SANS Digital Forensics and Incident Response Blog: Author - Mark McKinnon

Digital Forensics Case Leads: Macs do need antivirus after all and Pastebin may start cutting what hackers paste

This week's Case Leads brought us anoutbreak of a trojan exploiting a Java flawthat has infected hundreds of thousands of Macs,several new tool releases, news (and humor) about forensic awards, and an announcement by Pastebin that they are taking action against people posting sensitive data on their site. If you have an item you'd like … Continue reading Digital Forensics Case Leads: Macs do need antivirus after all and Pastebin may start cutting what hackers paste


Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.

In this weeks CaseLeads, there's a bunch of new useful tools that might come in handy in certain situations while handling incidents'' PDF Analysis, Malware Analysis, Honeypots and MAC forensics! A sequel of a multi-part series on protecting our credentials whilehandling incidents. When some weird registry keys appear in log2timeline results, you discover an attack … Continue reading Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.


Digital Forensics Case Leads: Arrests galore between Hackers and "Operation Nanny", Updated tools and more.

This week in Case Leads numerous hackers were arrested as well as a online pedophile ring was disbanded. One new tool for flash analysis is out as well as updates to existing tools. A case study as well as working with the SIFT workstation and a quiz to solve using proper pirate Arrgot round everything … Continue reading Digital Forensics Case Leads: Arrests galore between Hackers and "Operation Nanny", Updated tools and more.


Digital Forensics Case Leads: A decision regarding the 5th Amendment, Cellebrite and Forensic Focus update and EXIF data and Bing Maps

In this week's edition of Case Leads we see Cellebrite and Forensic Focus getting updates, Dave Hull's blog post on EXIF data & Bing Maps, as well as a major court decision regarding the U.S. 5th Amendment and more. If you have an item you'd like to contribute toDigital Forensics CaseLeads, please send it to … Continue reading Digital Forensics Case Leads: A decision regarding the 5th Amendment, Cellebrite and Forensic Focus update and EXIF data and Bing Maps


Digital Forensics Case Leads: Android Malware,Chrome Browser Bugs and IT guy shoots Daughters Laptop.

This week in Case Leads Bug fixes for Chrome Browser and MD5Deep. A few new tools from JadSoft and Black Bag Technologies. Some great reads about IE RecoveryStore and Travel Log, Becoming a CSI without the blood and a 2012 Security report. Android malware strikes phones in China and an IT guy shoots … Continue reading Digital Forensics Case Leads: Android Malware,Chrome Browser Bugs and IT guy shoots Daughters Laptop.