My goal for the holiday period was to finish @nintendouki.bsky.social #MarioVsDonkeyKong
Goal accomplished on New Years Day π
06.01.2025 21:28
π 5
π 0
π¬ 0
π 0
My goal for the holiday period was to finish @nintendouki.bsky.social #MarioVsDonkeyKong
Goal accomplished on New Years Day π
Best news ever!
Free #AppleTV this weekend
Thatβs my weekend sorted π
www.apple.com/tv-pr/news/2...
Kudos to you for that; I took one look outside & went βnope!β
Me: iβm going to start the year as I mean to go on, with a 2km #DFIRFit run on the treadmill πͺ
My treadmill 2mins into the warm upβ¦
Anyone know how to fix a dead @nordictrack.bsky.social S20 (UK)? π€¦ββοΈ
Itβs not the fuse & I yes I already tried turning it off & on again!
Version 1.6 of #DFIR #parseUSBs is outβ¦
I was interested to see if I could fill in any gaps in assigned drive letters for previous USB connections using LNK data, so this version does exactly that (matching on VSN)
As always, feedback very welcome
github.com/khyrenz/pars...
I felt that pain!
I got as far as I could on the badge challenges on day1 of @SANSInstitute #CyberThreat24 β¦ tripped up by a micro USB cable π€¦ββοΈπ€£
Itβs all kicking off in style at @SANSInstitute #CyberThreat
Congratulations & very well done; you aced the capstone πͺ
Very important development⦠the @trafficscotland gritter tracker now has a beta 3D map! Best names ever, every year
Go Icesweeper Willie, go!
Though I still think the best name so far is⦠Itsy Bitsy Teenie Weenie Yellow Anti-Slip Machiney
www.traffic.gov.scot/gritter-trac...
Possibly yes, but I ran out of characters in the post⦠right now I have:
X: 2.7k
Mastodon: 231
Bluesky: 105
LinkedIn: 1.4k connections
I think that makes the Bluesky figures more interesting
How do #InfoSec social media apps compare? Stats on my last #DFIR post after 24hrsβ¦
X:
- 5 reposts
- 26 likes
- 2 new followers
Mastodon:
- 2 boosts
- 3 favourites
- 2 followers
Bluesky:
- 6 reposts
- 16 likes
- 7 followers
LinkedIn:
- 13 reposts
- 79 reactions
- 7 followers
- 25 conn requests
π¨ #DFIR Tool update π¨
Iβve updated parseUSBs (again!):
- Now supports mounted #KAPE images
- Improved deduplication of events within secs of each other
- Added extraction of partition style (MBR/GPT) & Filesystem
- Parses alternate S/Ns
- Parses WPDBUSENUM key
github.com/khyrenz/pars...
Thereβs wifi you have to pay for?!
Who owns Bluesky? Whatβs the role of former Twitter CEO Jack Dorsey? Whatβs Blueskyβs business model? And what prevents another Elon Musk from buying and destroying it?Β
@micahflee.com answers your Bluesky questions.
Ha! You of all people doubt connectivity in the modern world π
Itβs a great article. I also read @cScottVanceβs blog on this last week: www.magnetforensics.com/blog/underst...
β¦& I think the key takeaway is still to acquire a device ASAP after seizure. Cool to see how the forced reboot is logged π
Interesting and potentially problematic from a LE viewpoint - @tazwake.bsky.social did you know about this?
naehrdine.blogspot.com/2024/11/reve...
My #parseusbs #DFIR tool got another small update this week to fix an issue on Linux - now tested on Windows cmd/powershell, WSL (the best shell!), and Ubuntu
Parse USB connection artifacts from a Windows volume, including registry & event log data (or offline hives)
github.com/khyrenz/pars...
Join me in Lisbon next week for lots of @sansforensics #FOR500 Windows forensics fun. Iβve discovered some fun new things about USB connection artifacts that Iβll be sharing first at this event, so youβll want to be around for all that!
Sign up here: sans.org/u/1yrB
This git is full of resources for event logs/auditing. Covers everything from tool configs to audit cheatsheets to event attack chains and data samples. In #DFIR visibility is key. This is a solid resource for those responding to an incident or trying to prevent one. #grc
github.com/stuhli/aweso...
