#incidnetresponse — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #incidnetresponse, aggregated by home.social.
-
New from the Gooses. A hopefully straight forward vibe coded incident response use case playbook action tracker with a incident view to follow action items through a live incident, written by RootxOver. More to come.
Article:
Not Another (Incident Response) Framework https://blog.grumpygoose.io/not-another-incident-response-framework-aeff9d27887c
Tool:
-
New from the Gooses. A hopefully straight forward vibe coded incident response use case playbook action tracker with a incident view to follow action items through a live incident, written by RootxOver. More to come.
Article:
Not Another (Incident Response) Framework https://blog.grumpygoose.io/not-another-incident-response-framework-aeff9d27887c
Tool:
-
first gig back at work has widespread malware delivered to endpoints via security tooling. This one is after the incident so not a problem to investigate, a previous one though had the Threat Actor using MDE to undo containments and deploy malware live during the IR 🫠 Any fleet management software, be it RMM or security tooling, can give a TA as much control of the organisation as the admins #IncidnetResponse #dfir
-
first gig back at work has widespread malware delivered to endpoints via security tooling. This one is after the incident so not a problem to investigate, a previous one though had the Threat Actor using MDE to undo containments and deploy malware live during the IR 🫠 Any fleet management software, be it RMM or security tooling, can give a TA as much control of the organisation as the admins #IncidnetResponse #dfir
-
first gig back at work has widespread malware delivered to endpoints via security tooling. This one is after the incident so not a problem to investigate, a previous one though had the Threat Actor using MDE to undo containments and deploy malware live during the IR 🫠 Any fleet management software, be it RMM or security tooling, can give a TA as much control of the organisation as the admins #IncidnetResponse #dfir
-
first gig back at work has widespread malware delivered to endpoints via security tooling. This one is after the incident so not a problem to investigate, a previous one though had the Threat Actor using MDE to undo containments and deploy malware live during the IR 🫠 Any fleet management software, be it RMM or security tooling, can give a TA as much control of the organisation as the admins #IncidnetResponse #dfir
-
first gig back at work has widespread malware delivered to endpoints via security tooling. This one is after the incident so not a problem to investigate, a previous one though had the Threat Actor using MDE to undo containments and deploy malware live during the IR 🫠 Any fleet management software, be it RMM or security tooling, can give a TA as much control of the organisation as the admins #IncidnetResponse #dfir
-
When you need to capture a #BitLocker driver you might be able to sniff the key from the TPM.
Take a look at the full video on this process. It contains some great research & simple hardware he built for it.
https://youtu.be/wTl4vEednkQ -
When you need to capture a #BitLocker driver you might be able to sniff the key from the TPM.
Take a look at the full video on this process. It contains some great research & simple hardware he built for it.
https://youtu.be/wTl4vEednkQ -
When you need to capture a #BitLocker driver you might be able to sniff the key from the TPM.
Take a look at the full video on this process. It contains some great research & simple hardware he built for it.
https://youtu.be/wTl4vEednkQ -
When you need to capture a #BitLocker driver you might be able to sniff the key from the TPM.
Take a look at the full video on this process. It contains some great research & simple hardware he built for it.
https://youtu.be/wTl4vEednkQ -
When you need to capture a #BitLocker driver you might be able to sniff the key from the TPM.
Take a look at the full video on this process. It contains some great research & simple hardware he built for it.
https://youtu.be/wTl4vEednkQ