SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Plugins galore, Adobe and phpMyAdmin hacked, Sophos AV eats its own head.

This month we're nearing the end of the flood of plugins for the Volatility memory analysis framework, we got a big update to the archive of RegRipper plugins and heard two tales of security companies with major security woes, one of which was self-inflicted. If you have an item you'd like to contribute to Digital … Continue reading Digital Forensics Case Leads: Plugins galore, Adobe and phpMyAdmin hacked, Sophos AV eats its own head.


More news on Flame & Stuxnet. Researchers publish findings on Elderwood Gang & the Comment Crew. New & Updated tools for mobile device forensics.

This week's CaseLeads features several findings from security researchers who have been studying Flame, Stuxnet and numerous state sponsored hackers. A couple of vendors have released new tools or updates to existing tools for those into mobile device forensics and malware analysis. If you have an item you'd like to contribute to Digital Forensics Case … Continue reading More news on Flame & Stuxnet. Researchers publish findings on Elderwood Gang & the Comment Crew. New & Updated tools for mobile device forensics.


Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leadsâ¦

In this week of Case Leads, Google buys VirusTotal, a new attack vector that counter cold-boot attack on RAMs, new tools that assist in malware detection and analysis, mozillas hidden camera!!! check it out! IPOD timestamps secrets comes to light, a hacker get caught while chatting, oops! The almighty Volatility update to 2.2 RC1 with … Continue reading Digital Forensics Case Leads: Giants are the biggest buyers, Freezing the cold-boot attack on disk encryption, dropping malware using the famous WhatsApp, Hacker get caught while chatting!!! IPOD, Android and SSDs, this week on Case Leads''


Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned

This week's Digital Forensic Case Leads is chock full of forensics nuggets. Links to great forensics tools for encryption detection and memory extraction, plus a how-to for breaking/auditing the OS X Keychain. You will also find an analysis of the Samsung v. Apple patent case from a digital forensics perspective, with IP Attorney Ben Langlotz. … Continue reading Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned


Case Leads: Object Access Logs, Perl Harbor and More.....

In this weeks SANS Case Leads we look at new tools, get updates to some cheat sheets, take a look at Object Access event logs, learn about cyber Perl Harbor and more! If you have an item you'd like to contribute toDigital Forensics Case Leads, please send it to caseleads@sans.org. Tools: Keep an eye out … Continue reading Case Leads: Object Access Logs, Perl Harbor and More.....