ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "DFSP # 400 - CMSTP"
Episode Synopsis
This week I am going to focus on a specific remote execution technique that you may see in the wild. Remote execution is important for incident response investigations but also for file use and knowledge investigations, particularly those that conducted due diligence exams for evidence of malware. I have covered remote execution in the past from different angles and I have done so because it is one of the red flags that an analyst should be looking for. In order to be effective in recognizing either an actual malicious execution or the risk of an attempted remote execution you must be reversed in the clever ways attackers attempt to compromise a host using Microsoft applications. The highlight this week will be CMSTP.exe abuse...
More episodes of the podcast Digital Forensic Survival Podcast
DFSP # 499 Linux top 10
09/09/2025
DFSP # 498 Windows top 10
02/09/2025
DFSP # 497 ticket to ride
26/08/2025
DFSP # 496 Signed, Sealed, Exploited
19/08/2025
DFSP # 495 Corrupted from within
12/08/2025
DFSP # 494 the request is out there
05/08/2025
DFSP # 493 Stop, Share, and Listen
29/07/2025
DFSP # 492 A Bit of TCP
22/07/2025
DFSP # 490 Unveiling the USN Journal
08/07/2025
In God we trust