When it comes to investigating cloud environments, having the right tools can save a lot of time and effort. Today, I’ll introduce two...

When conducting investigations, having access to Unified Audit Logs (UALs)  from Microsoft 365 (M365) environments is crucial. These logs...

When it comes to Software as a Service (SaaS), defenders heavily rely on the logs and information provided by the vendor . For Microsoft...

Cloud Providers in Focus: Microsoft and Amazon In today’s cloud market, Microsoft and Amazon are the two biggest players, with each...

Introduction: Cloud-Based Infrastructure and Its Forensic Challenges Large-scale investigations have a wide array of challenges. One...

macOS logging is built on a foundation similar to traditional Linux/Unix  systems, thanks to its BSD ancestry . While macOS generates a...

Let’s explore the common file system artifacts investigators need to check during incident response (IR). -------------------------------...

When investigating a macOS system, understanding its device information , user accounts , and network settings  is critical....

Understanding .plist Files (Property List Files) .plist files in macOS are like the registry  in Windows. They store important...

Early Apple Days Apple was established on April 1, 1976, and quickly made its mark with the Lisa  in the early 1980s , the first public...

Lateral movement is a crucial part of many cyberattacks, where attackers move from one system to another within a network, aiming to...

Introduction The  Program Compatibility Assistant (PCA)  is a feature introduced in Windows 11 designed to help detect and fix...

When using Process Explorer on a Windows system, understanding the behavior and characteristics of legitimate processes helps identify...

Endianness refers to the order in which bytes are arranged within larger data types, such as integers or floating-point numbers, when...

Securing Linux environments is a crucial task for defenders in the face of increasing cyber threats. Three primary strategies that can...

In digital forensics, it’s essential to follow the order of volatility to gather data effectively. The accepted standard, outlined in...

In the field of incident response (IR), logs play a critical role in uncovering how attackers infiltrated a system, what actions they...

When it comes to forensic investigations, Windows is often the primary focus. However, with the rise of Linux in server environments,...

When it comes to Linux, one of the things that sets it apart from other operating systems is the sheer variety of available filesystems....

------------------------------------------------------------------------------------------------------------ Attacking Linux: Initial...