I’m looking to hire a Principal Threat Intelligence Analyst here at @huntress . You’ll get to build a new program focused on the small business space (those that fall below the cybersecurity poverty line). Please feel free to reach out to me if you have questions or think you might be a good fit:
As a manager you should be open to constructive criticism just as you expect ICs to be. Expecting to only broadcast your criticisms while remaining beyond reproach is setting everyone including yourself up for failure. Take the time to listen.
In light of all the news about qakbot being dismantled, it’s time to let people know about something we did at @huntress : @JohnHammond discusses the qakbot “vaccine” we used to prevent the spread of qakbot in our customer base:
This shit is why people stop contributing to open source and releasing open source projects: predatory companies taking open source projects and calling them their own with little or not contributions back. It burns innovation and demoralizes creators who keep pushing the needle.
As hard as it is for people to break into infosec, people often release open source projects to prove their worth. This kind of shit can ruin that spirit. As a long time member of the #DFIR open source community, I feel like I need to call BS where I see it. Companies must be held accountable and should abide by licensing and contribute back as warrented by said licensing. I hope to see some contributions and good faith back to https://cipp.app/
I am happy to announce that I will be giving a training at @defcon this summer on Windows Memory Forensics!
This class demonstrates the importance of including Volatile memory in your investigations by covering several attack methodologies that we’ve seen in the field. It also includes an overview of the most widely used memory forensics tool, Volatility, by one of its developers.
Students will leave the class with the ability to investigate modern malware techniques, and quickly answer questions posed in DFIR investigations and help get to root cause of an attack.