Memory Forensics with Vshot and Remnux (rogue process identification,2)

We start this post where we left the first one, we are moving now into the analysis phase once we have parsed the memory dump with Volatility and the Vshot script included in Remnux. The current script version 4.01 is running 44 plugins against the memory dump. Let's have a quick look at the plugins … Continue reading Memory Forensics with Vshot and Remnux (rogue process identification,2)

Book: Android Malware and Analysis by Ken Dunham.

I needed  to get an intro to Android Malware Analysis and some of the tools you can use for Analysis. This books is very easy to read and provides a good foundation to start doing Android Malware Analysis. It covers current malware landscape until 2014 an existing techniques and tools in static and dynamic analysis. … Continue reading Book: Android Malware and Analysis by Ken Dunham.

Book: Incident Response & Computer Forensics 3rd edition

As part of the training I took this year, GCFA ( https://www.sans.org/course/advanced-incident-response-threat-hunting-training) I was given this book together with the course. Thumbs up for the people at SANS again. I came across this book, a lot before I attended my GCFA training however I never bought it, I believe I did not see benefits in it … Continue reading Book: Incident Response & Computer Forensics 3rd edition

Book: Learn about firewall design, Juniper Networks

Mini-book oriented to firewall design. The book explains very well the role that the company policy plays when designing the firewall. It is a very easy to read, well written and a refresher if you are studying firewall design and monitoring. I particularly used it to refresh and get ideas on those indicators that are interesting … Continue reading Book: Learn about firewall design, Juniper Networks

Security Intelligence: A Practitioner’s Guide to Solving Enterprise Security Challenges

This is another awesome book I recently found trying to validate some knowledge for my next blog post. This is the definitive book to understand today's malware distribution networks and how they operate. I have spent a considerable amount of time researching and working with technologies aimed at recognizing Malware Delivery Networks and this is … Continue reading Security Intelligence: A Practitioner’s Guide to Solving Enterprise Security Challenges

Malware forensics field guide for Windows Systems

All good books deserve a reference and this one is one of them. Malware forensics field guide for Windows systems.   The book is very easy to read and mainly practical. It goes from describing the general IR process to advance subjects such as memory forensics, live and dead analysis of windows systems and malware … Continue reading Malware forensics field guide for Windows Systems

Information Security Analytics: finding security insights, patterns and anomalies in big data

Two days ago I finished reading this book, I thought I was buying an interesting book however it was a very unsatisfying experience. The book is a 188 pages waste of time, unless you are ready to start putting some time into some technologies such as HIVE and Hadoop. It is not that these technologies … Continue reading Information Security Analytics: finding security insights, patterns and anomalies in big data