SANS Digital Forensics and Incident Response Blog: Category - Case Leads

Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011

This week's edition of Case Leads features a new version of REMnux for malware analysis and we have two tools for collecting forensic images from iPhone and Android devices. We also have a couple of articles on Android memory analysis and the use of Open Source digital forensics tools to validate commercial tools. As always, … Continue reading Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011


Digital Forensics Case Leads: Hacking into the New Year, and a Virus Causes a Man to Get a New Trial

Happy New Year from the Case Leads team! In this first Case Leads of the year several organizations have been hacked, a man gets a new trial because of a computer virus and Windows 8 will have a reset button. Several tools have been updated and introduced and some good reads along with a little … Continue reading Digital Forensics Case Leads: Hacking into the New Year, and a Virus Causes a Man to Get a New Trial


Digital Forensics Case Leads: Forensicsball, Forensic security analysis of Google Wallet, Sprint Disables CIQ

Innovations in timeline forensics, a forensic security analysis of the Google Wallet, and Sprint disables the CarrierIQ "root kit" top this edition of Digital Case Leads. In the 2011 Hollywood blockbuster Moneyball, Brad Pitt plays the part of the real-life Billy Bean, the manager of the Oakland A's baseball team. In the film, Brad Pitt's … Continue reading Digital Forensics Case Leads: Forensicsball, Forensic security analysis of Google Wallet, Sprint Disables CIQ


Digital Forensics Case Leads: SANS Goes Social, Fyodor Gets Mad and C|Net Apologizes

This week's Case Leads is chock full of forensic goodness. SANS Forensics goes social on both Facebook and Google+. Also, C|Net's Download.com ticks off Fyodor, If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org. Tools: The Giant Persistent Friend, Rob Lee, announced that SIFT 2.12 … Continue reading Digital Forensics Case Leads: SANS Goes Social, Fyodor Gets Mad and C|Net Apologizes


Digital Forensics Case Leads: Evolving Malware Market, Feint Attacks, and Malicious Hacker Psychology

This week's edition of Case Leads features tools to discover MD5 hashes and extract Flash files from PDFs. We also have recommendations on network defense from researchers who have been studying the psychology of cyber attackers. There's evidence of service consolidation in the malware market and the FBI cautions that denial of service attacks are … Continue reading Digital Forensics Case Leads: Evolving Malware Market, Feint Attacks, and Malicious Hacker Psychology