))
Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
…
continue reading
Are you an Orthodontist wondering how to grow your practice in this fast-paced, competitive marketplace that seems to be changing every day? The Golden Age of Orthodontics, formerly The Survival Guide for Orthodontists podcast, is dedicated to making you the authority in orthodontics to prospective new patients in your community. Dr. Leon Klempner and Amy Epstein, co-founders of People & Practice, know the business of orthodontics. They bring you insights, tips and guest interviews focused o ...
…
continue reading
Rootkits are hard to detect because they employ advanced stealth techniques to hide their presence. They can conceal processes, files, and network activities by altering system calls and kernel data structures. The deep system knowledge and specialized tools required for low-level analysis make rootkit detection complex and resource-intensive. Limi…
…
continue reading
In previous episodes, we covered techniques for examining the Windows Registry, a critical component in identifying persistence mechanisms. We'll explore the registry but shift our focus to registry modification events as reported by Windows event logs
…
continue reading
1
Practice Embezzlement, What You Need to Know with Financial Forensic CPA David Harris
34:12
34:12
Play later
Play later
Lists
Like
Liked
34:12
Welcome to the Golden Age of Orthodontics with Dr. Leon Klempner and co-host Amy Epstein. In this episode, we dive into a crucial yet often overlooked issue in dental and orthodontic practices—embezzlement. Today’s guest is David Harris, CEO of Prosperident, the world’s largest firm investigating financial crimes committed against dentists, who sha…
…
continue reading
Bash history's forensic value lies in its ability to answer diverse investigative questions, making it a cornerstone artifact for Linux systems. It aids in triaging lateral movement, identifying reconnaissance activities, and detecting attempts at establishing persistence. This underscores the importance of structuring triage tasks around specific …
…
continue reading
The UserAssist key is a Windows Registry artifact that logs details about user activity, such as recently accessed programs and files. It encodes information on the frequency and last access time of items launched via Windows Explorer. This helps investigators understand user behavior and timeline of actions on a system, providing evidence of progr…
…
continue reading
Every incident response outfit should have a set of guidelines for their team which outlines the standard actions or common considerations for security investigations. In this episode, I highlight some of the key points for security teams with a special focus on initial actions which typically set the tone for success during the subsequent investig…
…
continue reading
1
Harnessing the Entrepreneurial Spirit with Dr. Chris Cetta
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50
Welcome to the Golden Age of Orthodontics with Dr. Leon Klempner and co-host Amy Epstein. In today's episode, we're excited to visit with a dear friend, Dr. Chris Cetta, the co-inventor of the precision aligner button and host of the Illuminate Orthodontic Podcast. Dr. Cetta will share the story behind licensing the precision aligner button and off…
…
continue reading
Understanding the different types of databases is important for security incident response investigations, as databases are often targeted by attackers seeking sensitive information. Each database type—relational, NoSQL, in-memory, and cloud-based—has unique structures, query languages, and security mechanisms. Familiarity with these variations ena…
…
continue reading
CIS (Center for Internet Security) Benchmarks provide a comprehensive set of best practices for securing IT systems and data, which are vital for security response investigations. These benchmarks, developed through a consensus-driven process by cybersecurity experts, offer detailed guidelines for configuring operating systems, applications, and ne…
…
continue reading
Business Email Compromise (BEC) forensics involves the meticulous investigation of cyberattacks where attackers infiltrate email systems to manipulate business communications for financial gain. These attacks often entail phishing, social engineering, and credential theft to impersonate trusted entities within or outside an organization. Forensic a…
…
continue reading
Remote Desktop Protocol (RDP) is a crucial artifact in digital forensics due to its extensive use for remote system access. Analyzing RDP activities can uncover vital information about unauthorized access, insider threats, and attacker lateral movement within a network. Forensic examination of RDP logs enables investigators to trace an attacker's s…
…
continue reading
This week, I will be discussing the Linux operating system from a DFIR perspective. It is highly recommended for every examiner to become proficient in Linux, especially with the increasing prevalence of cloud-based infrastructures in enterprise environments. As these platforms become the norm, you can expect to encounter Linux systems frequently d…
…
continue reading
1
Analyzing Ortho Practice Software with April Lowry from PracticeTek
40:44
40:44
Play later
Play later
Lists
Like
Liked
40:44
Welcome to the Golden Age of Orthodontics, where innovation meets expertise. Join host Dr. Leon Klempner and co-host Amy Epstein as they delve into the cutting-edge advancements shaping the world of orthodontics. In today's episode, we're excited to welcome April Lowry, the Director of Product at Aura and Dental Product Management at PracticeTek. A…
…
continue reading
In Windows forensics, understanding the intricacies of autorun functionalities and the Windows Registry is essential for effective incident response and investigation. Autorun mechanisms, which allow programs to execute automatically when the system starts or specific actions are performed, can be exploited by malicious actors to persist on a syste…
…
continue reading
The JOHARI methodology simply provides a structure for something that you're probably already doing. However, with the structure comes a standard, which is the benefit to any security team. The team should be speaking the same language, especially in fast moving, dynamic situations. Going into a situation and asking for the "known – knowns” and “Bl…
…
continue reading
Threat actors often exploit PowerShell in cyber attacks due to its capabilities and integration with Windows operating systems. Microsoft has cited powershell as one of the most commonly used tools in the attack chain. It also comes up in phishing campaigns and other attacks that include infecting URL links. The challenge lies in the fact that it i…
…
continue reading
The Windows registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as for applications running on the platform. In order to make use of any of this information, you must understand the registry from a DFIR point…
…
continue reading
1
LightForce Orthodontics, Creating the Digital Practice of the Future with Kelly Riedel, COO
30:44
30:44
Play later
Play later
Lists
Like
Liked
30:44
Welcome to the Golden Age of Orthodontics, where we dive into the future of orthodontic care. Today, we're excited to have Kelly Riedel, the CEO of LightForce Orthodontics, as our special guest. Join us as we explore how LightForce is reshaping the industry with its revolutionary custom bracket technology. Imagine measuring and enhancing your proto…
…
continue reading
On a Linux or Mac system, there can be user accounts that have the ability of privilege escalation. Knowing how to triage, for this has a twofold benefit: (1) you obviously want to know which account may elevate to route privileges. If you're doing account triage, these are the ones you should prioritize. The other benefit (2) is to identify any ac…
…
continue reading
TCP control bits are part of the TCP header and are used to manage the connection between two devices. These control bits are single-bit flags that indicate various aspects of the TCP connection and are important for understanding and analyzing network traffic...
…
continue reading
