~hal/
One of my favorite things to do is write books, specifically, books about Information Security. I've written a mixture of fiction and non-fiction titles over the years, that use a variety of techniques to teach folks about the industry.
You can find them wherever books are sold, and also Walmart for some reason!
Check out https://www.infosecdiaries.com/ to learn more about all of them.
#infosec #infosecreads #DFIR #BlueTeam #pentesting #DigitalForensics #cybersecurity
Working a ransomware incident, doing some #DFIR work on impacted workstations - and lo and behold before my eyes: NERO!
It's still around too. Good for them. That makes me happy. https://www.nero.com
If you're not caught up in the Las Vegas madness this week (or if you need a break from it), you might enjoy this article about the Systemd journal in Linux.
https://righteousit.com/2024/08/06/systemd-journal-and-journalctl/
I even made a cheat sheet for the journalctl command.
There is a queue you know.
The first step to faster service is properly asking for the service.
I cannot prioritize the request you have never made.
If it is that important you can spare the 2 minutes it takes to fill the request out.
Kthxbye
Unlocking the Path to Cybersecurity | How Diverse Backgrounds Lead to Success => Short clip from the Leanpub Frontmatter podcast with Andrew Rathbun, Co-Author of EZ Tools Manuals => The link to the full interview is here => https://youtu.be/5LtX7QwF6WM => This episode was recorded on October 18, 2022 #podcastclips #tech #military #marines #lawenforcement #DFIR
Hello! Let's get my #introduction going here.
Professionally right now I work as an SME in a #PenTesting group for a regulatory company, but it's really not my bag of tea in the long run. That I can feel. I much prefer to be in an investigatory and tool-making field for something related to #DFIR . I was especially happy doing #ReverseEngineering of #malware .
I'm into reverse engineering, assembly languages like #IA32 and recently #ARM / #ARM64, programming (old classics like C/C++ / #Python but learning the newer stuff like #RustLang ), big into #forensics, #RasPi and #Arduino projects and such.
Still trying to figure out what I am career wise, though, like job title and such! It's all great fun to me, just haven't found the direct niche to sink into.
Hobby wise, I'm also really into #GuildWars2! Long time gamer at heart.
As LLM’s take over the world, a reminder that you can still buy hand crafted, small batch collections of words.
Stand out from the crowd this holiday season with a Mike Sheward InfoSec book - written the old fashioned way - by hand, and fueled by an undying rage that can only exsist in someone who uses JIRA.
Available wherever you buy books and also Walmart.
#infosec #books #cybersecurity #dfir #pentesting #blueteam #redteam
Real stories. Real tech. Real responses. Real emotions.
Learn the things you can't learn in textbooks.
Learn more about the books: https://infosecdiaries.com
My belated #introduction
I'm Matt. I'm a professional #DFIR person and volunteer Rescue (USAR) specialist. I've been mixing both tech and fire/rescue since Bill Clinton was president!
I currently lead a team at Google, formerly led security operations at NASA (Ames) and like to spend quality time with my family, parrots, and dogs.
Should I really do an #introduction ? I’m already loud and obnoxious… I’ll follow etiquette though.
I’m Lesley, from Chicago. Now an immigrant in Melbourne. I have been doing #infosec for quite a while now. I focus on #dfir for #ics and critical infrastructure. I do a lot of talks and career clinics and writing about that - links in profile. I'm available as a #KeynoteSpeaker and I want to talk at your con. ✨
Outside work I do lots of stuff. I’m really into #martialarts even though I’ll never be super good. I have two fourth degree black belts in #TangSooDo and #taekwondo. I also study #arnis and Kung Fu. I coach middle schoolers. I also love #gaming, especially a #mmorpg. I watch lots of geeky movies and #cosplay at cons even though I’m ancient. I’m a goof. I also shoot #bows and #pistols competitively. I love a good gin martini. I can chat about almost anything.
I retired from the #USAF reserves in 2021 after an interesting career seeing a lot of the world.
I am publicly 🏳️🌈 #NonBinary and #asexual. I prefer they/them pronouns for that reason, but I don’t get upset when people accidentally mess it up. Gender is silly, and I prefer to not participate in gender roles! I never married or had kids for that reason, but people are great and I have lots of awesome pals to have adventures with. 🤷🏻♀️🍸
I care deeply about #humanrights and #socialjustice. I am a proud #atheist and #humanist. It’s integral to who I am. I care about people today and future generations being well and safe. I’ll get mad for you, because I care.