The DFIR Report
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: http://thedfirreport.com/services
🔎 What do you value most in a DFIR report? Detailed deep dives? Timely, concise summaries? Strategic insights? Something else? Vote in the poll and share your thoughts in the replies 👇
🚨 New: DFIR Labs Pro Tier is here! 🎯 Smarter investigations with: • 🧠 AI Timeline Builder (w/ IOCs + notes) • ⏱️ More lab time + extension credits • 📊 Analytics dashboard w/ tailored insights 🔗 Dive in: dfirlabs.thedfirreport.com/subscription-p…
🚨 New Interlock RAT variant spotted! Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). 🔎 thedfirreport.com/2025/07/14/kon… #DFIR #KongTuke #InterlockRAT #FileFix
This position is closing soon, don’t miss your chance to apply!
🔎 We're Hiring: Senior Security Analyst We're looking for a full-time Senior Security Analyst with a passion for dissecting intrusions and translating technical findings into actionable insights. Check out the full job description and apply here 👉 forms.office.com/r/87y8wAp3gA
📢DFIR Labs Enterprise Forensics Challenge📢 🔹 When: Aug 30, 2025 (14:00-18:00 UTC) 🔹 SIEM: Azure Log Analytics, Elastic, or Splunk 🔹 Teams: 2-3 analysts 🔹 Prizes: Top team wins! 🏆 Limited spots available. Register Now: dfirlabs.thedfirreport.com/dfirchallenge-…
🌟New report out today!🌟 Hide Your RDP: Password Spray Leads to RansomHub Deployment Analysis and reporting completed by @tas_kmanager, @iiamaleks and UC2 🔊Audio: Available on Spotify, Apple, YouTube and more! thedfirreport.com/2025/06/30/hid…
Classic #ransomhub execution baked into the encryptor itself. Check out the latest report here and learn how that exposed RDP on your network can trigger a massive ransomware attack. #dfir thedfirreport.com/2025/06/30/hid… @TheDFIRReport
🔎 We're Hiring: Senior Security Analyst We're looking for a full-time Senior Security Analyst with a passion for dissecting intrusions and translating technical findings into actionable insights. Check out the full job description and apply here 👉 forms.office.com/r/87y8wAp3gA
🎉New DFIR Discussions Episode🎉 🔊Available on Spotify, Apple, & YouTube! 🎙️ We dive into our latest public report with Randy Pargman, Jake Ouellette, Kostas T., and Mangatas Tondang. Check it out and let us know what you think! open.spotify.com/episode/1SKPWF…
⚔️Registration for the DFIR Labs Enterprise CTF is now LIVE! ⚔️ Assemble your elite SOC/IR team (up to 3 members) for a 4-hour competition to prove you're the best in the industry. Win prizes, bragging rights, and glory! 🏆 Register now! 👉form.jotform.com/251605321344245