I just wrapped up the penultimate course in my graduate program. Only eight more weeks left.
I am beat down but it’ll be worth it.
I recently talked about ransomware at a joint (ISC)² Southern Arizona / UA CyberCats meeting. There were a few items in the presentation and discussed after and I wanted to make sure I provided the links here:
- KAPE: https://ericzimmerman.github.io
- DeepBlueCLI: https://github.com/sans-blue-team/DeepBlueCLI
- CISSP Study Guide (3rd Ed.) https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372
- SANS Posters: https://www.sans.org/security-resources/posters/
Thanks again to everyone who attended!
There is light at the end of the tunnel.
So much has happened over the past few years that it’s odd to think about closure paired with continued success. With any luck I’ll be wrapping up my masters program at the end of the year and entering my second year of employment at Kroll. I’ve also been remodeling my home. This isn’t a humblebrag post. If you enjoy doing something it doesn’t automatically become easy. This year has been difficult and not unilaterally successful. Learning experiences? Yes. Fuck-ups? Also yes. Running water? Occasionally. At least no one died as a result.*
I’m excited to get back to punk-rock computing: Using my free time to research/test what I want, how I want, and blog about. That’s why this post exists. I’m kicking the rust off the ol’ WordPress install to make sure it works (I’ve been paying someone to maintain it… did they?) and that I know how to hit the “Publish” button with just the right amount of intensity. (About 4.63 intensities or more.)
There are many new tools I use since I’ve last posted that I’d love to post about. Python 3 + pandas, KAPE, and DeepBlueCLI, etc. I look forward to posting how I use them, what I use them for, and what I think the future of DFIR could look like. Also just about my life, what’s on my mind, and a few links to weird websites that remind me of how the Internet was in 1996. Webrings, anyone? More posts soon!
* That I am aware of.
I recently presented for the Tucson Computer Forensics and Information Security Meetup. It was mostly on the content I’ve already talked about here – RiotPSA, Amazon Echo Dot system software, etc. I had told people there that the slide deck would be available.
I dislike slides/PowerPoint/etc. I generally make whatever I’m going to present that same day. I’d much rather talk and have a natural flow and slides are a bit limiting. In the end they’re more for me than they are for you. They keep me on track and guarantee that I don’t miss an important idea. These slides are essentially screenshots missing a ton of information given verbally and through live demo. In short: Please do not judge me based on these slides. They are here only because I promised them. I made them on a Saturday to show people for fun.
You can download the slides (PDF) here.
I haven’t updated this blog as regularly as I would have hoped. There’s a massive amount of digital forensic and information security blogs and I wasn’t quite sure how to differentiate mine. (Or if that was even possible.) Despite me being a generally private person I’m going to change the tone of this blog for 2017. Instead of holding out for rare updates I will post regularly – about once a month – and discuss not only what I am working on at the moment but also what is going on in my life. Last year was excellent for me on a personal level. I would like to share those things.
This month I will be presenting at the Tucson Computer Forensics and Information Security Meetup. If you can make it I would love to meet and see you there! I’ll go over what I found out about the Amazon Echo Dot that I was gifted. If you can’t attend check back here as I will post the information that I will discuss. Thanks!