Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft added the option to enable various forms of virtualization-based security (VBS), such as Credential Guard, Device Guard, Application Guard, and more. In the post you will learn which tools to use to overcome these new features.
-
Investigating Malware Using Registry Forensics
Here is Jason Hale’s talk from Louisville Infosec 2017 titled “Investigating M… -
Incident Response in the Cloud
Moving from on-premises deployments to the cloud can offer incredible benefits to many org… -
Mac Admins Podcast, Episode 52: Digital Forensics on the Mac with Sarah Edwards
In the 52 episode of Mac Admins Podcast Sarah Edwards talks about Digital Forensics on the…
Load More Related Articles
-
Using Powerforensics for Windows LNK Analysis
In this post Lionel Faleiro shows how to use Powerforensics, a PowerShell framework create… -
How to Remotely Dump Linux RAM
Here is a guide on how to remotely dump Linux RAM with LiMEaide – a python applicati… -
Understanding Orphaned Files
Phill Moore has written a nice post in his new blog – ThinkDFIR. This post will help…
Load More In How To
