SANS Digital Forensics and Incident Response Blog: Category - Evidence Acquisition

Digital Forensic Case Leads: Report from the Forensic Expert Witness Conference, Judge: Viewing CP might NOT be possession, Mac crypto bug helps forensicators

Welcome to Digital Forensics Case Leads. Another a busy week in digital forensics, incident response and the law. In this edition: The SANS Computer Forensics Blog was at the Forensic Expert Witness Annual Conference, and your humble reporter asked a seasoned member of the bench: What is it like for a Judge to sit on … Continue reading Digital Forensic Case Leads: Report from the Forensic Expert Witness Conference, Judge: Viewing CP might NOT be possession, Mac crypto bug helps forensicators


Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections

Welcome to Digital Forensics Case Leads. It's a busy week in digital forensics, incident response and the law. In this edition: How the standards for obtaining a warrant for digital information might change. Do users really care about tracking and privacy online? Are anti-forensics and spoliation becoming more popular with the general public? Why Solid … Continue reading Digital Forensics Case Leads: SSD Forensics; WebCams, Privacy and The Law; Anit-Forensics Goes Mainstream; Forensics Comes To The US Elections


Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?

Case Leads is loaded for bear this week, after a week's break. Here is some of what you will find: * Are you ready for "The New Forensics"? If not, you might be left in the dust at trial. * What if the good guys adopted the organizing techniques of Anonymous? That's the goal behind … Continue reading Digital Forensics Case Leads: The New Forensics, The CyberMilitia and Bill Gates Gets Behind Open Source?


Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011

This week's edition of Case Leads features a new version of REMnux for malware analysis and we have two tools for collecting forensic images from iPhone and Android devices. We also have a couple of articles on Android memory analysis and the use of Open Source digital forensics tools to validate commercial tools. As always, … Continue reading Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011


Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?

The Paraben Forensics Innovator's Conference was held last week in Park City, Utah. Your SANS Digital Forensic blogger attended the event, along with over 300 fellow, forensicators and lawyers. With information security events like BlackHat, and DefCon drawing thousands, this is yet another small event that has many advantages over the larger conferences. At these … Continue reading Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?