SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensics Case Leads: Google+, LinkedIn and Hacking Vodafone's network

With LinkedIn scoring the number two spot in social networking and Google+ trying to get up to speed it will make it an interesting time for social networks. There are some good reads by Little Mac, Harlan Carvey and Chris Pogue. See what Dilbert and BOFH are up to as well as checking out the … Continue reading Digital Forensics Case Leads: Google+, LinkedIn and Hacking Vodafone's network


What makes an expert?

I have recently been involved in a case where the argument came to one of who is an expert. This is not an uncommon attack when the issues at hand are not really in dispute and the opposing team wants to focus the case on other things. It may seem strange that a person with … Continue reading What makes an expert?


Windows Forensics In Depth — Ottawa, ON

SANS is coming to Ottawa, Ontario - August 28 - September 2, 2011. Among the courses offered will be Forensics 408: Computer Forensic Investigations - Windows In-Depth taught by Dave Hull who has nearly two decades of experience in IT and Information Security. In 2007 he founded Trusted Signal, an information security consultancy focused on … Continue reading Windows Forensics In Depth — Ottawa, ON


Computer Forensic Artifacts: Windows 7 Shellbags

As Windows Registry artifacts go, the "Shellbag" keys tend to be some of the more complicated artifacts we have to decipher. But they are worth the effort, giving an excellent means to prove the existence of files and folders along with user knowledge. Shellbags can be used to answer the difficult questions of data enumeration … Continue reading Computer Forensic Artifacts: Windows 7 Shellbags


Digital Forensics Case Leads: Massive eDisco Penalty, Dodd-Frank Law and Digital Forensics, It's Not Business, It's Personal

Legal, regulatory matters, and threats to Law Enforcement and members of the US armed forces top this edition of Digital Case Leads. An appeals court uphold a massive penalty against a company for not properly retaining electronically stored information (ESI). If the offending party doesn't cough up over $1,000,000 in penalties, a senior exec from … Continue reading Digital Forensics Case Leads: Massive eDisco Penalty, Dodd-Frank Law and Digital Forensics, It's Not Business, It's Personal