SANS Digital Forensics and Incident Response Blog: Tag - Case Leads

Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere

This week we found out the NetWire Remote Access Trojan claims to be able to infect everyone, the US Senate has blocked a much-debated cybersecurity bill, Dropbox shows it's great way to share the confidential data of Dropbox customers, British Telecom says somewhere between 100% and 0% of Android devices are compromised and cybercrime costs … Continue reading Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere


Digital Forensics Case Leads: Your Password Is Out There, again...

Data breaches at LinkedIn, eHarmony, and Last.fm exposed millions of account passwords, and probably other data that the attackers haven't made public. also a wealth of interesting new and updated tools. Among these are HexDive, SquirrelGripper, ShadowKit, and a Report Writing cheat sheet from Girl,Unallocated. Also worthy of particular note is Corey Harrell's Compromise Root Cause Analysis Model Continue reading Digital Forensics Case Leads: Your Password Is Out There, again...


Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline

This week's cornucopia of forensic goodness so thoroughly defies summary that I nearly gave up writing an introduction. But a few things do merit particular emphasis. First, the second DFIROnline meetup takes place tonightat 20:00 EST. Luminaries Harlan Carvey and Eric Huber will be presenting. Before then, however, you may want to take some time … Continue reading Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline


Digital Forensics Case Leads: Forensicsball, Forensic security analysis of Google Wallet, Sprint Disables CIQ

Innovations in timeline forensics, a forensic security analysis of the Google Wallet, and Sprint disables the CarrierIQ "root kit" top this edition of Digital Case Leads. In the 2011 Hollywood blockbuster Moneyball, Brad Pitt plays the part of the real-life Billy Bean, the manager of the Oakland A's baseball team. In the film, Brad Pitt's … Continue reading Digital Forensics Case Leads: Forensicsball, Forensic security analysis of Google Wallet, Sprint Disables CIQ


Digital Forensics Case Leads: SANS Goes Social, Fyodor Gets Mad and C|Net Apologizes

This week's Case Leads is chock full of forensic goodness. SANS Forensics goes social on both Facebook and Google+. Also, C|Net's Download.com ticks off Fyodor, If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org. Tools: The Giant Persistent Friend, Rob Lee, announced that SIFT 2.12 … Continue reading Digital Forensics Case Leads: SANS Goes Social, Fyodor Gets Mad and C|Net Apologizes