SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?

The Paraben Forensics Innovator's Conference was held last week in Park City, Utah. Your SANS Digital Forensic blogger attended the event, along with over 300 fellow, forensicators and lawyers. With information security events like BlackHat, and DefCon drawing thousands, this is yet another small event that has many advantages over the larger conferences. At these … Continue reading Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?


Digital Forensics Case Leads: Registry Decoder 1.1 released, FOR 558 Reviewed, OpenIOC Debuts

This week, we've got news, reviews, tools and all kinds of digital forensic goodness in store. A new version of the excellent Registry Decoder tool has been released! Along with that, we've got links to a review of a SANS Forensics course, and other news. So, sit back, relax and read this week's Case Leads. … Continue reading Digital Forensics Case Leads: Registry Decoder 1.1 released, FOR 558 Reviewed, OpenIOC Debuts


Digital Forensics Case Leads: A Matter of Time

Time is of the essence this week. Several good resources expanding and extending the area of timline analysis have hit the interwebs, and you'll find them featured below in the Good Reads sections. In the news, Brian Krebs drops the names of other organizations penetrated by the RSA attackers. Meanwhile, NetAnalysis gets an update and … Continue reading Digital Forensics Case Leads: A Matter of Time


Digital Forensics Case Leads: Data Extraction, Cyber Threat Reports, APTs and Duqu, a Stuxnet Variant

This week's edition of Case Leads features updates to applications for bulk data extraction and processing mobile devices. We also have a couple of reports from the researchers at Georgia Tech and Microsoft that address emerging and current cyber threats. We close out this week's Case Leads with a few suggestions on how to address … Continue reading Digital Forensics Case Leads: Data Extraction, Cyber Threat Reports, APTs and Duqu, a Stuxnet Variant


Digital Forensics Case Leads: Passwords in Wills, Google Chrome a Virus, Cybercrime Unit Saving Money and Updates for Sleuthkit and SSDeep.

In this version we have Microsoft classifying Google Chrome as a virus, passwords being added to wills and the Metropolitan Police Cybercrime unit saving money for the citizens of the UK. Several tools have been updated and some good reads along with a little levity and training/conferences as well as call for papers. If you … Continue reading Digital Forensics Case Leads: Passwords in Wills, Google Chrome a Virus, Cybercrime Unit Saving Money and Updates for Sleuthkit and SSDeep.