SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Got Malware?

This week on Case Leads, it's mostly about the malware. A new tool called Maltrieve will help retrieve it for analysis, articles on Java *.idx files and NTFS artifacts can help us find it post-mortem, and security software companies get pwned by it. Joking aside though, if you're scoffing at Bit9 this week, you should … Continue reading Digital Forensics Case Leads: Got Malware?


Announcing: The 2013 SANS Digital Forensics and Incident Response Summit Agenda

http://www.sans.org/event/dfir-summit-2013 AGENDA PDF DOWNLOAD Tuesday, July 9, 2013 Time Room 1 Room 2 7:00am - 8:00am Registration | Networking Breakfast Presented By 8:00am - 8:10am Welcome and Introduction to the 2013 Digital Forensics and Incident Response Summit Rob Lee & Alissa Torres- Summit Chairs Digital Forensics and Incident Response Summit 8:10am - 9:10am Digital Forensics … Continue reading Announcing: The 2013 SANS Digital Forensics and Incident Response Summit Agenda


Anti-virus is not enough to defeat APT groups

In last week's story about the New York Times breach, you read that thebest-selling anti-virus system failed entirely. Every organization thathas gone through a targeted attack learns that same lesson and - toolate - develops an in-house forensics and threat analysis capability. (The commercial incident handling companies charge as much as $1,000 an hour after … Continue reading Anti-virus is not enough to defeat APT groups


Jake Williams' Tips on Malware Analysis and Reverse-Engineering

In this interview, Jake Williams discusses his perspectives on getting into digital forensics, crafting a strong malware analysis reports and making use of the analyst's findings. Jake is an incident responder extraordinaire, who teaches SANS' FOR610: Reverse-Engineering Malware course. Continue reading Jake Williams' Tips on Malware Analysis and Reverse-Engineering


Digital Forensics Case Leads: When the news is the news

This week's case leads has several new tool updates and some interesting articles about reverse engineering, database forensics and a new forensics challenge. However, the big stories this week were about the recent break ins at the New York Times and the Wall Street Journal. If you have an item you'd like to contribute to … Continue reading Digital Forensics Case Leads: When the news is the news