SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Brand New - Windows Memory Analysis In-Depth - Course Launch

Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. In 2013, SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer and developerJesse Kornblum, is incredibly comprehensive and SANS is proud to offer it … Continue reading Brand New - Windows Memory Analysis In-Depth - Course Launch


SANS Digital Forensics and Incident Response Summit - Call For Papers - Closing Soon

Dates: Summit Dates: - July 9-10, 2013 Post-Summit Course Dates: July 11-16, 2013 Summit Venue: Omni Hotel Downtown Austin 700 San Jacinto @ 8th Street Austin, TX 78701 Phone:(512) 476-3700 Fax: (512) 397-4888 Omni Hotel The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world,Austin, … Continue reading SANS Digital Forensics and Incident Response Summit - Call For Papers - Closing Soon


Digital Forensics Case Leads: Botnets and Updates Galore, A Few Good Reads and a Little Levity

In this issue of Case Leads with have several mobile device updates along with several other tools, botnets and Androids hit the news and a little levity. If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it tocaseleads@sans.org. Tools: Oxygen Forensics Suite have released version 5.0. It supports … Continue reading Digital Forensics Case Leads: Botnets and Updates Galore, A Few Good Reads and a Little Levity


Protecting Privileged Domain Accounts: PsExec Deep-Dive

[Author's Note: This is the 6th in a multi-part series on the topic of "Protecting Privileged Domain Accounts". My primary goal is to help incident responders protect their privileged accounts when interacting with comprised hosts, though I also believe this information will be useful to anyone administering and defending a Windows environment.] PsExec is an … Continue reading Protecting Privileged Domain Accounts: PsExec Deep-Dive


Digital Forensics Case Leads: Lots of oopsies

This week's edition of Case Leads covers an interview about the Onity Hotel lock oopsie, an oopsie involving overlooked artifacts in the Casey Anthony trial, the oopsie of dumping lots of confidential confetti at a parade, and the findings of the investigation into the Palmetto state oopsie. Many great tool updates (OllyDbg, bulk_extractor) and some … Continue reading Digital Forensics Case Leads: Lots of oopsies