A very basic explanation of incident response and digital forensics – Do as I say, not as I do
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ ~~
⚙️ Discover my series on Automation of cybersecurity measures | Coded.
🔒 Related Stories: Apple Mac Security | Internet Security | Data breaches
💻 Free content on Cybersecurity Jobs | ✉️ Register for Broadcast list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ ~~
Let me start by saying that this is not exactly the right way to do incident response and digital forensics. I could risk infecting my entire network and everything on it the way I’m doing it, but I have a pretty tight network.
And hey, I live my life on the edge. And in the cloud. Almost everything I have is in the cloud, so if I do something wrong on this laptop, I’ll just rebuild it. Which I plan to do anyway. Additionally, the particular item I’m looking for failed to connect.
I’ll also preface this article by saying that while I’m certified in incident response, digital forensics, and malware reverse engineering, I don’t go over all of these steps completely below. But I’ll explain how it would work and point you in the right direction.
This isn’t what I wanted to do for the last couple of days but since the ‘opportunity’ presented itself I thought I’d give it some thought.
The other thing is, when I faced my first breach when I had an e-commerce business, I was a Windows expert. I knew all the ins and outs of Windows and what services didn’t need to be running. Then I switched to Mac. Windows has changed and I’ve been so busy with other things that I don’t consider myself a Mac expert.
But this article will help you. I looked into a bunch of things and figured them out. There is still a lot to do but I have a lot more knowledge than when I started.
Along the way, you’ll get plenty of things that you can check on your own Mac if you’re using one to see if it’s been compromised or lock it down if it hasn’t.
I apologize in advance for the stream of consciousness as I’ve already spent too much time on this – and the typos. I’m not going to log back into my Google account right now to check the spelling. I’ll just…