SANS Digital Forensics and Incident Response Blog: Author - sansdfir

TIME IS NOT ON OUR SIDE WHEN IT COMES TO MESSAGES IN IOS 11

BLOG ORIGINALLY POSTED SEPTEMBER 30, 2017 HEATHER MAHALIK This is going to be a series of blog posts due to the limited amount of free time I have to allocate to the proper research and writing of an all-inclusive blog post on iOS 11. More work is needed to make sure nothing drastic is missing … Continue reading TIME IS NOT ON OUR SIDE WHEN IT COMES TO MESSAGES IN IOS 11


Coin Check: Win the challenge, join the elite list of lethal forensicators & take home a brand new DFIR challenge coin!

Hundreds of SANS Institute digital forensics students have stepped up to the challenge and conquered. They've mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of the SANS Lethal Forensicator Coin, an award given to a select portion of the thousands of students that … Continue reading Coin Check: Win the challenge, join the elite list of lethal forensicators & take home a brand new DFIR challenge coin!


SANS Cyber Threat Intelligence Summit 2018 - CALL FOR SPEAKERS NOW OPEN

Cyber Threat Intelligence Summit & Training 2018 Call for Speakers- Now Open Summit Dates: January 29 & 30, 2018 Training Course Dates: January 31-February 5, 2018 Call for Presentations Closes on Monday, 7 August at 5 pm EDT. Submit your presentationhere Our 6th annual Cyber Threat Intelligence (CTI) Summit will be held in Bethesda, MD. … Continue reading SANS Cyber Threat Intelligence Summit 2018 - CALL FOR SPEAKERS NOW OPEN


WannaCry Ransomware Threat : What we know so far - WEBCAST slides

The WannaCry ransomware worm is unprecedented for two reasons. First, it's a ransomware worm. Second, it appears to be using a recently patched exploit that was stolen from NSA to propagate. Jake Williams' firm, Rendition Infosec, has been tracking the use of this exploit since it was publicly released and completed another internet-wide scan of … Continue reading WannaCry Ransomware Threat : What we know so far - WEBCAST slides


FOR408: Windows Forensic Analysis has been renumbered to FOR500: Windows Forensics Analysis

The FOR408: Windows Forensic Analysis course was renumbered to FOR500: Windows Forensic Analysis. SANS renumbered the course to better reflect the course's intermediate-level material. The content of the course will remain basically the same, although it will be constantly updated to reflect changes in the field. FREQUENTLY ASKED QUESTIONS Why change the course … Continue reading FOR408: Windows Forensic Analysis has been renumbered to FOR500: Windows Forensics Analysis