Blog: SANS Digital Forensics and Incident Response Blog: Author - Ray Strubinger

Blog: SANS Digital Forensics and Incident Response Blog:

Case Leads: Backtrack Soon to be Back as Kali, Why Logs Should Really be Reviewed, the Impact of DDoS Against US Banks, Hard Drives with Bad Sectors and Data Recovery

This week's edition of CaseLeads features a teaser from the Backtrack developers, a case study from Verizon which demonstrates the need for regular log review, a report on the impact of the recent DDoS attacks against US banks and an article about challenges in recovering data from hard drives.

If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it tocaseleads@sans.org.

Tools:


  • Backtrack will be reborn as Kali. The developers of Backtrack are planning to take the distribution to another level but in order to do that, they realized they needed to build something new. The Backtrack website has a teaser video about the project but for now, the developers quiet on the details

...

Case Leads: Report on Emerging Cyber Threats, Updates to Forensics Applications, Malware Trends, and more.

This week's edition of CaseLeads features a report on emerging cyber threats, another report about malware and vulnerabilities,research about the head of a new anti-virus firm, updates to the Oxygen Forensics Suite and Memoryze for the Mac. There's also a story about how email led to several discoveries in the case of theCIA director that recently resigned and an article about Skype and personal information.

If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org.

Tools:

...

More news on Flame & Stuxnet. Researchers publish findings on Elderwood Gang & the Comment Crew. New & Updated tools for mobile device forensics.

This week's CaseLeads features several findings from security researchers who have been studying Flame, Stuxnet and numerous state sponsored hackers. A couple of vendors have released new tools or updates to existing tools for those into mobile device forensics and malware analysis.

If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org.

 

Tools:


  • Santokufor mobile device forensics, malware analysis and application security testing includes tools for development, pen testing, wireless analysis, data carving, metadata analysis and reverse engineering applications.

  • Motorola launched an "
...

Black Hat edition featuring stealthy hardware and software based attacks, advice for new InfoSec professionals, a malware quiz and more

This week's "Black Hat" edition of CaseLeads features an exclusive interview with David Kennedy who talks about stealthy, non-APT related attacks. In keeping with the stealth theme, we have an article about a new Pwn device from Pwnie Express and DARPA as well as an article about one of the founders of Kaspersky. NIST has a draft out on malware defense, the popular protocol analyzer Wireshark has been updated and for those that are trying to enter the Information Security profession, we have a collection of articles from several well known names in the industry and an easy malware related quiz.

If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org.

Tools:

...

New version of Nmap, 60TB hard drives on the way, attacker trends, & a dissected web attack

This week's edition of Case Leads features updates to a popular network scanning tool and another application which may be useful in gaining access to encrypted documents. We also have an article detailing a recent attack against a website and a couple of papers that look at attack trends. There's news that hard drives could approach 60TB and a report that a popular paste site will change its approach in how it manages sensitive content.

As always, if you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org.

Tools:

  • Nmap 6 has been released. In addition to improvements in web scanning, overall scanning speed and the scripting engine, this popular scanner now fully supports
...