Sign in Create account

#for509 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #for509, aggregated by home.social.

Josh Lemon @[email protected] · 2025-01-14 · 03:40 UTC

#Ransomware threat actors are increasingly abusing AWS's Server-Side Encryption (SSE-C) to encrypt S3 buckets without needing to drop malware. Most recently a TA known as #Codefinger is using this technique.
🕵 Make sure you're monitoring S3 and encryption activity via CloudTrail & GuardDuty.
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
#CloudForensics #FOR509 #AWS

#ransomware #codefinger #cloudforensics #for509 #aws
13reak :fedora: @[email protected] · 2024-02-27 · 06:32 UTC

:blobcheer:
Yay, passed my #SANS #FOR509 #GIAC Cloud Forensic Responder (GCFR).
I'd definitely recommend the course if one is interested in cloud and incident response (but finish the "basic" FOR508 before this course).

#sans #for509 #giac
Josh Lemon @[email protected] · 2023-08-26 · 21:03 UTC

Congratulations to our #FOR509 Day 6 Capstone winners in #Singapore last week.
It was one of the closest challenges between the competing teams I've seen.

#CloudForensics
#DFIR @sansapac

#for509 #singapore #cloudforensics #dfir
Josh Lemon @[email protected] · 2023-03-13 · 04:30 UTC

One of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/

#for509 #cloudforensics #aws #dfir #csirt #cert