Memory Forensics in Incident Response & Threat Hunting | Detecting Malware, Rootkits & Fileless Attacks

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/bd/3d/11/bd3d1187-8de1-88c5-199c-8c4f13ffa0ae/mza_16560012528869136015.jpg/600x600bb.jpg

Everyday Cyber

Alex Reid

11 episodes

1 week ago

Everyday Cyber is your weekly guide to mastering cybersecurity — from real-world threats to real career growth. Hosted by cybersecurity analyst Alex Reid, this podcast delivers clear, actionable insights for anyone looking to stay safe online and break into the cyber industry. Whether you're a beginner exploring the field, prepping for certifications like Security+, SC-200, or aiming to land your first SOC analyst role — Everyday Cyber has your back. Each episode covers: Breaking down phishing attacks, ransomware, and real-world threats Blue team strategies and

Technology

RSS

All content for Everyday Cyber is the property of Alex Reid and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44019277/44019277-1751810299545-229344e93dc64.jpg

Memory Forensics in Incident Response & Threat Hunting | Detecting Malware, Rootkits & Fileless Attacks | Ep. 6

Everyday Cyber

27 minutes

4 months ago

Memory Forensics in Incident Response & Threat Hunting | Detecting Malware, Rootkits & Fileless Attacks | Ep. 6

🧠 In Episode 6 of the Everyday Cyber Podcast, host Alex Reid explores the powerful role of memory forensics in both incident response and threat hunting. This episode breaks down the techniques and tools used to uncover hidden malware, detect rootkits, and investigate in-memory attack activity across compromised systems.

Whether you're working with live RAM captures or analyzing memory dumps post-incident, understanding these methods is essential for uncovering advanced adversaries and fileless threats.

🔍 What You’ll Learn in This Episode:

Core memory forensics concepts for incident responders
Using tools like Volatility, Velociraptor, and Memory Baseliner
Identifying code injection, process hollowing, DLL injection, and reflective loading
Detecting BYOVD attacks, rootkits (DKOM, SSDT, IDT hooks), and thread hijacking
Investigating suspicious memory regions, handles, VAD trees, and PE headers
Working with hiberfil.sys, pagefile.sys, .vmem, and .vmsn files
Understanding fileless malware and “living off the land” techniques
Using memory to trace attacker tools like Cobalt Strike, Emotet, and Poison Ivy
Crafting detection rules using YARA, and parsing strings with bstrings

If you're in digital forensics, blue teaming, or threat detection, this episode gives you actionable knowledge for using memory artifacts to expose what attackers try hardest to hide.

memory forensics

incident response podcast

threat hunting

cybersecurity podcast

code injection detection

volatility memory analysis

process hollowing

dll injection

BYOVD malware

rootkit analysis

fileless malware detection

DFIR podcast

malware investigation

advanced threat hunting

Velociraptor forensic tool

memory dump analysis

endpoint forensics

cobalt strike detection

memory artifacts analysis

digital forensics podcast