Taking a break this week (and probably next week too) so no summaries, just links 🙂

FORENSIC ANALYSIS

• Amped Software
  Understanding how online services change images

• Articles
  Turning the Investigations Dial Toward Practice Over Theory

• Atola Technology
  Creating a logical image of a source drive

• Between Two DFIRns
  CyberChef: Example DFIR Use Cases

• Compass Security
  Forensic Readiness

• Cyber Forensicator
  • Forensic Acquisition of Cloud Drives
  • Volatility Memory Analysis: Building Linux Kernel Profiles
  • Digital Forensic Diaries
  • Native File Format for Preservation of Cloud Emails

• Digital Forensics Corp
  • How to repair a damaged SD card?
  • Reverse engineering guide for beginners
  • DFIR Infographics

• Gillware Digital Forensics
  Forensic Case Files: Samsung Galaxy S7 from a Fatal Motorcycle Crash

• SANS Internet Storm Center
  An Introduction to VolUtility, (Mon, Jun 12th)

• SecTor 2017
  How To Handle A Security Breach

• TrewMTE – Mobile & Technology Exploration
  WhatsApp network forensics

THREAT INTELLIGENCE/HUNTING

• Austin Taylor
  Detect Beaconing with Flare, Elastic Stack, and Intrusion Detection Systems

• Endgame
  Hunting In Memory

• Incident Response
  How To Create A Cybersecurity Playbook

• JPCERT/CC
  Research Report Released: Detecting Lateral Movement through Tracking Event Logs

• Vector8
  The Five Dimensions of Hunting
  

UPCOMING WEBINARS

• Guidance Software
  Overcoming Smartphone Forensics: Introduction to EnCase Mobile Investigator

• Magnet Forensics
  Webinar: The good, the bad, and the useless: the truth about geolocation data

• Paraben
  Paraben Corporation’s PFIC Innovation Conference

• Virus Bulletin
  VB2017: one of the most international security conferences

PRESENTATIONS/PODCASTS

• Digital Forensic Survival Podcast
  DFSP # 069 – Automated Memory Triage

• Guidance Software – YouTube
  100 Seconds with Lesley Carhart

• hasherezade – YouTube
  • Unpacking unknown malware
  • DEMO: ChimeraPE v0.2

• IronGeek
  ANYCon 2017

• MalwareAnalysisForHedgehogs – YouTube
  Malware Analysis – Alpha Ransomware

• Mobile Forensic Investigations – YouTube
  Mobile Forensic Minute 113

• Richard Davis – Youtube
  Windows Application Compatibility Forensics

MALWARE

• Cylance
  Threat Spotlight: Breaking Down FF-Rat Malware

• Cysinfo
  A Journey From Loki Bot Campaign To Venom Spyware

• FireEye Threat Research
  • Behind the CARBANAK Backdoor
  • FIN10: Anatomy of a Cyber Extortion Operation

• Fortinet
  MacRansom: Offered as Ransomware as a Service

• Malwarebytes Labs
  New Mac Malware-as-a-Service offerings

• Marco Ramilli’s Blog
  False Flag Attack on Multi Stage Delivery of Malware to Italian Organisations

• McAfee Labs
  McAfee Discovers Pinkslipbot Exploiting Infected Machines as Control Servers; Releases Free Tool to Detect, Disable Trojan

• Objective-See
  OSX/MacRansom; analyzing the latest ransomware to target macs

• SANS Internet Storm Center
  An Introduction to VolUtility, (Mon, Jun 12th)

• Securelist
  Nigerian phishing: Industrial companies under attack

• TrendMicro
  • Analyzing Xavier: An Information-Stealing Ad Library on Android
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware

• Trustwave SpiderLabs
  KOVTER and CERBER on a One-Two Punch using Fake Delivery Notification

• Virus Bulletin
  VB2016 paper: Diving into Pinkslipbot’s latest campaign
  

MISCELLANEOUS

• 4n6ir
  Layers Are Important

• ADF
  ADF Solutions Partners With Belkasoft To Provide Customers Mobile Computing Analysis Capability

• Comae Technologies
  Check out @comaeio’s Tweet

• ElcomSoft
  The New Google Authentication Engine in Elcomsoft Cloud Explorer 1.31

• Forensic Focus
  • Review Of Oxygen Forensic Detective From Oxygen Forensics
  • AccessData To Host Digital Forensics Lab At Cybersecurity Camp For Girls
  • Nuix And MSAB Announce Partnership To Streamline Computer And Mobile Forensics
  • Interview With Zuly Gonzalez, Co-Founder And CEO, Light Point Security

• Guidance Software
  Guidance Software Incorporates Webroot Threat Intelligence Into Encase Endpoint Security

• Hex Blog
  News about the x64 edition

• Hexacorn
  • Bye Bye EDR…
  • Welcome back, EDR!

• Inside Out
  • Evimetry v3 Released: Remote volatile memory support
  • Compiling Sleuth Kit with AFF4 support on MacOS

• Koala Scanner
  Check out @koala__scanner’s Tweet

• MicroSystemation
  • Mobile Forensics must keep up with the times
  • Get the most out of your mobile forensics tool by staying updated

• SANS Information Security Reading Room
  The Show Must Go On! The 2017 SANS Incident Response Survey

• SANS Internet Storm Center
  Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?, (Sat, Jun 17th)

• Sqrrl
  Building a Top-Tier Hunt Team: an Interview with Alan Orlikoski

• TrewMTE – Mobile & Technology Exploration
  iPhone – TDEL034 Tool Testing

SOFTWARE UPDATES

• Adam Witt
  Check out @_TrapLoop’s Tweet

• Belkasoft
  What’s new in BEC v.8.4

• EasyMetaData
  MetaDiver 3.1.1 is released

• Elcomsoft
  Elcomsoft Cloud Explorer 1.31 Features New Authentication Engine, Makes Use of Authentication Tokens

• F-Response
  F-Response Universal/Now 2.0.1.16 Released

• GetData
  • Forensic Explorer
    Forensic Explorer Updated – v3.9.8.6546
  • Mount Imager Pro
    Mount Image Pro Updated – v6.2.0.1701

• MISP
  MISP 2.4.75 released

• nosecurecode
  Updated SysmonView

• X-Ways
  X-Ways Forensics 19.3 Released

PRODUCT RELEASES

• Forensic Focus
  https://www.forensicfocus.com/News/article/sid=2910/ SuperImager® Plus 8” T3 – Linux/Windows Dual Boot – With Thunderbolt Port

And that’s all for Week 24! If you think I’ve missed something, or want me to cover something specifically hit me up through the contact page or on the social pipes!