SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: Thefts, Breaches and Google talking about piracy

In this version we have several data thefts/breaches, and Google talking about piracy. Several tools have been updated and some good reads along with a little levity and training/conferences as well as call for papers. If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org. Tools: … Continue reading Digital Forensics Case Leads: Thefts, Breaches and Google talking about piracy


Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?

The Paraben Forensics Innovator's Conference was held last week in Park City, Utah. Your SANS Digital Forensic blogger attended the event, along with over 300 fellow, forensicators and lawyers. With information security events like BlackHat, and DefCon drawing thousands, this is yet another small event that has many advantages over the larger conferences. At these … Continue reading Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?


Digital Forensics Case Leads: Registry Decoder 1.1 released, FOR 558 Reviewed, OpenIOC Debuts

This week, we've got news, reviews, tools and all kinds of digital forensic goodness in store. A new version of the excellent Registry Decoder tool has been released! Along with that, we've got links to a review of a SANS Forensics course, and other news. So, sit back, relax and read this week's Case Leads. … Continue reading Digital Forensics Case Leads: Registry Decoder 1.1 released, FOR 558 Reviewed, OpenIOC Debuts


Digital Forensics Case Leads: A Matter of Time

Time is of the essence this week. Several good resources expanding and extending the area of timline analysis have hit the interwebs, and you'll find them featured below in the Good Reads sections. In the news, Brian Krebs drops the names of other organizations penetrated by the RSA attackers. Meanwhile, NetAnalysis gets an update and … Continue reading Digital Forensics Case Leads: A Matter of Time


Digital Forensics Case Leads: Data Extraction, Cyber Threat Reports, APTs and Duqu, a Stuxnet Variant

This week's edition of Case Leads features updates to applications for bulk data extraction and processing mobile devices. We also have a couple of reports from the researchers at Georgia Tech and Microsoft that address emerging and current cyber threats. We close out this week's Case Leads with a few suggestions on how to address … Continue reading Digital Forensics Case Leads: Data Extraction, Cyber Threat Reports, APTs and Duqu, a Stuxnet Variant