PODCAST · technology
Reports
by The DFIR Report
The Digital Forensics and Incident Response (DFIR) Report. Real Intrusions by Real Attackers, The Truth Behind the Intrusion. A new report comes out every month! Read the rest of the reports at https://thedfirreport.com/.In addition to our publicly available reports, we provide a range of specialized services to meet your needs, such as private reports, Command and Control tracking, personalized mentoring, and access to an exclusive detection ruleset. Explore our comprehensive offerings on our Services page at https://thedfirreport.com/services/.
-
26
Apache MQ Exploit Leads to LockBit Ransomware
Report: https://thedfirreport.com/2026/02/23/apache-activemq-exploit-leads-to-lockbit-ransomware/Contact Us: https://thedfirreport.com/contact/
-
25
Cat's Got Your Files: Lynx Ransomware
Report: https://thedfirreport.com/2025/11/17/cats-got-your-files-lynx-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
24
From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
Report: https://thedfirreport.com/2025/09/29/from-a-single-click-how-lunar-spider-enabled-a-near-two-month-intrusionContact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
23
Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs
Report: https://thedfirreport.com/2025/09/08/blurring-the-lines-intrusion-shows-connection-with-three-major-ransomware-gangs/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
22
Hide Your RDP: Password Spray Leads to RansomHub Deployment
Report: https://thedfirreport.com/2025/06/30/hide-your-rdp-password-spray-leads-to-ransomhub-deploymentContact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
21
DFIR Discussions: Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
We dive into our latest public report with Randy Pargman, Jake Ouellette, Kostas T., and Mangatas Tondang.Report: https://thedfirreport.com/2025/05/19/another-confluence-bites-the-dust-falling-to-elpaco-team-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/Music by FASSounds from Pixabay
-
20
Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware
Report: https://thedfirreport.com/2025/05/19/another-confluence-bites-the-dust-falling-to-elpaco-team-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
19
Navigating Through The Fog
Report: https://thedfirreport.com/2025/04/28/navigating-through-the-fog/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
18
Fake Zoom Ends in BlackSuit Ransomware
Report: https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
17
Confluence Exploit Leads to LockBit Ransomware
Report: https://thedfirreport.com/2025/02/24/confluence-exploit-leads-to-lockbit-ransomwareContact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/
-
16
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Report: https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
15
DFIR Discussions: The Curious Case of an Egg-Cellent Resume
We discuss our latest report "The Curious Case of an Egg-Cellent Resume" Host: @Kostastsale Analysts: @_pete_0, Zach Stanford (aka @svch0st) Report: https://thedfirreport.com/2024/12/02/the-curious-case-of-an-egg-cellent-resume/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/ Music by FASSounds from Pixabay
-
14
The Curious Case of an Egg-Cellent Resume
Report: https://thedfirreport.com/2024/12/02/the-curious-case-of-an-egg-cellent-resume/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
13
Inside the Open Directory of the “You Dun” Threat Group
Report: https://thedfirreport.com/2024/10/28/inside-the-open-directory-of-the-you-dun-threat-group Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
12
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
Report: https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
11
BlackSuit Ransomware
Report: https://thedfirreport.com/2024/08/26/blacksuit-ransomware/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
10
Threat Actors' Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts
Report: https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
9
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
Report: https://thedfirreport.com/2024/06/10/icedid-brings-screenconnect-and-csharp-streamer-to-alphv-ransomware-deployment/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
8
DFIR Discussions: From IcedID to Dagon Locker Ransomware in 29 Days
We discuss our latest report "From IcedID to Dagon Locker Ransomware in 29 Days" Host: @Kostastsale Analysts: @r3nzsec & @angelo_violetti Special Guest: @nas_bench Report: https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/ Music by FASSounds from Pixabay
-
7
From IcedID to Dagon Locker Ransomware in 29 Days
Report: https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/
-
6
DFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 2
We discuss our latest report From OneNote to RansomNote: An Ice Cold Intrusion Host: @Kostastsale Analysts: @iiamaleks, @IrishD34TH, & @Miixxedup Special Guest: @techspence Feedback: https://forms.office.com/r/LR9NsEWYye Report: https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/ Music by FASSounds from Pixabay
-
5
DFIR Discussions: From OneNote to RansomNote: An Ice Cold Intrusion - Part 1
We discuss our latest report From OneNote to RansomNote: An Ice Cold Intrusion Host: @Kostastsale Analysts: @iiamaleks, @IrishD34TH, & @Miixxedup Special Guest: @techspence Report: https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/ Music by FASSounds from Pixabay
-
4
From OneNote to RansomNote: An Ice Cold Intrusion
Full Report - https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion Feedback: https://forms.office.com/r/YY6w3gwd6A
-
3
DFIR Discussions: SEO Poisoning to Domain Control: The Gootloader Saga Continues
Our first DFIR Discussions podcast on our latest report SEO Poisoning to Domain Control: The Gootloader Saga Continues Host: @Kostastsale Analysts: @_pete_0, @malforsec, & @r3nzsec Special Guest: @HackingLZ Feedback: https://forms.office.com/r/mK2Jp8vPXj Report: https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues/ Contact Us: https://thedfirreport.com/contact/ Services: https://thedfirreport.com/services/ Music by FASSounds from Pixabay
-
2
SEO Poisoning to Domain Control: The Gootloader Saga Continues
Report - https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues Provide feedback for a chance to win free swag - https://forms.office.com/r/MwZXkBrUNv
-
1
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
Report: https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/ Feedback: https://forms.office.com/r/pPajTA4Vwy
We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.
No matches for "" in this podcast's transcripts.
No topics indexed yet for this podcast.
Loading reviews...
ABOUT THIS SHOW
The Digital Forensics and Incident Response (DFIR) Report. Real Intrusions by Real Attackers, The Truth Behind the Intrusion. A new report comes out every month! Read the rest of the reports at https://thedfirreport.com/.In addition to our publicly available reports, we provide a range of specialized services to meet your needs, such as private reports, Command and Control tracking, personalized mentoring, and access to an exclusive detection ruleset. Explore our comprehensive offerings on our Services page at https://thedfirreport.com/services/.
HOSTED BY
The DFIR Report
CATEGORIES
Loading similar podcasts...
URL copied to clipboard!