SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: A decision regarding the 5th Amendment, Cellebrite and Forensic Focus update and EXIF data and Bing Maps

In this week's edition of Case Leads we see Cellebrite and Forensic Focus getting updates, Dave Hull's blog post on EXIF data & Bing Maps, as well as a major court decision regarding the U.S. 5th Amendment and more. If you have an item you'd like to contribute toDigital Forensics CaseLeads, please send it to … Continue reading Digital Forensics Case Leads: A decision regarding the 5th Amendment, Cellebrite and Forensic Focus update and EXIF data and Bing Maps


Digital Forensics Case Leads: New versions of Bulk_extractor and FTK, new blogs on malware and forensics, and lost flash drives

In this week's edition of Case Leads we have updates to a couple of tools, Bulk_extractor and FTK as well as two new blogs featuring malware analysis and digital forensics tutorials. If you have an item you'd like to contribute toDigital Forensics CaseLeads, please send it to caseleads@sans.org. Tools: A new version of Bulk_extractor has … Continue reading Digital Forensics Case Leads: New versions of Bulk_extractor and FTK, new blogs on malware and forensics, and lost flash drives


Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?

Case Leads is loaded for bear this week, after a week's break. Here is some of what you will find: * Are you ready for "The New Forensics"? If not, you might be left in the dust at trial. * What if the good guys adopted the organizing techniques of Anonymous? That's the goal behind … Continue reading Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?


Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline

This week's cornucopia of forensic goodness so thoroughly defies summary that I nearly gave up writing an introduction. But a few things do merit particular emphasis. First, the second DFIROnline meetup takes place tonightat 20:00 EST. Luminaries Harlan Carvey and Eric Huber will be presenting. Before then, however, you may want to take some time … Continue reading Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline


Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011

This week's edition of Case Leads features a new version of REMnux for malware analysis and we have two tools for collecting forensic images from iPhone and Android devices. We also have a couple of articles on Android memory analysis and the use of Open Source digital forensics tools to validate commercial tools. As always, … Continue reading Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011