SANS Digital Forensics and Incident Response Blog

Digital Forensics - Automotive Infotainment and Telematics Systems

Paul A. Henry - SeniorSans Instructor - phenry@sans.org MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE, ACE, GCFE, GCFA, GSEC, GICSP, GCED, GPPA, VCP4/5, VCP-DCV (5.5), vExpert Powerful Features There is a huge range of features now controlled / enabled by current generation automotive infotainment and telematics systems (Figure 1 - Source), including … Continue reading Digital Forensics - Automotive Infotainment and Telematics Systems


Webcast Summary: New SANS Cheat Sheet: A Guide to Eric Zimmerman's Command Line Tools

Thank you for attending the SANS New Cheat Sheet: "A Guide to Eric Zimmerman's Command Line Tools" webcast. For webcast slides and recording visit:http://www.sans.org/u/raj To download the Cheat Sheet visit:http://digital-forensics.sans.org/u/rao To download Eric's Command line tools visit:https://ericzimmerman.github.io/ In this webinar, Eric covered several tools that can be used to show evidence of execution … Continue reading Webcast Summary: New SANS Cheat Sheet: A Guide to Eric Zimmerman's Command Line Tools


Forensic 4:cast Awards Nomination Closing Date and News

Blog originally posted by Lee Whitfield, March 12th, 2017: http://dfir.to/2nFvLP5 Award Nomination submission page: http://dfir.to/4CAST2017 Deadline for submissions: March 31, 2017 A number of people have asked me about the closing date for the nominations for the Forensic 4:cast Awards. Well here it is: March 31, 2017. I will be accepting nominations … Continue reading Forensic 4:cast Awards Nomination Closing Date and News


Ken Johnson DFIR Scholarship

Ken Johnson, husband of Jessica Towle Johnson, and father of two beautiful young children, Savannah and Brady, was tragically taken from this life on April 4, 2016 at the age of 38. Ken was an amazing husband and father. He was married to his best friend on February 19, 2000. His love for his … Continue reading Ken Johnson DFIR Scholarship


Critiques of the DHS/FBI's GRIZZLY STEPPE Report

Author credit: FOR578 Threat Intelligence course Robert M. Lee Source: Blog originally posted 12/30/2016 Attend the Webcast:"Analyzing the DHS/FBI's GRIZZLY STEPPE Report" Jan 6 2017 at 1 pm ET On December 29th, 2016 the White House released a statement from the President of the United States (POTUS) that formally accused Russia of interfering with the … Continue reading Critiques of the DHS/FBI's GRIZZLY STEPPE Report