Month: April 2023
-
Idea List for Lost or Stolen Corporate Computers
Before implementing any monitoring or recording methods, consult with legal experts, as these practices may be illegal or unethical in some jurisdictions, potentially violating privacy laws and individuals’ rights. Intro Although the primary emphasis here addresses a lost or stolen corporate computer with some type of backdoor into the machine (EDR or otherwise), some of […]
-
Modifying User and System Shell Folder Paths: Collecting Evidence
Intro User and System Shell folders are a bunch of folders in Windows used to store a lot of the user’s personal data and settings. You most likely know these as Desktop, Start Menu, My Documents, and Startup folders. There are many others but those are some of the most popular. These locations are also […]
-
Registry Run Keys: Maintaining Persistence
Intro Want to start Outlook on login? Easy. Start malware on login…even in safe mode? Just as easy. Registry run keys in Windows help start programs, scripts, or commands when your computer boots up or when you log in. They make managing apps and services easier when it comes to IT management or enhancing the […]