Filter
Exclude
Time range
-
Near
CTFRoom @CTF_Room
Feb 18
Memory forensics analyzes live system RAM to uncover running malware, injected code, and active network connections — threats that never touch disk. Delete the file. Encrypt the disk. RAM still exposes the attack. #MemoryForensics #DigitalForensics #DFIR #MalwareAnalysis #IncidentResponse #ThreatHunting #CyberSecurity #BlueTeam #LiveResponse #CTFROOM #CyberTraining #InfoSecCommunity
2
95
Pete Finnigan @petefinnigan
20 Nov 2025
"This means placing the evidence in time line and assessing if its relevant to the investigation and what part does it play and what other evidence must be gathered or sought." - petefinnigan.com/weblog/arch… #oracleace #security #gdpr #liveresponse #databreach
2
86
Pete Finnigan @petefinnigan
19 Nov 2025
"The final part of a breach response and analysis is the process of actual forensic analysis of a breach that has occurred in the Oracle database." - petefinnigan.com/weblog/arch… #oracleace #security #gdpr #liveresponse #databreach
2
117
Pete Finnigan @petefinnigan
4 Nov 2025
"This is a huge subject that cannot be done detailed justice here as a blog BUT lets dive in and discuss the high level points of investigating a breach of an Oracle database." - petefinnigan.com/weblog/arch… #oracleace #security #forensics #liveresponse
1
4
90
Pete Finnigan @petefinnigan
14 Aug 2025
"We cover laws like GDPR and the hefty fines that can happen if personal data is stolen. These elements confirm why we must protect Oracle databases and why the data is an easy target now for thieves." - petefinnigan.com/weblog/arch… #oracleace #liveresponse #datasecurity
2
100
Pete Finnigan @petefinnigan
13 Aug 2025
"Data is growing faster than anything and we manage data in Oracle databases and that data is now valuable so becomes a target for theft or damage." - petefinnigan.com/weblog/arch… #oracleace #liveresponse #datasecurity
2
3
149
Pete Finnigan @petefinnigan
12 Aug 2025
"This talk discusses how you should respond if you think that your database has been breached or if you unfortunately know that you really have been breached." - petefinnigan.com/weblog/arch… #oracleace #liveresponse #datasecurity
3
105
Pete Finnigan @petefinnigan
11 Aug 2025
What Should you do if your Oracle Database is Hacked? - petefinnigan.com/weblog/arch… - #oracleace #liveresponse #datasecurity
2
87
Cybertherapy @Cyb3r_Th3r4py
29 Jul 2025
It’s Tool Tuesday! In volatile memory, every second counts. Here’s how I used Magnet Comae Toolkit (DumpIt) to capture a full memory dump in seconds — before critical evidence vanished forever. #DFIR #MemoryForensics #ToolTuesday #MagnetForensics #LiveResponse
0:41
2
88
Pete Finnigan @petefinnigan
24 Jul 2025
"Perform forensic analysis: This is to try and establish the why, how, when and who of the attack in a time line and the data checksummed to prove the validity of the data as it was extracted..." - petefinnigan.com/weblog/arch… #oracleace #sym_42 #oracle #forensics #liveresponse
3
80
Pete Finnigan @petefinnigan
22 Jul 2025
"Manage the breach: Properly assess if a breach was reported and most likely occurred and then manage it via a dedicated process and ideally team." - petefinnigan.com/weblog/arch… #oracleace #sym_42 #oracle #forensics #liveresponse
2
98
Pete Finnigan @petefinnigan
21 Jul 2025
"If you become the latest victim of a data hack and your Oracle database is compromised then what do you do?" - petefinnigan.com/weblog/arch… #oracleace #sym_42 #oracle #forensics #liveresponse
4
122
JITA
 @ff_0000_ff
5 Jun 2025
MDEのLiveResponseを固定ツイートにしているのだが、この使い方は考えもしなかった。セッション貼ってるデバイスをAPIで取得し、一斉にコマンド実行したりしている github.com/AttacktheSOC/Azur…

Azure-SecOps/API/Defender/Invoke-MDELiveResponseBulk.ps1 at main · AttacktheSOC/Azure-SecOps

Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc) - AttacktheSOC/Azure-SecOps

github.com
国井 傑@Microsoft 365トレーナー
 @kuniisuguru
3 Jun 2025
MDEでLive Responseの操作にPowerShellを利用するスクリプト セッション一覧の表示、セッションのキャンセル、複数デバイスに対するスクリプトの一括実行が可能 特にスクリプトの一括実行ができるならウイルススキャンの全台一括実行みたいな操作ができる github.com/AttacktheSOC/Azur…
13
1,463
Pete Finnigan @petefinnigan
19 Dec 2024
These are the MS PPT slides and a short blog introducing my second talk from the UKOUG conference. This is about how to respond to a data breach - petefinnigan.com/weblog/arch… - #oracleace #sym_42 #oracle #forensics #databreach #liveresponse #datasecurity
4
161
Pete Finnigan @petefinnigan
6 Nov 2024
How would you respond to a data breach of an Oracle database - petefinnigan.com/weblog/arch… - #oracleace #sym_42 #oracle #forensics #liveresponse #databreach #security #forensicanalysis #forensics #hacking #datasecurity
3
287
todkm IT系
 @todkm
29 Oct 2024
Defender for Endpoint(MDE)のLiveResponseがMDEにサインインしているアカウントの権限ではなく、デバイスのローカル管理者権限で動いているという学びを得た。まあ当たり前か
1
4
230
Pete Finnigan @petefinnigan
19 Sep 2024
What to do when you have a database breach and other updates - petefinnigan.com/weblog/arch… - #oracleace #ukoug #sym_42 #oracle #database #security #data #breach #hacked #hacking #forensics #liveresponse #breachresponse #seo #brokenlinks
4
221
D8c @D8c_au
1 Feb 2024
Replying to @techspence
Do I still have WEF/syslog working? Is it just the outbound event forwarding to my EDR? (Maybe I am still able to run actions via say LiveResponse in MDE). These would be my immediate checks
1
2
1,533
Pete Finnigan @petefinnigan
23 Jan 2024
If your Oracle database is breached then what should you do? - I have written a new blog post highlighting the key actions to take next - petefinnigan.com/weblog/arch… - #oracleace #sym_42 #oracle #databreach #security #forensics #liveresponse #hacked #audittrail #audit
1
5
14
2,450
Pete Finnigan @petefinnigan
11 Dec 2023
If your Oracle database is breached and you have no audit trails can you still find out what happened? - new blog post on Forensics and gaps - petefinnigan.com/weblog/arch… - #oracleace #sym_42 #oracle #database #security #forensics #liveresponse #databreach
1
5
16
1,503
Load more