SANS Digital Forensics and Incident Response Blog: Daily Archives: Jul 01, 2010

The SANS Institute's Digital Forensics Lethal Forensicator Coin (RMO)

Next week at the 2010 Digital Forensics and Incident Response Summit, we will unveil and award for the first time the SANS Institute's Digital Forensics "Lethal Forensicator" Coin (or RMO - for "Round Metal Object"). The members of this elite unit will encompass the best in the digital forensics field and those that have demonstrated talent or leadership deserving special recognition.


Digital Forensics Case Leads: Data Exposed, Movie Piracy Sites shutdown and a 0day exploit hits more the 10,000 Computers

This week in Case Leads we have another round of data exposed at WellPoint. The Feds shutdown movie piracy sites, and Microsoft reports more than 10,000 Windows XP computers hit with a 0day exploit. Some great reads on memory analysis and pagefiles, Safari Forensics and getting alternate timestamps from $MFT. Don't forget to cast your vote for the 2010 Forensic 4Cast awards, make your vote count.

If you have an interesting item you think should be included in the Digital Forensics Case Leads posts, you can send it to caseleads@sans.org.

Tools:

  • Mount Raw images as VMDK virtual disks usingraw2vdmk

Good Reads:

...