How-To Incident Response Malware Tools
Filtering with Process Monitor
For anyone performing dynamic (live) analysis of malware, an essential tool to have at hand is Windows Sysinternal’s Process Monitor. So why…
Category: Incident Response
How-To Incident Response
Gone Phishin’
No, not the band. And yes, I did spell it right. I’m talking about phishing emails. I’m sure everyone’s come across at…
Incident Response Malware News
Mandiant’s APT1 Report – Real or Fake?
Anyone in the malware/forensic/security industry has probably heard about the report released by Mandiant titled APT1: Exposing One of China’s…
How-To Incident Response Malware Tools
Malicious PDF Triage
Today was the first time I was able to analyze malicious PDFs. I previously knew nothing about how to treat…