SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Caseleads: South Korea Attack Forensics; Google Glass Brings Discoverable Evidence To Litigation; The Post Data Breach Boom; Fighting Insider Fraudsters

Mark this date: On March 20th 2013, the non-technical managers may finally start to understand what a digital forensics professional actually does. With the massive cyber attacks on South Korean banks, media outlets, and ISPs, the role of forensicators is put front and center. The attack(s) resulted in widespread ATM outages, online banking and mobile … Continue reading Caseleads: South Korea Attack Forensics; Google Glass Brings Discoverable Evidence To Litigation; The Post Data Breach Boom; Fighting Insider Fraudsters


ProcDOT - Visual Malware Analysis

Dear like-minded people, I'm very proud to announce that our (CERT.at - CERT Austria) latest contribution to the malware analysis community is finally available as open beta. It's called ProcDOT - I already gave a preview of the alpha version some months ago at SANS Forensics Summit in Prague - and it is an absolute … Continue reading ProcDOT - Visual Malware Analysis


Digital Forensics Case Leads: Email Scammers, Android Malware, DoS Against Banks, Tool Updates And A Few Good Reads.

In this issue of Case Leads with have Android Malware increase, DoS Attacks on Czech Banks, some updates to Oxygen Forensics Suite and a New tool from Magnet Forensics and a little levity. If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org. Tools: Oxygen Forensics … Continue reading Digital Forensics Case Leads: Email Scammers, Android Malware, DoS Against Banks, Tool Updates And A Few Good Reads.


Report Writing for Digital Forensics: Part II

This blog post is a second edition and follow-up toIntro to Report Writing for Digital Forensics., which you've taken the time to review, digest, and dissect. How the digital forensic practitioner presents digital evidence to his/her intended audience (Regardless, of why we are preparing a digital forensic report), establishes proficiency of the digital forensic examination. Let's take it even a step further, how will you present your findings? Effectively reporting what you found during your forensic examination will aid you in presenting your report and the digital evidence to whomever your intended audience will be, which ultimately may be a jury in a criminal or civil proceeding. In this blog post, we are going to tackle some more report writing issues. Remember, YMMV depending on what hat you wear in digital forensics

...


CaseLeads: China Cyber Espionage Exposed, Account Issues with Twitter and Plenty of Great How-To's

This week on Case Leads, we learn the truth of China's cyber espionage unit, Twitter verified accounts were hacked and there have been some updates to some of your favorite tools. If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to''caseleads@sans.org. Tools: HMFTwas given a small update. … Continue reading CaseLeads: China Cyber Espionage Exposed, Account Issues with Twitter and Plenty of Great How-To's