SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Registry and Malware Analysis Tools, Preparing to Testify, and Virtual Machine Technology on Mobile Devices

This week's edition of Case Leads features a number of new tools and updates for a few of the old standbys. We have a collection of tools designed for studying malware found on Windows or Android platforms and a couple of new applications for registry analysis. Virtual machine technology is heading for Android based devices … Continue reading Digital Forensics Case Leads: Registry and Malware Analysis Tools, Preparing to Testify, and Virtual Machine Technology on Mobile Devices


UPDATED DigiNotarSSL Incident Response Report: No Logging, Weak Password, No Protected Network

On Monday evening, as the host of CyberJungleRadio, I received a copy of the then just published report that appears to be from the security firm Fox-IT, the company hired by DigiNotar to investigate the massive SSL breach. On page nine of the thirteen page report, a shocking series of security omissions are revealed: No … Continue reading UPDATED DigiNotarSSL Incident Response Report: No Logging, Weak Password, No Protected Network


Digital Forensics Case Leads: The Feds sue, Google users scammed, China and US tag team against porn sites

The Federal Government sues to block AT&T and T-Mobile, Google users in Iran arescammedand China and the US tag team on child porn sites. Check out the good reads on Jump Lists, Sticky Notes and Quicken. On the lighter side see what Dilbert is up to and also don't pick up any wooden iPads from … Continue reading Digital Forensics Case Leads: The Feds sue, Google users scammed, China and US tag team against porn sites


Understanding EXT4 (Part 5): Large Extents

Hal Pomeranz, Deer Run Associates I've received a lot of positive feedback from the forensics community about this series of articles, but what's really rewarding is when other forensics researchers teach me something I didn't know. I recently received an email from a colleague in Europe who was looking at the extent trees for a … Continue reading Understanding EXT4 (Part 5): Large Extents


Free iPad2 or iPhone5 Promotion: FOR408 Windows Forensics in Toronto, CA

Join the following Community SANS Events and receive a $500 Apple gift card to be used towards the iPad of your choice (or perhaps towards a new iPhone 5!). Offer is eligible on regular priced tuition purchase only and you will receive the card during your class. Offer is valid on the following events. To … Continue reading Free iPad2 or iPhone5 Promotion: FOR408 Windows Forensics in Toronto, CA