Johnny Appleseed shared the article “Basics of Windows Incident Response”.
Not so long ago was a post in which it is revealed that, some advanced malware can detect a virtual environment such as a sandbox to avoid detection and analysis. Due to the fact that, some threats can also detect monitoring tools used for malware analysis, these malware will not run to seem harmless. It was created a quick proof of concept (POC), to demonstrate the defensive tactics. Some malware use a mutex or registry key (a previous version of Locky).
Thomas Reed in his blog talks about the new Mac malware in 2017 year. He drew their attention to it, because it had not previously met. This malware program was extremely simplistic on the surface, consisting of only two files.
John Pauling published a refutation of the article titled “Cloud is evil …”. In his post, he, regardless of point of view, considers each of the claims in this article, from his point of view and extensive experience DFIR with AWS (and to some extent Azure). He describes in detail his opinion and experience in claims, and you can view it here.
Many analysts often use the IBM i2 Analyst’s Notebook only for drawing beautiful pictures, such as organizational charts, although his capabilities allow much more. Consider a few methods: