Ryan "Chaps" Chapman
@rj_chap
DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.
You might like
It's that time folks!! Our @sansforensics #Ransomware and #CyberExtortion poster is officially out! Want to learn more about how to prevent, detect, and hunt for ransomware actors? Grab the poster! #RansomwareSucks #for528
NEW | @SANSInstitute #DFIR Poster by @4enzikat0r & @rj_chap #Ransomware & #CyberExtortion poster provides an overview of the ransomware business ecosystem & with key points related to each of the major phases of a typical extortion attack Download now! sans.org/u/1uCq
In a truly brilliant move, employees from DigitalMint and Sygnia, responsible for handling ransomware negotiations, were indicted for performing ransomware attacks under ALPHV ransomware group. - Kevin Tyler Martin, ransomware negotiator from DigitalMint - Ryan Clifford…
You got access to vsphere and want to compromise the Windows hosts running on that ESX? 💡 1) Create a clone into a new template of the target VM 2) Download the VMDK file of the template from the storage 3) Parse it with Volumiser, extract SAM/SYSTEM/SECURITY (1/3)
Been pondering taking our @sansforensics | @SANSInstitute FOR528: #Ransomware and #CyberExtortion course? Now is the time! You'll learn about RW prevention, detection, and response, with a heavy emphasis on hands-on response training. Labs include all real-world commands. W00t!
Ransomware isn’t slowing down — and neither is the need for trained responders. #FOR528: #Ransomware & #CyberExtortion™ has updated pricing to make this critical ransomware response training accessible to more practitioners. Register: sans.org/u/1Db4 @rj_chap
🛠️ In this blog @rj_chap explores the difference preparation makes when #Ransomware strikes, outlining tactical steps for improving detection and response using the tools you already have. Read the blog → sans.org/u/1D98 #OpenSource #DFIR
🚨 In case you didn't know @rj_chap & @maridegrazia host a monthly show discussing the latest #Ransomware threats that you need to know about! The Stay Ahead of Ransomware livestream airs the 1st Tuesday of each month. 🎥 Check out past episodes here: buff.ly/uh09lQe
Did you grow up on using a Mac? We'll see... -- Do you remember Connectix RAM Doubler? apple.fandom.com/wiki/RAM_Doubl… The memories...
CactusCon happens every year thanks to great people, talks, and sponsors. We are happy to welcome back the @eff as a community sponsor! You know love them as one of the leading voices in digital liberty advocacy and we are so thankful for them returning year after year. #cc14
Join us TODAY folks! See you soon!
🤔 What’s the 1st thing you should do when #Ransomware hits? It’s not always obvious & making the wrong move can be costly. @rj_chap & @maridegrazia welcome Eric Taylor to talk through the good, the bad, & the ugly of containment. ⏰ Set your reminder: buff.ly/uMIcp6Z
Active Directory hardening is free…outside of your time. Overall - PingCastle Passwords - FGPP, LAPS, Lithnet Permissions - ADeleg/ADeleginator Applocker - Applocker Inspector/Applocker gen ADCS - Locksmith Logon scripts - ScriptSentry GPO - GPOZaurr Baselines - CIS/Microsoft…
If you hold CTRL, then it will pause Task Manager so the processes don't move around when you're sorted by resource usage
Join us!!
😬 #Ransomware doesn’t knock, it kicks the door down 🔥 Join @rj_chap, @maridegrazia & guest Eric Taylor as they unpack ransomware containment, rapid response, & the technical steps you need to minimize damage. ⏰ Set your reminder: buff.ly/O0fivpt #DFIR #Cybersecurity
Big news! Someone finally noticed that if you hold down CTRL, the process list in Task Manager conveniently freezes so you can select rows without them jumping around. I did this so you could sort by CPU and other dynamic columns but then still be able to click stuff...
🌴 Join @EricRZimmerman at #DFIRCON for Mastering Investigations with #EZTools. You'll explore tools like KAPE, RECmd, & ShellBags Explorer to take your skills to the next level. 🔗 Learn more about DFIRCON & Community Learning Day: sans.org/u/1CRS 🚨 In-person only
Sigh. Another one.
If you're interested by an alternative way to dump domain users' NT hashes and TGT without touching LSASS, take a look at the new Masky tool :) Everything is explained in this article: z4ksec.github.io/posts/masky-re… Thanks @harmj0y, @tifkin_ and @ly4k_ for their amazing work on ADCS!
📣 Nominations close this Monday at 11:59 p.m. EDT (UTC-4) for #SANSDMA 2025! Don't miss this chance to shine a light on the #cybersecurity practitioners who are making breakthroughs every day in advancing security. ➡️ Nominate Now: sansurl.com/dma-nominate
Say hello to the most recent @sansforensics FOR610: Reverse Engineering Malware "Lethal Forensicator" challenge coin winners! This group performed wonderfully and secured coins on behalf of the Kingdom! Great job all!
Don't sleep on this man!! HIGHLY experienced. :)
🚨 Open to work — AI Security/ red team / adversary sim 8+ yrs in offensive sec, ex-Cobalt Strike, SANS instructor (12 w/y) Looking for flexible, senior/principal roles w/ impact > hours DMs open or connect via: linkedin.com/in/jean-franco…
Go go go!
🥳 IT BEGINS 🥳 The CactusCon 14 CFP is now OPEN! sessionize.com/cactuscon-14/ Theme is an oldie but a goodie, regardless as usual we are looking for those juicy technical talks that make CactusCon great. #cc14
Fantastic con for your next talk. Check it out!
Can you feel it in the air? That strange pull to dive a deeper into that awesome thing... and the call of an audience hungry for your hard-earned insights. That's right, the CactusCon 14 CFP will open on SEPTEMBER 6TH. We'll share all the links and deadlines on Saturday!
![punk_ab's profile picture. recu[recu[recu[recu[recu[recu[r]se]se]se]se]se]se](https://pbs.twimg.com/profile_images/1475270171/skypeearl.jpg)
United States Trends
- 1. #StrangerThings5 274K posts
- 2. Thanksgiving 699K posts
- 3. BYERS 64K posts
- 4. robin 98.6K posts
- 5. Afghan 306K posts
- 6. Dustin 77.3K posts
- 7. Reed Sheppard 6,487 posts
- 8. Holly 67.2K posts
- 9. Vecna 63.7K posts
- 10. Podz 4,930 posts
- 11. Jonathan 75.2K posts
- 12. hopper 16.6K posts
- 13. Erica 18.7K posts
- 14. Lucas 84.3K posts
- 15. noah schnapp 9,167 posts
- 16. National Guard 682K posts
- 17. mike wheeler 10K posts
- 18. Nancy 69.3K posts
- 19. derek 20.5K posts
- 20. Tini 10.3K posts
You might like
-
Steve YARA Synapse Miller
@stvemillertime -
Olaf Hartong
@olafhartong -
Sarah Edwards 👩🏻💻🐈⬛
@iamevltwin -
Eric Capuano - Bsky: @eric.zip
@eric_capuano -
Thomas Roccia 🤘
@fr0gger_ -
Tony Lambert
@ForensicITGuy -
Christopher Glyer
@cglyer -
Roberto Rodriguez 🇵🇪
@Cyb3rWard0g -
Kostas
@Kostastsale -
Chris Sanders 🔎 🧠
@chrissanders88 -
Josh Stroschein | The Cyber Yeti
@jstrosch -
Phill Moore
@phillmoore -
DFIR Diva
@DfirDiva -
Paul Melson
@pmelson -
Jai Minton
@CyberRaiju
Something went wrong.
Something went wrong.