SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Macs do need antivirus after all and Pastebin may start cutting what hackers paste

This week's Case Leads brought us anoutbreak of a trojan exploiting a Java flawthat has infected hundreds of thousands of Macs,several new tool releases, news (and humor) about forensic awards, and an announcement by Pastebin that they are taking action against people posting sensitive data on their site. If you have an item you'd like … Continue reading Digital Forensics Case Leads: Macs do need antivirus after all and Pastebin may start cutting what hackers paste


Digital Forensics Case Leads: Bulk_extractor how-to, Verizon Report, FTK review, China prime suspect in RSA and other incidents

In this week's edition of Case Leads we have a how-to for Bulk_extractor's find feature, first impressions on the new database options in FTK, an extension for log2timeline for parsing the cache in Firefox, the Verizon data breach report, and statements by current and former US government officials about Stuxnet and China. If you have … Continue reading Digital Forensics Case Leads: Bulk_extractor how-to, Verizon Report, FTK review, China prime suspect in RSA and other incidents


Forensically mining new nuggets of Google Chrome

I was recently creating some slides on Chrome forensics for a class I'm teaching, when I really discovered for the first time just how popular it's actually become. As of last month, according to http://www.w3schools.com/browsers/browsers_stats.asp, Chrome is not only 50% more popular than internet Explorer, but is actually neck and neck with Firefox (36.6% vs. … Continue reading Forensically mining new nuggets of Google Chrome


Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.

In this weeks CaseLeads, there's a bunch of new useful tools that might come in handy in certain situations while handling incidents'' PDF Analysis, Malware Analysis, Honeypots and MAC forensics! A sequel of a multi-part series on protecting our credentials whilehandling incidents. When some weird registry keys appear in log2timeline results, you discover an attack … Continue reading Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.


Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections

Welcome to Digital Forensics Case Leads. It's a busy week in digital forensics, incident response and the law. In this edition: How the standards for obtaining a warrant for digital information might change. Do users really care about tracking and privacy online? Are anti-forensics and spoliation becoming more popular with the general public? Why Solid … Continue reading Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections