SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

This week we won't fill your hard drive up with tools but will stimulate your #DFIR memory

This week's edition of SANS Case Leads won't fill your hard drive up with tools but will stimulate your memory with lots of interesting #DFIR reads and news. For instance the HTCIA conference is offering a FREE Day Pass for the Vendor Expo.There will be OVER 60 BOOTHS THIS YEAR where vendors will be showcasing … Continue reading This week we won't fill your hard drive up with tools but will stimulate your #DFIR memory


New Advanced Persistent Threat Based - FOR508 Released in On-Demand

It begins on Day 0: A 3-4 letter government agency contacts your organization about some data that was found at another location. Don't ask us how we know, but you should probably check out several of your systems. You are compromised by the APT. Most organizations are left speechless as 90% of all intrusions are … Continue reading New Advanced Persistent Threat Based - FOR508 Released in On-Demand


Advanced Persistent Threats Can Be Beaten

Reprinted fromhttp://www.csoonline.com/article/709239/advanced-persistent-threats-can-be-beaten-says-expert Advanced persistent threats can be beaten, says expert Detection is key, but how you respond to APTs is equally important ByTaylor Armerding August 06, 2012''"CSO''" Officially,advanced persistent threats (APTs)from China are not even happening. But everybody in information security, especially those trying to protect enterprises from economic espionage, knows that APTs, typically originating … Continue reading Advanced Persistent Threats Can Be Beaten


Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere

This week we found out the NetWire Remote Access Trojan claims to be able to infect everyone, the US Senate has blocked a much-debated cybersecurity bill, Dropbox shows it's great way to share the confidential data of Dropbox customers, British Telecom says somewhere between 100% and 0% of Android devices are compromised and cybercrime costs … Continue reading Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere


Black Hat edition featuring stealthy hardware and software based attacks, advice for new InfoSec professionals, a malware quiz and more

This week's "Black Hat" edition of CaseLeads features an exclusive interview with David Kennedy who talks about stealthy, non-APT related attacks. In keeping with the stealth theme, we have an article about a new Pwn device from Pwnie Express and DARPA as well as an article about one of the founders of Kaspersky. NIST has … Continue reading Black Hat edition featuring stealthy hardware and software based attacks, advice for new InfoSec professionals, a malware quiz and more