SANS Digital Forensics and Incident Response Blog: Category - Evidence Acquisition

New version of Nmap, 60TB hard drives on the way, attacker trends, & a dissected web attack

This week's edition of Case Leads features updates to a popular network scanning tool and another application which may be useful in gaining access to encrypted documents. We also have an article detailing a recent attack against a website and a couple of papers that look at attack trends. There's news that hard drives could … Continue reading New version of Nmap, 60TB hard drives on the way, attacker trends, & a dissected web attack


Digital Forensic Case Leads: Report from the Forensic Expert Witness Conference, Judge: Viewing CP might NOT be possession, Mac crypto bug helps forensicators

Welcome to Digital Forensics Case Leads. Another a busy week in digital forensics, incident response and the law. In this edition: The SANS Computer Forensics Blog was at the Forensic Expert Witness Annual Conference, and your humble reporter asked a seasoned member of the bench: What is it like for a Judge to sit on … Continue reading Digital Forensic Case Leads: Report from the Forensic Expert Witness Conference, Judge: Viewing CP might NOT be possession, Mac crypto bug helps forensicators


Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections

Welcome to Digital Forensics Case Leads. It's a busy week in digital forensics, incident response and the law. In this edition: How the standards for obtaining a warrant for digital information might change. Do users really care about tracking and privacy online? Are anti-forensics and spoliation becoming more popular with the general public? Why Solid … Continue reading Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections


Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?

Case Leads is loaded for bear this week, after a week's break. Here is some of what you will find: * Are you ready for "The New Forensics"? If not, you might be left in the dust at trial. * What if the good guys adopted the organizing techniques of Anonymous? That's the goal behind … Continue reading Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?


Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011

This week's edition of Case Leads features a new version of REMnux for malware analysis and we have two tools for collecting forensic images from iPhone and Android devices. We also have a couple of articles on Android memory analysis and the use of Open Source digital forensics tools to validate commercial tools. As always, … Continue reading Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011