SANS Digital Forensics and Incident Response Blog: Tag - super timeline

Java IDX Sample Files from Java Spearphishing Attack from SANS FOR508

Earlier this year, SANS created the most in-depth incident response training scenario that spans multiple systems in FOR508: Advanced Forensic Analysis and Incident Response. We discussed the entire scenario in a blog titled: "Is Anti-Virus Really Dead? A Real-World Simulation Created for Forensic Data Yields Surprising Results" One of the biggest complaints that many have … Continue reading Java IDX Sample Files from Java Spearphishing Attack from SANS FOR508


How to Make a Difference in the Digital Forensics and Incident Response Community

Over the years of teaching, I have found that there is no shortage of talent in our DFIR community. There are so many individuals that are incredibly sharp, truly skilled, and solving critical cases for their organizations. Sometimes we find that we become so focused on solving cases that we forget that we could figure … Continue reading How to Make a Difference in the Digital Forensics and Incident Response Community


SIFT Workstation 2.12 Release and ChangeLog

Due to several issues with libewf and minor bugs found in log2timeline and log2timline-sift, we have released a new version of the SIFT Workstation. This is not a major release, but I did have time to go and refresh many packages built in it. The next release will update the ubuntu backend and be a … Continue reading SIFT Workstation 2.12 Release and ChangeLog