Written by Phill MooreFebruary 22, 2026

Week 08 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Chamindu PushpikaScattered Spider Uncaged – The AB Projekt Blue Investigation Elcomsoft Perfect Acquisition: The True Physical Acquisition Forensic Analysis of Windows 10 and 11 Event Logs Magnet ForensicsWindows Forensics: Understanding and Analyzing Pagefile.sys Artifacts Marco Neumann at ‘Be-binary 4n6’ BUBBLES!!! BUBBLES! […]

Written by Phill MooreFebruary 15, 2026

Week 07 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Atola TechnologyMaster Your Drives with MultiDrive BerlaEstablishing Occupant Actions & Involvement Elcomsoft Choosing the Right Strategy: Cold Boot Forensics vs Live System Analysis Perfect Acquisition With Passcode Unlock for A8/A8X Devices Investigating Windows Registry ForensafeiOS Geolocation Jordan MussmanMac Forensics in 2026 […]

Written by Phill MooreFebruary 8, 2026

Week 06 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Chris at AskCleesDecrypting Threema4.db Mike Wilkinson at Cyber TriageConfiguring Your System for IR: Windows Logging Derek EiriExploring frame-counts-galore and hashing pixel data Oleg Afonin at ElcomsoftLive System Analysis: Mitigating Interference from Antivirus Tools ForensafeAndroid Threema Kenneth G Hartman at Lucid Truth […]

Written by Phill MooreFebruary 1, 2026

Week 05 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. BerlaFinding Previous Locations Without Geolocation Data Forensafe Android CoverMe iOS Timezone Information Hideaki Ihara at port139Win 11 25H2 におけるSRUM検証 Matthew PlascenciaLinux Kidnapping Case Maxim SuhanovWindows event logs were cleared, but resurrected in another file! Monty Shyama Freezing the Crime Scene: A […]

Written by Phill MooreJanuary 25, 2026

Week 04 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Digital Forensics Myanmar Network Action Predictor (Browser Forensic) SSD Recovery, Limitation and Suggestion Nicholas Dubois at HexordiaThe Secret Header: How iMessage Link Previews “Skip” YouTube Ads Hideaki Ihara at port139 AIによる低レイヤ解析：Ext4/Ext3ディレクトリエントリ削除の論理とバイナリの変容 Windows 11 IME履歴を解き明かす Velociraptor 調査の舞台裏：Windows.Triage.Targets の解析とカスタマイズ取得対象のダミーファイルを作成する：Test-ForensicCollection.ps1 Matthew PlascenciaDisassemble that […]

Written by Phill MooreJanuary 18, 2026January 18, 2026

Week 03 – 2026

BerlaConnecting Occupants to Vehicles Through Device Data Damien AttoeA Forensic Look at the Grok Android App Oleg Afonin at Elcomsoft Browser Forensics in 2026: App-Bound Encryption and Live Triage Web Browser Forensics in Digital Triage ForensafeBelkaCTF #6: Bogus Bill Kenneth G Hartman at Lucid Truth TechnologiesBFU vs AFU: What Attorneys Need to Know About Phone […]

Written by Phill MooreJanuary 11, 2026

Week 02 – 2026

No sponsor this week. If your organisation is interested, head over here to find out more. Akash PatelCase Studies: Building Effective Timelines with Plaso (Log2Timeline) Christian Peter“Far over the misty mountains cold – iLEAPP Threema Parser” Derek EiriExtracting and Matching Faces with API Forensics’ Exponent Faces Martin Korman at DFIR DudesRegipy MCP: Natural Language Registry […]

Written by Phill MooreJanuary 4, 2026

Week 01 – 2026

Strengthen Your Identity Posture Before Attackers Find the Gaps In this cheat sheet, you’ll discover:• The four highest-risk identity categories to remediate today.• A step-by-step ISPM maturity model and 90-day implementation plan.• How to eliminate toxic permissions, enforce MFA, and remove dormant identities at scale. Download the ISPM Cheat Sheet Sponsored by Permiso Damien AttoeThe […]

Written by Phill MooreDecember 28, 2025