SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leadsâ¦

In this week of Case Leads, Google buys VirusTotal, a new attack vector that counter cold-boot attack on RAMs, new tools that assist in malware detection and analysis, mozillas hidden camera!!! check it out! IPOD timestamps secrets comes to light, a hacker get caught while chatting, oops! The almighty Volatility update to 2.2 RC1 with … Continue reading Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leads''


Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned

This week's Digital Forensic Case Leads is chock full of forensics nuggets. Links to great forensics tools for encryption detection and memory extraction, plus a how-to for breaking/auditing the OS X Keychain. You will also find an analysis of the Samsung v. Apple patent case from a digital forensics perspective, with IP Attorney Ben Langlotz. … Continue reading Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned


Case Leads: Object Access Logs, Perl Harbor and More.....

In this weeks SANS Case Leads we look at new tools, get updates to some cheat sheets, take a look at Object Access event logs, learn about cyber Perl Harbor and more! If you have an item you'd like to contribute toDigital Forensics Case Leads, please send it to caseleads@sans.org. Tools: Keep an eye out … Continue reading Case Leads: Object Access Logs, Perl Harbor and More.....


Digital Forensics Case Leads: Identifying TrueCrypt volumes with Volatility, Malware that can sneak into VM's and more....

In this week's SANS Case Leads, Malware that can sneak into Virtual Machines, watch those LastWriteTime timestamps, new tools, identifying TrueCrypt volumes with Volatility and much more'''' If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org Tools: Joachim Schicht posted a utility that can manipulate … Continue reading Digital Forensics Case Leads: Identifying TrueCrypt volumes with Volatility, Malware that can sneak into VM's and more....


This week we won't fill your hard drive up with tools but will stimulate your #DFIR memory

This week's edition of SANS Case Leads won't fill your hard drive up with tools but will stimulate your memory with lots of interesting #DFIR reads and news. For instance the HTCIA conference is offering a FREE Day Pass for the Vendor Expo.There will be OVER 60 BOOTHS THIS YEAR where vendors will be showcasing … Continue reading This week we won't fill your hard drive up with tools but will stimulate your #DFIR memory