Week 2 – 2018

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog took a look at the Win10 Thumbnail index database, thumbcache_idx.db. Win10 と Thumbnail Index  Brian Maloney stumbled across a Windows event log, Microsoft-Windows-MBAM/Operational, that tracks RemovableDriveMounted and RemovableDriveDismounted (event ID 39 and 40) Check out @bmmaloney97’s Tweet  There were a few posts on the Cyber Forensicator […]

Week 1 – 2018

Happy New Year! It was a bit hectic last week posting a few times on New Year’s Eve; in case you missed it, I posted my monthly podcast episode, as well as a wrap up for the year. FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog posted a couple of times this week The […]

2017 Wrap Up

Another year has passed! I figured I did a wrap-up post last year so I decided I would do it again. (Most people relax on Sundays right? I wonder what that’s like…) This year has been as interesting as last year from a personal growth and development perspective. I decided to change a few things about […]

This Month In 4n6 – December – 2017

A monthly wrap-up of the DFIR news for December 2017. Thank you to those Patreon donors for the last month. I decided to go with the value-for-value model rather than advertising. If you get a little bit of value from the show, then I appreciate those that decide to give a little back. Alternatively, it would be great if […]

Week 52 – 2017

Last weekly post for the year! It’s both good and bad that the year ends on a Sunday. It does round things off nicely, but it also means that I have a podcast to put together next. Thank you to everyone that reads this every week, and also shares it around with others. I really […]

Week 51 – 2017

Merry Christmas and Happy Holidays! Hope everyone’s enjoying their break…although the last couple weeks have been 120+ links shared a week, and this week is no exception. FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog uses eventlogedit to delete an Event Log record. EventLogとEVTX There were a few posts by the guys at Cyber […]

Week 50 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog takes a look at registry transaction log files and shows to examine them using Maxim Suhanov’s YARP tool. RegistryとTransaction log files The guys at Cyber Forensicator shared a paper by Xingzi Yuan, Omid Setayeshfar, Hongfei Yan, Pranav Panage, Xuetao Wei, and Kyu Hyung Lee titled “DroidForensics: […]