SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: Do SSD Drives Auto Destroy Forensic Evidence? Industrial Espionage, and Cloud Computing Forensics

Solid State Drives (SSD) Forensics continue as the top story this week. Two University researchers published shocking research that indicates that the firmware in SSDs can destroy forensic evidence as part of it's everyday functionality. Details in MUST Reads (upgrading this week from "Good Reads"). Apple made big news with the launch of new tablet … Continue reading Digital Forensics Case Leads: Do SSD Drives Auto Destroy Forensic Evidence? Industrial Espionage, and Cloud Computing Forensics


Digital Forensics Case Leads: Hacking, Lawsuits and Bricking Phones

This week we have a new tool for malware analysis from the Honeynet Project. A informative story on the HBGary hack, Google getting hit with an antitrust suit as well as Microsoft bricking phones. Don't forget to check out the upcoming training events comingto a city near you. If you have an article, news story … Continue reading Digital Forensics Case Leads: Hacking, Lawsuits and Bricking Phones


Digital Forensics Case Leads: Intruder Alert! Intruder Alert!

Seven years ago, in the Preface to his TheTao of Network Security Monitoring, Richard Bejtlich wrote: Three words sum up my attitude toward stopping intruders:prevention eventually fails. Every single network can be compromised, either by an external attacker or by a rogue insider. Fast forward to 2011, and we find McAfee saying, in the executive … Continue reading Digital Forensics Case Leads: Intruder Alert! Intruder Alert!


Digital Forensics Case Leads: SMS botnet has ripples into mobile forensics; New iOS forensic tool; New USB encryption tool; Record a cop, go to jail? Free RSA Expo Pass and Free Beer!

This week's case leads features a new SMS botnet attack that has ripples into mobile forensics; Guidance Software releases an iOS forensics tool; an in-depth legal analysis of a recent ruling that could encourage lawyers to sue businesses due to downstream liability, and these lawsuits could involve considerable e-discovery; SIFT wins forensic award; PLUS get … Continue reading Digital Forensics Case Leads: SMS botnet has ripples into mobile forensics; New iOS forensic tool; New USB encryption tool; Record a cop, go to jail? Free RSA Expo Pass and Free Beer!


Digital Forensics Case Leads: Capturing Mac Memory, the Shifting Threat Landscape, Forensics Tool Updates, and Zero Day: A Novel

This week's edition of Case Leads features new and updated forensics tools, a report on changes in attack patterns, a novel from what may seem like an unlikely source and thoughts on timestamp manipulations. The ability to create a memory image on OS X has been lacking until now. A recently released report suggests that … Continue reading Digital Forensics Case Leads: Capturing Mac Memory, the Shifting Threat Landscape, Forensics Tool Updates, and Zero Day: A Novel