SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Anti-virus is not enough to defeat APT groups

In last week's story about the New York Times breach, you read that thebest-selling anti-virus system failed entirely. Every organization thathas gone through a targeted attack learns that same lesson and - toolate - develops an in-house forensics and threat analysis capability. (The commercial incident handling companies charge as much as $1,000 an hour after … Continue reading Anti-virus is not enough to defeat APT groups


Jake Williams' Tips on Malware Analysis and Reverse-Engineering

In this interview, Jake Williams discusses his perspectives on getting into digital forensics, crafting a strong malware analysis reports and making use of the analyst's findings. Jake is an incident responder extraordinaire, who teaches SANS' FOR610: Reverse-Engineering Malware course. Continue reading Jake Williams' Tips on Malware Analysis and Reverse-Engineering


Digital Forensics Case Leads: When the news is the news

This week's case leads has several new tool updates and some interesting articles about reverse engineering, database forensics and a new forensics challenge. However, the big stories this week were about the recent break ins at the New York Times and the Wall Street Journal. If you have an item you'd like to contribute to … Continue reading Digital Forensics Case Leads: When the news is the news


Case Leads: Backtrack Soon to be Back as Kali, Why Logs Should Really be Reviewed, the Impact of DDoS Against US Banks, Hard Drives with Bad Sectors and Data Recovery

This week's edition of CaseLeads features a teaser from the Backtrack developers, a case study from Verizon which demonstrates the need for regular log review, a report on the impact of the recent DDoS attacks against US banks and an article about challenges in recovering data from hard drives. If you have an item you'd … Continue reading Case Leads: Backtrack Soon to be Back as Kali, Why Logs Should Really be Reviewed, the Impact of DDoS Against US Banks, Hard Drives with Bad Sectors and Data Recovery


Special - SANS Online Digital Forensics and Incident Response Courses

FOR408: Computer Forensic Investigations - Windows In-Depth Mar 18, 2013 - Apr 24, 2013 w/Ovie Carroll http://www.sans.org/vlive/details/for408-mar-2013-ovie-carroll FOR508: Advanced Computer Forensic Analysis and Incident Response Mar 19, 2013 - Apr 25, 2013 w/ Chad Tilbury & Alissa Torres http://www.sans.org/vlive/details/for508-mar-2013-chad-tilbury FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques Mar 28, 2013 - Apr 29, 2013 w/ … Continue reading Special - SANS Online Digital Forensics and Incident Response Courses