🤨
Has $8
| Blog | https://jtsylve.blog |
| https://www.linkedin.com/in/jtsylve/ |
Joe Sylve 
- 143 Followers
- 32 Following
- 86 Posts
Independent Digital Forensics and Cyber Security Researcher
Has $8
Has $8
@codeslack I just brought this problem up to our team a few weeks back. I have a lot of thoughts on this problem. Give me some time after work to write them down.
@hal_pomeranz Congratulations! This Toot must now be released open source and released under the Volatility 3 license.
@THORp @hal_pomeranz @attrc Unfortunately, most infosec work in the city is remote, but depending on the type of work, I'm happy to introduce you to anyone I can think of. Happy to meet up for drinks once you arrive.
Full Disclosure: The city is going through a "moment," and it sometimes feels like the Hunger Games. It doesn't sound like you have much choice in the matter, but I've lived here my whole life, and this is the first time I've considered moving.
Volexity 
This is a great synopsis from Objective-See of The Mac Malware of 2022. It was certainly a productive year for #macOS #malware analysts & researchers. Thank you for including our #GIMMICK malware analysis + IOCs! #dfir #threatintel
My 2022 #DFIR APFS Advent Challenge has ended.
Throughout the month, I wrote around 20 APFS-related posts and donated $500 to humanitarian aid for Ukraine.
It was a challenging and rewarding process.
https://jtsylve.blog/post/2022/12/30/Challenge-Retrospective
2022 APFS Advent Challenge Day 22 - Retrospective
As 2022 ends, so does my APFS Advent Challenge. Deciding at the last minute to write this series of blogs turned out to be even more challenging than expected. Life tends to find a way to complicate things, and December was no exception for me this year. I am glad I stuck with the challenge and hope that the information provided in the series was of some value to you.
My 2022 #DFIR APFS Advent Challenge has ended.
Throughout the month, I wrote around 20 APFS-related posts and donated $500 to humanitarian aid for Ukraine.
It was a challenging and rewarding process.
https://jtsylve.blog/post/2022/12/30/Challenge-Retrospective
2022 APFS Advent Challenge Day 22 - Retrospective
As 2022 ends, so does my APFS Advent Challenge. Deciding at the last minute to write this series of blogs turned out to be even more challenging than expected. Life tends to find a way to complicate things, and December was no exception for me this year. I am glad I stuck with the challenge and hope that the information provided in the series was of some value to you.
@xabean I understand that it could certainly make sense or shared or business accounts, but reporting things like this seems to make security worse for non-technical users. I have TFA on those accounts, but I'm not storing the tokens in the same database as the credentials (otherwise what's the point for a personal vault?).
1password is encouraging me to store my one-time password seeds in their vault. It seems to me that storing this information along with the credentials defeats the entire purpose of the second factor.
You can learn more about APFS Fusion Containers in the day 21 post of my #DFIR APFS Advent Challenge.
Only one more post to go!
2022 APFS Advent Challenge Day 21 - Fusion Containers
As we discussed in an earlier post, Apple’s Fusion Drives combine the storage capacity of a hard disk drive (HDD) with the faster access speed of a solid state drive (SSD). The HDD is the primary storage device, and the SSD acts as a cache for recently accessed data. However, the Fusion Drive does not have built-in caching logic, and the operating system treats the two drives as separate storage devices. Apple created Core Storage to support the desired caching capabilities and the ability to pool the storage of each device into a single logical volume. APFS removes the need for Core Storage by having first-class support for this tiered storage model. This post will go into more detail about APFS Fusion Containers.