SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Case Leads: Report on Emerging Cyber Threats, Updates to Forensics Applications, Malware Trends, and more.

This week's edition of CaseLeads features a report on emerging cyber threats, another report about malware and vulnerabilities,research about the head of a new anti-virus firm, updates to the Oxygen Forensics Suite and Memoryze for the Mac. There's also a story about how email led to several discoveries in the case of theCIA director that … Continue reading Case Leads: Report on Emerging Cyber Threats, Updates to Forensics Applications, Malware Trends, and more.


Case Leads: Real-time visualisation of attacks; Tracking Emails through headers; Coke gets hacked?; Quantum physics in digital forensics!; UK cybercrime victims gets IR team

In this week of Case Leads, Coke gets hacked and act silently. Cyber attack on Russian Government releasing 2.5 million records!!! A scottish research demonstrating how can Quantum Physics assist in solving e-crimes, Russia's cybercrime market to the light, UK cybercrime victims hire IR teams to investigate, Why SSD drives destroy court evidence? Real-time visualisation … Continue reading Case Leads: Real-time visualisation of attacks; Tracking Emails through headers; Coke gets hacked?; Quantum physics in digital forensics!; UK cybercrime victims gets IR team


Case Leads: DFIR Lessons from Sandy; The Advanced Persistent Intruder; The Secure Breach; Windows8 Forensics; South Carolina Tax Info Protected by "TWO FIREWALLS"

The general public is getting a lesson in incident response with the post Hurricane Sandy storm damage in the Northeastern part of the United States. Your case leads blogger is working on incident responses related to the storm. Many non-technical professionals have had a chance to witness the challenges of DFIR. And some are starting … Continue reading Case Leads: DFIR Lessons from Sandy; The Advanced Persistent Intruder; The Secure Breach; Windows8 Forensics; South Carolina Tax Info Protected by "TWO FIREWALLS"


Get a MacBook Air, Toshiba Portege Ultrabook, or $850 Savings with SANS Online Training

The SANS Institute is providing your choice of a MacBook Air, Toshiba Portege Ultrabook, or $850 discount to students who register and pay for a qualifying* SANS vLive or OnDemand course by 11/28/12. Note: A SANS FOR508 - vlive - starts Nov 13 taught by Rob Lee, Chad Tilbury, and Alissa Torres. Sign up now! … Continue reading Get a MacBook Air, Toshiba Portege Ultrabook, or $850 Savings with SANS Online Training


Help Improve EDD - Encrypted Disk Detector!

Device acquisition may not be the sexiest phase of digital forensics, but it has the most number of pitfalls and can result in catastrophic loss. If a practitioner makes a mistake during acquisition, the investigation may simply be over, with nothing left to examine. Establishing an acquisition process is important, and a critical part of … Continue reading Help Improve EDD - Encrypted Disk Detector!