SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

11th Annual Digital Forensics and Incident Response Summit Call for Presentations deadline Jan 15th 2018

Call for Presentations- Now Open The 11th Annual Digital Forensics and Incident Response Summit Call for Presentations is now open through 5 pm EST on Monday, January 15, 2018. If you are interested in presenting, we'd be delighted to consider your practitioner-based case studies with communicable lessons. The DFIR Summit offers speakers the opportunity to … Continue reading 11th Annual Digital Forensics and Incident Response Summit Call for Presentations deadline Jan 15th 2018


Meltdown and Spectre - Enterprise Action Plan

Meltdown and Spectre - Enterprise Action Plan by SANS Senior Instructor Jake Williams Blog originally posted January 4, 2018 by RenditionSec MELTDOWN SPECTRE VULNERABILITIES Unless you've been living under a rock for the last 24 hours, you've heard about the Meltdown and Spectre vulnerabilities. I did a webcast with SANS about these vulnerabilities, how they … Continue reading Meltdown and Spectre - Enterprise Action Plan


Your Cyber Threat Intelligence Questions Answered

As we prepare for the sixth year of the SANS Cyber Threat Intelligence (CTI) Summit, advisory board membersRebekah Brown,Rick Holland, andScott Robertsdiscuss some of the most frequently asked questions about threat intelligence. This blog will give you a bit of a preview of what you can expect during the CTI Summit on January 29th … Continue reading Your Cyber Threat Intelligence Questions Answered


Automated Hunting of Software Update Supply Chain Attacks

Software that automatically updates itself presents an attack surface, which can be leveraged en masse through the compromise of the vendor's infrastructure. This has been seen multiple times during 2017, with high profile examples includingNotPetya and CCleaner. Most large organisations have built robust perimeter defences for incoming and outgoing traffic, but this threat vector … Continue reading Automated Hunting of Software Update Supply Chain Attacks


Updated Memory Forensics Cheat Sheet

Just in time for the holidays, we have a new update to the Memory Forensics Cheatsheet! Plugins for the Volatility memory analysis project are organized into relevant analysis steps, helping the analyst walk through a typical memory investigation. We added new plugins like hollowfind and dumpregistry, updated plugin syntax, and now include help for those … Continue reading Updated Memory Forensics Cheat Sheet