TLP - The Digital Forensics Podcast

EXPLORE

Society & Culture

Health & Fitness

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/5f/40/2d/5f402dae-631d-0daa-c5ac-48beb42a91a5/mza_5840948738012182289.jpg/600x600bb.jpg

TLP - The Digital Forensics Podcast

Clint Marsden

25 episodes

1 month ago

Send us a text Voice AI is moving fast — but so are the attackers. In this episode of the Traffic Light Protocol Podcast, Clint and Myles break down how scammers are exploiting Voice AI platforms with the same tricks that wrecked email and telecom decades ago: Premium-rate fraud dressed up in AI clothingBot-driven spam that floods calendars and burns ops teamsConsent loopholes where “user input” becomes an attacker’s best weaponThis isn’t FUD. It’s happening right now, and the industry risks ...

Show more...

All content for TLP - The Digital Forensics Podcast is the property of Clint Marsden and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Send us a text Voice AI is moving fast — but so are the attackers. In this episode of the Traffic Light Protocol Podcast, Clint and Myles break down how scammers are exploiting Voice AI platforms with the same tricks that wrecked email and telecom decades ago: Premium-rate fraud dressed up in AI clothingBot-driven spam that floods calendars and burns ops teamsConsent loopholes where “user input” becomes an attacker’s best weaponThis isn’t FUD. It’s happening right now, and the industry risks ...

Show more...

Episodes (20/25)

TLP - The Digital Forensics Podcast

Episode 24: Voice AI Under Attack: Hackers Exploit AI Call Agents | Traffic Light Protocol Podcast

Send us a text Voice AI is moving fast — but so are the attackers. In this episode of the Traffic Light Protocol Podcast, Clint and Myles break down how scammers are exploiting Voice AI platforms with the same tricks that wrecked email and telecom decades ago: Premium-rate fraud dressed up in AI clothingBot-driven spam that floods calendars and burns ops teamsConsent loopholes where “user input” becomes an attacker’s best weaponThis isn’t FUD. It’s happening right now, and the industry risks ...

1 month ago

54 minutes

TLP - The Digital Forensics Podcast

Episode 23:AI Voice Agent Security: Voice AI Under Siege: SIP Spoofing, Cost Drain, and How to Fight Back

Send us a text In this episode of Traffic Light Protocol, we kick off our AI series with a hard look at how voice AI agents are being targeted; and how fast small businesses and startups can rack up serious bills overnight. Guest Myles Agnew returns to unpack how old-school telecom tricks are being repurposed in the age of SIP/VoIP and AI: caller ID spoofing, open SIP trunks, and automated call loops that tie up your agents and quietly burn cash. We break down how easy it is to spin up a low-...

1 month ago

33 minutes

TLP - The Digital Forensics Podcast

Episode 22:AI Chat Forensics: How to Find, Investigate, and Analyse Evidence from ChatGPT, Claude & Gemini

Send us a text Unlock the secrets behind digital forensic investigations into AI chat platforms like ChatGPT, Claude, and Google's Gemini in this insightful episode. Learn the precise methods for discovering, extracting, and interpreting digital evidence across Windows, Mac, and Linux environments, whether it's browser caches, memory forensics, network logs, or cloud-based data exports. From identifying subtle signs of malicious AI usage and attempts to evade security controls, to piecing tog...

4 months ago

40 minutes

TLP - The Digital Forensics Podcast

Episode 21: How IRCO is Changing DFIR: The AI Copilot for Real-Time Cyber Investigations

Send us a text Link to IRCO- Incident Response Copilot on Chat GPT https://chatgpt.com/g/g-68033ce1b26481919b26df0737241bac-irco-incident-response-co-pilot In this episode of TLP: The Digital Forensics Podcast, Clint dives deep into IRCO (a custom GPT designed specifically for DFIR and SOC analysts). From real-world cyber incidents to post-incident reporting and CTF training, IRCO acts like your AI-powered colleague: fast, focused, and built for real investigations or even CTF's. Learn ...

4 months ago

15 minutes

TLP - The Digital Forensics Podcast

Episode 20:What Makes an Elite Incident Response Team: Mindset, Mastery, and Real-World DFIR Lessons

Send us a text Drawing inspiration from observing military special forces and over five years of hands-on DFIR experience, Clint explores the mindset, habits, and tactical processes that set top-performing IR teams apart. Clint Marsden explores the mindset, habits, and tactical processes that set top-performing IR teams apart. From threat intelligence workflows and detection-first thinking to deep forensic analysis and clear executive reporting, this episode is packed with real-world lessons,...

5 months ago

38 minutes

TLP - The Digital Forensics Podcast

Episode 19: AI Data Poisoning: How Bad Actors Corrupt Machine Learning Systems for Under $60

Send us a text Clint Marsden breaks down a critical cybersecurity report from intelligence agencies including the CSA, NSA, and FBI about the growing threat of AI data poisoning. Learn how malicious actors can hijack AI systems for as little as $60, turning machine learning models against their intended purpose by corrupting training data. Clint explains the technical concept of data poisoning in accessible terms, comparing it to teaching a child the wrong labels for objects. He walks t...

5 months ago

26 minutes

TLP - The Digital Forensics Podcast

Audiobook - Mastering Sysmon. Deploying, Configuring, and Tuning in 10 easy steps

Send us a text This episode features the complete narration of my ebook: Mastering Sysmon – Deploying, Configuring, and Tuning in 10 Easy Steps, providing a step-by-step guide to getting Sysmon up and running for better threat detection and incident response. If you’re in security operations, digital forensics, or incident response, this episode will help you: Deploy Sysmon efficiently.Tune Sysmon logs for maximum insight while reducing noise.Use Sysmon for investigations—from process creatio...

8 months ago

43 minutes

TLP - The Digital Forensics Podcast

Episode 17 - Building a CTF

Send us a text So You Want to Build Your Own DFIR CTF? Ever wanted to build your own Digital Forensics and Incident Response (DFIR) Capture the Flag (CTF) challenge but weren’t sure where to start? In this episode of Traffic Light Protocol, we share the how-to of CTF builders, making it easy for anyone—no pentesting skills required! Today's episode includes: Choosing Your CTF Theme – Using MITRE ATT&CK and APT tracking to craft a realistic attack scenario.Setting Up the Lab – S...

8 months ago

28 minutes

TLP - The Digital Forensics Podcast

Episode 16 - Mastering the Basics: Key Strategies for Cyber Investigations

Send us a text Kicking off 2025, we're getting back to basics with something every cyber investigator needs to master—starting an investigation the right way. Too often, investigations get derailed because the right questions weren’t asked at the outset, evidence wasn’t properly handled, or reporting lacked clarity. In this episode, we cover how to build an investigation plan that keeps you on track, ensures consistency, and leads to better results. We talk about evidence volatility, log rete...

8 months ago

30 minutes

TLP - The Digital Forensics Podcast

Episode 15 -Windows event log analysis with Hayabusa. The Sigma-based log analysis tool

Send us a text Key Takeaways: Introduction to Hayabusa: Hayabusa is an open-source Windows Event Log Analysis Tool used for processing EVTX logs to detect suspicious activities in Windows environments.Critical Alerts Detection: The tool is capable of detecting a variety of suspicious activities, including WannaCry ransomware and unauthorized Active Directory replication.Efficient Incident Response: Hayabusa is ideal for incident response workflows, enabling teams to quickly triage and analyze...

1 year ago

23 minutes

TLP - The Digital Forensics Podcast

Episode 14 - AI and the future of log analysis, bug detection, forensics and AI ethical considerations with Jonathan Thompson

Send us a text In this episode of Traffic Light Protocol, Clint Marsden is joined by Jonathan Thompson, a developer and AI enthusiast currently studying at Macquarie University. Together, they dive into how artificial intelligence (AI) is transforming the cybersecurity landscape and discuss Jon’s insights into AI’s potential applications in digital forensics, incident response, and everyday IT operations. The conversation touches on ethical considerations, potential job impacts, and how A...

1 year ago

1 hour 8 minutes

TLP - The Digital Forensics Podcast

Episode 13-ELK EDR and Sandboxing, Home grown CTF environments, DFIR Automation & Forensics in the cloud, with Jacob Wilson

Send us a text Episode 13 is another giant episode with a focus on what its like be in the mud working on real life forensic investigations. Jacob and Clint talk about ELK EDR, using Sysmon. Sandbox Environments: Jacob discusses the creation of a sandbox environment using an ELK stack combined with Sysmon, enabling in-depth malware analysis by capturing and analyzing detailed system activity. Automation in Investigations: Jacob emphasizes the importance of automating repetitive tasks, such a...

1 year ago

54 minutes

TLP - The Digital Forensics Podcast

Episode 12 - You're forced to decide: Cyber Generalist or Cyber Specialist?

Send us a text Quotes: “In the fast-paced world of DFIR, you are a mission critical system. Your job isn’t just to uncover what happened during an incident, but to do so in a way that gets results fast.”“Specialists bring expertise that pushes the entire industry forward, while generalists offer versatility and adaptability in the ever-changing landscape of cybersecurity.”“The choice between specializing and generalizing doesn’t always need to be a conscious decision. Often, you just fall int...

1 year ago

17 minutes

TLP - The Digital Forensics Podcast

Episode 11 - Velociraptor, Containerisation and Infrastructure Deployed as Code with Myles Agnew

Send us a text In this episode of Traffic Light Protocol, we sit down with Myles, a cybersecurity veteran with over 15 years of Cyber experience and background as a Combat Engineer in the Army. Myles brings his unique perspective on integrating automation and cloud technologies into cybersecurity infrastructure deployment (Used specifically when deploying Velciraptor- an advanced open-source endpoint monitoring, digital forensic and cyber response platform). We delve into his journey ...

1 year ago

52 minutes

TLP - The Digital Forensics Podcast

Episode 10 - Detecting and Preventing Phishing Attacks

Send us a text Quotes: "Phishing targets the human element, the 'wetware,' often the weakest link in any security chain." - Clint Marsden "Phishing isn't just about poorly spelled emails anymore; it's about sophisticated campaigns that even cyber-aware individuals can fall victim to." - Clint Marsden "Effective defense against phishing involves not just technology but ongoing education and a culture of security awareness." - Clint Marsden Key Takeaways: Phishing attacks continue to ...

1 year ago

19 minutes

TLP - The Digital Forensics Podcast

Episode 9 -Unmasking APT40 (Leviathan): Tactics, Challenges, and Defense Strategies

Send us a text Episode Title: "Unmasking APT40: Tactics, Challenges, and Defense Strategies" Key Takeaways: APT40 is a sophisticated Chinese state-sponsored cyber espionage group active since 2009. They target various sectors including academia, aerospace, defense, healthcare, and maritime industries. APT40 uses advanced tactics such as spear phishing, watering hole attacks, and living off the land binaries (LOLBINS). Digital forensics faces challenges in detecting APT40 due to their use of ...

1 year ago

21 minutes

TLP - The Digital Forensics Podcast

Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics

Send us a text In this episode, Clint Marsden goes straight into 4 practical strategies that enable better forensics and stop data exfiltration, no matter the size of your budget. Clint covers deploying Sysmon for enhanced monitoring, and using Group Policy to tighten print and USB security. Event log cleared: Event ID 1102 ACSC Sysmon: https://github.com/AustralianCyberSecurityCentre/windows_event_logging Swift on security Sysmon: https://github.com/SwiftOnSecurity/sysmon-config Print...

1 year ago

19 minutes

TLP - The Digital Forensics Podcast

Episode 7 - Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures

Send us a text In todays episode of TLP - Traffic Light Protocol, Clint Marsden talks about Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures. Key Takeaways Understanding Scattered Spider: Scattered Spider, also known as Roasted Octopus or Octo Tempest, utilizes various legitimate tools for malicious purposes. Common Tools and Techniques: They employ tools for reconnaissance (PingCastle, ADRecon), credential dumping (Mimikatz, Lazagne),...

1 year ago

17 minutes

TLP - The Digital Forensics Podcast

Episode 6 - Responding to ransomware - is your VPN a target? Plus ransomware risk mitigation with Phil Ngo

Send us a text In this episode, we speak with Phil Ngo, a Primary Investigator in Accenture's global cyber response team. As a primary investigator, he is responsible for helping clients recover from major incidents as well as delivering proactive cyber services, such as threat hunting and tabletop exercises. Philip started his career as a high school teacher, before moving into IT support and eventually into cyber security six years ago. Philip has a worked across multiple indus...

1 year ago

26 minutes

TLP - The Digital Forensics Podcast

Episode 5 - NIST SP 800-61 Computer Security Incident Handling Guide (Post-Incident Activity)

Send us a text This is the biggest episode from a content perspective so far. I'm excited to share it with you. Episode Highlights: How to run post-incident debriefs and post-mortems.Involving external teamsUsing lessons learned to form actionable insights.Key questions to address in incident analysis.Effective report writing strategies, including timelines and executive summaries.Evaluating and improving incident response procedures and tools preparation.Engaging broader teams in the ...

1 year ago

33 minutes