DFIR Notes

@[email protected]
444 Followers
230 Following
7.4K Posts
design, build, teach threat-informed information security programs and techniques. Also: boosts of interesting classes, tools, research. (they/them)
Bloghttp://dfirnotes.net
Resource linkshttp://www.dfirnotes.net/about/
DFIR Notes2d ago
Gabriel Garrido2d ago

It's been a while since I posted here, and at this point all of my previous posts have auto-deleted. Might as well reintroduce myself.

I am Gabriel, and I am based in Costa Rica. I work as an independent software developer and systems administrator.

As of late, my computer interests lie in #selfhosting, #Linux, and #containers. I care a lot about #privacy and ownership of our data and devices.

I am also passionate about #permaculture, #reading, #cycling, #fermentation, and #synthesizers.

DFIR Notes2d ago
James DeanApr 30
Can the general you please stop assuming everyone uses Facebook and put your thing that you want to promote on an actual web site, with an address that at least has something to do with what that is? And no, Discord is also not the solution!
DFIR Notes2d ago
Show threadRaven6672d ago
@sten @darkuncle The old joke that _everyone_ has a testing environment, some are fortunate enough to have a separate Production environment :-)
DFIR Notes2d ago
Show threadChuck2d ago
@lcamtuf mumble, mumble, Chesterson's Fence, mumble, mumble
DFIR Notes2d ago
BSides Vancouver Island2d ago

Call for Papers is now open for BSides Vancouver Island!

We’re inviting speakers from across the community to share their ideas, research, and experiences. Whether you’re presenting something new, lessons learned, or insights from the field, we’d love to hear from you.

BSides Vancouver Island is built on collaboration and knowledge sharing—your voice is what makes it valuable.

Submit your talk here: https://www.bsidesvi.com/cfp

#CyberSecurity #Infosec #BSidesVI2026 #CallForPapers

DFIR Notes2d ago
Satoshi Kojima / 小嶋智5d ago

ねこはもちろんそのままねています

#cat #こじまささげ

DFIR Notes2d ago
Jimmy Wylie2d ago

My "Introduction to ICS Malware Analysis" workshop was accepted at the SANS ICS Security Summit.

You'll learn about ICS malware by analyzing samples modeled on FrostyGoop and CRASHOVERRIDE. No prior RE experience needed.

It's running twice: June 8 and June 10. Hope to see you there!

https://www.sans.org/cyber-security-training-events/ics-security-summit-2026#schedule

#ICS #malware

SANS ICS Security Summit & Training 2026

Obtain hands-on, practical skills from the world's best instructors by taking a SANS course at SANS ICS Security Summit 2026.

SANS Institute
DFIR Notes2d ago
vga2562d ago

https://minidisc.pics

#minidisc

DFIR Notes2d ago
lcamtuf   2d ago

The coreutils Rust rewrite story is pretty funny.

Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.

But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:

https://seclists.org/oss-sec/2026/q2/332

PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.

oss-sec: uutils coreutils CVEs

DFIR Notes2d ago
Elizabeth Ayer3d ago

Reminder: de-skilling as a trend in software engineering was already in progress well before LLMs.

Toxic productivity culture, people meeting badly-designed internal reward metrics, hopping jobs and never seeing the consequences of bad choices, plummeting quality, short-termism.

Sure LLMs add fuel to this fire, but I’m not at all convinced they’re causal.

If anything, their popularity seems more a consequence of the culture than cause.