Lightnews — Scholar-powered news

Jim Clausing @jclausing.bsky.social · 15d

2 more days to get the early-bird discount for one of my all-time favorite conferences, #SANS #DFIRCON in Miami in Nov. There are a bunch of hands-on workshops on Sun, 16 Nov, lots of evening events during the week #FOR577 my last in 2025. Reg here: www.sans.org/cyber-securi...

2 1

Jim Clausing @jclausing.bsky.social · Apr 29

Linux touches every part of our networks. Our routers, switches, and firewalls likely run some flavor of Linux or Unix. Join me in London in July for the newly updated #SANS #FOR577 where we'll learn how to investigate attacks on Linux systems. www.sans.org/cyber-securi...

Reposted by Jim Clausing

SANS.edu Internet Storm Center @sansisc.bsky.social · Feb 21

Tool update: sigs.py - added check mode https://isc.sans.edu/diary/31706

1 4

Reposted by Jim Clausing

SANS.edu Internet Storm Center @sansisc.bsky.social · Feb 24

SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns;
https://isc.sans.edu/podcastdetail/9336

2 2

Reposted by Jim Clausing

SANS.edu Internet Storm Center @sansisc.bsky.social · Feb 24

Unfurl v2025.02 released https://isc.sans.edu/diary/31716

1 2

Jim Clausing @jclausing.bsky.social · Feb 14

Join me in one of my favorite places for the updated FOR577. Now, with more BTRFS, more rootkits, and more Linux attacks. #FOR577 #SANSSecWest

1 2

Reposted by Jim Clausing

SANS.edu Internet Storm Center @sansisc.bsky.social · Jan 18

New tool: immutable.py https://isc.sans.edu/diary/31598

1 3

Jim Clausing @jclausing.bsky.social · Jan 18

I just posted a Handler's Diary, I've released a python script to find Linux files with the immutable bit set. #FOR577 @sansisc.bsky.social #SANSDFIR isc.sans.edu/diary/New+to...

New tool: immutable.py - SANS Internet Storm Center

New tool: immutable.py, Author: Jim Clausing

isc.sans.edu

1

Jim Clausing @jclausing.bsky.social · Jan 4

Is that even a question? Of course, he does

1

Reposted by Jim Clausing

Alexis Brignoni🪫 @abrignoni.com · Nov 30

And Google.
#DigitalForensics #MobileForensics #DFIR #Code

1 8

Reposted by Jim Clausing

daniel roooooohhh 👻 @danielroe.dev · Nov 23

if you have a @github.com profile, can i ask you to update it with your @bsky.app handle? 🙏

👉 it enables some very cool integrations, like auto curated feeds and starter packs for contributors and tech

84 210 1K

Jim Clausing @jclausing.bsky.social · Nov 23

Congrats to Tyler and Zachary for an outstanding job in the day 6 challenge

1

Reposted by Jim Clausing

Ryan Benson @hindsig.ht · Nov 21

Since I'm trying out #Bluesky, I figured I should add in support for it in Unfurl!

The v2024.11.20 release has some minor updates, but the biggest feature is the ability to parse a timestamp from Bluesky post IDs (or atproto TIDs).

Example: dfir.blog/unfurl/?url=...

Give it a try at unfurl.link!

12 26

Reposted by Jim Clausing

Cedric Pernet @cedricpernet.bsky.social · Nov 23

Awesome research ! - The Nearest Neighbor Attack: How A Russian #APT Weaponized Nearby Wi-Fi Networks for Covert Access - @volexity.com - www.volexity.com/blog/2024/11... #cyberespionage

2 5 13

Jim Clausing @jclausing.bsky.social · Nov 23

Time to find the newest Lethal Forensicators #SANS #FOR610

2 4

Reposted by Jim Clausing

Coates is Odd This Day @oddthisday.bsky.social · Feb 20

Daughter tells me she heard today that if you wear a band T-shirt (especially as a young woman) and a man says to you “name five of their songs”, the correct response is “name five women who trust you”, so I pass this on in case any of you need it

76 2.4K 6.5K

Jim Clausing @jclausing.bsky.social · Dec 25

So, I was considering the cost of #12DaysOfChrostmas gifts from #truelove and was wondering do I need to include 12 pear trees or can she just use the 2 we already have?

1

Jim Clausing @jclausing.bsky.social · Oct 29

Join me for one of the last opportunities to take #SANS #FOR610 this year in virtual Phoenix/Tempe. #malware #malwareanalysis www.sans.org/cyber-securi...

SANS Phoenix 2023 | Cyber Security Training

SANS Phoenix 2023 (Dec 4-9) offers hands-on cybersecurity training taught by top industry practitioners. Attend Live Online or in Tempe, TX.

www.sans.org

Jim Clausing @jclausing.bsky.social · Oct 21

Another great class and 2 more brand new lethal forensicators! Congratulations Takuya and Ryo! #SANS #FOR610 #malware

Jim Clausing @jclausing.bsky.social · Oct 5

I dropped a quick little tool today after some discussion on class today of the /proc filesystem and network connections #dfir #for577 isc.sans.edu/diary/New%20...

New tool: le-hex-to-ip.py - SANS Internet Storm Center

New tool: le-hex-to-ip.py, Author: Jim Clausing

isc.sans.edu

1

Jim Clausing @jclausing.bsky.social · Jul 27

Interested in learning #malware analysis Down Under? Join me as we bring SANS #FOR610 back to Syney in September

Jim Clausing @jclausing.bsky.social · Jul 15

And here they are, congrats cow, Howard, and TerryTubby

Jim Clausing @jclausing.bsky.social · Jul 15

Time to crown some new REM Masters in Singapore. Who will they be?

1 6