SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Open Source Forensics Edition

This week, the Open Source Digital Forensics Conference and the Open Memory Forensics Workshop were both held in Chantilly, VA, and the wealth of tools and knowledge coming out of these conferences was simply staggering. Of course, not everything this week revolved around, or arose out of, the Open Source Digital Forensics Conference. But there … Continue reading Digital Forensics Case Leads: Open Source Forensics Edition


Digital Forensics Case Leads: Plugins galore, Adobe and phpMyAdmin hacked, Sophos AV eats its own head.

This month we're nearing the end of the flood of plugins for the Volatility memory analysis framework, we got a big update to the archive of RegRipper plugins and heard two tales of security companies with major security woes, one of which was self-inflicted. If you have an item you'd like to contribute to Digital … Continue reading Digital Forensics Case Leads: Plugins galore, Adobe and phpMyAdmin hacked, Sophos AV eats its own head.


More news on Flame & Stuxnet. Researchers publish findings on Elderwood Gang & the Comment Crew. New & Updated tools for mobile device forensics.

This week's CaseLeads features several findings from security researchers who have been studying Flame, Stuxnet and numerous state sponsored hackers. A couple of vendors have released new tools or updates to existing tools for those into mobile device forensics and malware analysis. If you have an item you'd like to contribute to Digital Forensics Case … Continue reading More news on Flame & Stuxnet. Researchers publish findings on Elderwood Gang & the Comment Crew. New & Updated tools for mobile device forensics.


Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leadsâ¦

In this week of Case Leads, Google buys VirusTotal, a new attack vector that counter cold-boot attack on RAMs, new tools that assist in malware detection and analysis, mozillas hidden camera!!! check it out! IPOD timestamps secrets comes to light, a hacker get caught while chatting, oops! The almighty Volatility update to 2.2 RC1 with … Continue reading Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leads''


Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned

This week's Digital Forensic Case Leads is chock full of forensics nuggets. Links to great forensics tools for encryption detection and memory extraction, plus a how-to for breaking/auditing the OS X Keychain. You will also find an analysis of the Samsung v. Apple patent case from a digital forensics perspective, with IP Attorney Ben Langlotz. … Continue reading Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned