SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: REMnux, Stuxnet, Facebook and more

This week we have Lenny Zeltser releasing his awesome tool REMnux V2 along with some good blog posts by Brad Garnett, Andrew Hay and Harlan Carvey and the Yahoo group Win4n6. In the news we have more Stuxnet and privacy issues with Facebook. Don't forget to check out the upcoming training events comingto a city … Continue reading Digital Forensics Case Leads: REMnux, Stuxnet, Facebook and more


Digital Forensics Case Leads: New Year brings DEFT and DFF updates, interesting reads and upcoming events

This week we have updates to two great tools, a variety of interesting reads, including one to come soon, and some events to fill your calendar for the 1st quarter of the new year. Tools: Arxsys has released V0.9 of the open source Digital Forensics Framework (DFF), which has some cool new features. You can … Continue reading Digital Forensics Case Leads: New Year brings DEFT and DFF updates, interesting reads and upcoming events


Digital Forensics Case Leads: Ready, Forensicate, Aim

Ready. Forensicate. Aim. Okay, seriously, don't do that. You know the correct order, right? If not, Chris Pogue spent part of last year presenting on the Sniper Forensics methodology, developed by the incident response team at TrustWave's SpiderLabs, and has what you need. Even if you already know the proper order is Ready, Aim, Forensicate, … Continue reading Digital Forensics Case Leads: Ready, Forensicate, Aim


Digital Forensics Case Leads: Incident Response Hits The Mainstream; Powerful Tech Fighting CP; Acquisition Errors Can Cost Case

Incident Response Lead Story: Why it pays to have incident response in a Wikileaks world. The Wikileaks story is having a ripple effect that shows no sign of abating. As of this writing, according to a spokesperson for PandaSecurity: the following web sites have been attacked in the name of defending the actions of Wikileaks: … Continue reading Digital Forensics Case Leads: Incident Response Hits The Mainstream; Powerful Tech Fighting CP; Acquisition Errors Can Cost Case


Digital Forensics Case Leads: Failure and Frustration — Real Learning

This week I've got a short rant about education and a link to an interesting video on the subject. One of the best ways to really learn something is to teach it and if you think you haven't got any knowledge worth sharing, well you're probably wrong, but there's a list of research projects in … Continue reading Digital Forensics Case Leads: Failure and Frustration — Real Learning