SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensic Case Leads: Medical Records Get Hacked, #DFIR Index, New and Updated Tools and More....

In this edition of SANS Case Leads we have petabytes of #DFIR tools, reads, news, and levity to stimulate your analytical juices and warm up your processors. Get your dongles out cause' AccessData has updates and we got more breaches to investigate! Dongleless? I got you covered with a brew of Python, Perl and EXE … Continue reading Digital Forensic Case Leads: Medical Records Get Hacked, #DFIR Index, New and Updated Tools and More....


Digital Forensics Case Leads: log2timeline, DFIR dogs, and cybersemantics

This week brings us a new version of log2timeline, Cindy Murphy explaining how we're all like dogs (it's not a bad thing, I swear), and Kyle Maxwell wading into the murky semantic waters of APT, cyberwar, and hackers. Just to tweak Kyle, I'll dub that part cybersemantics. You can also learn what Facebook turns over … Continue reading Digital Forensics Case Leads: log2timeline, DFIR dogs, and cybersemantics


Digital Forensics Case Leads: Bulk_extractor how-to, Verizon Report, FTK review, China prime suspect in RSA and other incidents

In this week's edition of Case Leads we have a how-to for Bulk_extractor's find feature, first impressions on the new database options in FTK, an extension for log2timeline for parsing the cache in Firefox, the Verizon data breach report, and statements by current and former US government officials about Stuxnet and China. If you have … Continue reading Digital Forensics Case Leads: Bulk_extractor how-to, Verizon Report, FTK review, China prime suspect in RSA and other incidents


Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.

In this weeks CaseLeads, there's a bunch of new useful tools that might come in handy in certain situations while handling incidents'' PDF Analysis, Malware Analysis, Honeypots and MAC forensics! A sequel of a multi-part series on protecting our credentials whilehandling incidents. When some weird registry keys appear in log2timeline results, you discover an attack … Continue reading Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.


Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections

Welcome to Digital Forensics Case Leads. It's a busy week in digital forensics, incident response and the law. In this edition: How the standards for obtaining a warrant for digital information might change. Do users really care about tracking and privacy online? Are anti-forensics and spoliation becoming more popular with the general public? Why Solid … Continue reading Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections