Phill Moore
@phillmoore
Followers
9K
Following
7K
Media
415
Statuses
7K
This Week in 4n6 // ThinkDFIR https://t.co/vLyL2sgQsy I might not know much, but I do know how to Google Tweets are mine
Sydney, Australia
Joined March 2009
A question about arbitrary values in USB registry keys #DFIR
https://t.co/bXK7TwG0lM
thinkdfir.com
I was recently teaching the SANS FOR500 Windows Forensic Analysis class in Canberra and I was asked a question about how we track the connection times for USB devices in the registry: My answer at …
1
5
20
Day 6 about to kick off for my last #FOR500 class for the year. 5 students will be crowned as new lethal forensicators!
1
1
13
If you're in Tokyo make sure to drop in on Friday and learn about how to examine an encrypted virtual disk!
🔥Community Nightのお知らせ 9月12日にCommunity Nightを開催します! SANSのPhill Mooreが「暗号化されたディスクの襲撃者」と題して講演します。インシデント解決に不可欠な一連のフォレンジック証拠を、手動と自動の両方の手法を用いて回復した方法を説明します。 詳細: https://t.co/GjQhxqTILJ
0
1
7
🚨 Your Cloud DFIR Desk Mat is here! A first-ever poster mapping MITRE ATT&CK to key AWS, Azure & GCP log sources and API events. 📥 Get your copy: https://t.co/8q8UyYFiMO
1
4
32