Reports
By The DFIR Report
Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Image by The DFIR Report
Category: Technology
Open in Apple Podcasts
Open RSS feed
Open Website
Rate for this podcast
Subscribers: 2
Reviews: 0
Episodes: 25
Description
The Digital Forensics and Incident Response (DFIR) Report. Real Intrusions by Real Attackers, The Truth Behind the Intrusion.
A new report comes out every month! Read the rest of the reports at https://thedfirreport.com/.
In addition to our publicly available reports, we provide a range of specialized services to meet your needs, such as private reports, Command and Control tracking, personalized mentoring, and access to an exclusive detection ruleset. Explore our comprehensive offerings on our Services page at https://thedfirreport.com/services/.
| Episode | Date |
|---|---|
|
Cat's Got Your Files: Lynx Ransomware
|
Nov 17, 2025 |
|
From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
|
Sep 29, 2025 |
|
Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs
|
Sep 08, 2025 |
|
Hide Your RDP: Password Spray Leads to RansomHub Deployment
|
Jun 30, 2025 |
|
DFIR Discussions: Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
|
Jun 16, 2025 |
|
Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
|
May 19, 2025 |
|
Navigating Through The Fog
|
Apr 28, 2025 |
|
Fake Zoom Ends in BlackSuit Ransomware
|
Mar 31, 2025 |
|
Confluence Exploit Leads to LockBit Ransomware
|
Feb 24, 2025 |
|
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
|
Jan 27, 2025 |
|
DFIR Discussions: The Curious Case of an Egg-Cellent Resume
|
Jan 20, 2025 |
|
The Curious Case of an Egg-Cellent Resume
|
Dec 02, 2024 |
|
Inside the Open Directory of the “You Dun” Threat Group
|
Oct 28, 2024 |
|
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
|
Sep 30, 2024 |
|
BlackSuit Ransomware
|
Aug 26, 2024 |
|
Threat Actors' Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts
|
Aug 12, 2024 |
|
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
|
Jun 10, 2024 |
|
DFIR Discussions: From IcedID to Dagon Locker Ransomware in 29 Days
|
May 13, 2024 |
|
From IcedID to Dagon Locker Ransomware in 29 Days
|
Apr 29, 2024 |
|
DFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 2
|
Apr 15, 2024 |
|
DFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 1
|
Apr 09, 2024 |
|
From OneNote to RansomNote: An Ice Cold Intrusion
|
Apr 01, 2024 |
|
DFIR Discussions: SEO Poisoning to Domain Control: The Gootloader Saga Continues
|
Mar 11, 2024 |
|
SEO Poisoning to Domain Control: The Gootloader Saga Continues
|
Feb 26, 2024 |
|
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
|
Jan 29, 2024 |