Everyday Cyber

Episode 9: Blue Team Field Manual Breakdown - Incident Response & System Hardening Toolkit | Everyday Cyber

Join us for Episode 9 of Everyday Cyber as we dive deep into the Blue Team Field Manual by Alan White and Ben Clark - the ultimate practical guide for cybersecurity defenders. Discover essential command-line tools and techniques for Windows and Linux environments, structured around the NIST Cybersecurity Framework. Learn hands-on approaches to system hardening, network monitoring, malware analysis, and incident response. From vulnerability scanning with NMAP and Nessus to configuring firewalls and AppLocker policies, we cover the complete defensive toolkit. Whether you're a SOC analyst, system administrator, or cybersecurity professional, this episode provides actionable commands and methodologies for protecting, detecting, responding to, and recovering from cyber threats. Master the art of defensive cybersecurity operations with real-world commands you can use immediately. * Blue team field manual * Cybersecurity defense commands * Incident response toolkit * System hardening techniques * Network security monitoring * Windows Linux security commands * SOC analyst guide * Defensive cybersecurity operations * NIST cybersecurity framework implementation * Practical incident response

Episode 9: The Complete Guide to Data Privacy Laws - From GDPR to PIPL Explained | Everyday Cyber

Join us for Episode 9 of Everyday Cyber as we decode the complex world of data privacy and protection laws. From GDPR and CCPA to China's PIPL and Canada's PIPEDA, we break down what these regulations mean for businesses and individuals. Learn about Privacy by Design principles, data subject rights, cross-border data transfers, and how to build a robust privacy program. Whether you're a business owner, privacy professional, or simply want to understand your digital rights, this episode provides practical insights into navigating today's privacy landscape. Discover the evolution of privacy laws, key compliance requirements, and real-world case studies that shaped modern data protection. * Data Privacy * GDPR * CCPA * Privacy Laws * Data Protection * Cybersecurity * Privacy by Design * Data Subject Rights

Network Security Monitoring Explained (Part 1): NSM, Security Onion & Real-World Detection | Ep. 8

🚨 Episode 8 – Part 1 of 2 | Everyday Cyber Podcast In this first part of a two-part deep dive, host Alex Reid breaks down the essentials of Network Security Monitoring (NSM) — how it works, why it matters, and the open-source tools that power real-time detection and response. From understanding the Intrusion Kill Chain to deploying tools like Security Onion, Zeek, and Suricata, this episode helps you build foundational knowledge in modern network defense. 🔍 In this episode (Part 1): * What is NSM and how it differs from continuous monitoring * Why prevention fails — and how NSM fills the gap * Data types in NSM: full content, session, alerts, and metadata * Challenges with proxies, NAT, and the X-Forwarded-For header * Overview of open-source NSM tools (Security Onion, Bro/Zeek, Suricata, Sguil) 🧠 This episode is ideal for SOC analysts, blue teamers, cybersecurity students, and anyone learning how defenders really detect threats. 🎧 Part 2 coming next week. network security monitoring NSM podcast security onion tutorial zeek bro network analysis suricata ids sguil security onion intrusion kill chain explained network visibility tools incident response podcast full packet capture analysis network forensics tools x-forwarded-for proxy logs nsm data types explained cybersecurity detection stack virus total analysis networkminer pcap analysis client-side compromise server-side compromise ioc detection process blue team workflows everyday cyber podcast

Digital Forensics & Anti-Forensics Explained: NTFS Artifacts, ADS, File Carving & Timestomping | Ep. 7

🧠 Episode 7 – Everyday Cyber Podcast In this episode, host Alex Reid explores the battlefield between digital forensics and anti-forensics — revealing how investigators extract hidden truths from NTFS volumes, and how attackers attempt to cover their tracks. From Alternate Data Streams (ADS) and Volume Shadow Copies, to timestomping and file wiping, this episode dives into the structures and techniques that define modern forensic investigations — and the countermeasures used to evade them. 🔍 What You'll Learn in This Episode: * Key forensic artifacts in NTFS: $MFT, $I30, $LogFile, $UsnJrnl * How Alternate Data Streams (ADS) are used to hide data * Timestomping, file wiping, and registry key deletion as anti-forensics * Tools like MFTECmd, Bulk Extractor, PhotoRec, and vss_carver.py * How forensic analysts perform file carving, super timelines, and triage collection * The role of Zone.Identifier ADS, VSS, and SDelete in investigations * Techniques attackers use to stay hidden in plain sight — and how to find them Whether you're learning digital forensics or defending against sophisticated attackers, this episode gives you a detailed breakdown of how investigations work at the file system level. digital forensics anti-forensics alternate data streams NTFS forensics volume shadow copy forensics file carving timestomping detection mftecmd tutorial file wiping photoRec recovery zone.identifier ADS NTFS metadata ADS malware hiding super timeline forensics triage collection bulk extractor forensic registry key wiping forensic tools podcast NTFS MFT analysis digital forensic investigation everyday cyber podcast

Malware Hunting at Scale: Timelines, YARA Rules & the Tools Pros Use | Ep. 6

🧠 Episode 6 – Everyday Cyber Podcast In this episode, Alex Reid explores how cybersecurity analysts use timeline analysis to investigate intrusions, uncover malware, and detect threats at scale. This hands-on walkthrough reveals how modern blue teams reconstruct attacks across hundreds of endpoints using tools like log2timeline, YARA, capa, and more. You’ll learn the full process from enterprise threat hunting to deep-dive forensic timeline building — including malware detection, IOC stacking, and how to pivot around suspicious activity. 🔍 Key topics covered: * The 3-phase model: Threat Hunting → Triage → Deep-Dive Forensics * Occurrence stacking, outlier detection, and IOC hunting * Detecting malware using tools like Sigcheck, maldump, and capa * Writing YARA rules and matching malware capabilities to MITRE ATT&CK * Filesystem timelines vs. super timelines — when to use each * Using log2timeline, Plaso, Timeline Explorer, and Timesketch * How to scale timeline analysis across multiple compromised systems * Practical insights for analysts, DFIR teams, and blue teamers timeline analysis threat hunting malware detection YARA rules log2timeline plaso forensic tool capa malware analysis digital forensics podcast DFIR workflow ioc hunting sigcheck malware scan timeline explorer timesketch tutorial fileless malware detection endpoint forensics blue team tactics incident response timeline cybersecurity tools forensic timeline building everyday cyber podcast