2017 Wrap Up

Another year has passed! I figured I did a wrap-up post last year so I decided I would do it again. (Most people relax on Sundays right? I wonder what that’s like…) This year has been as interesting as last year from a personal growth and development perspective. I decided to change a few things about […]

This Month In 4n6 – December – 2017

A monthly wrap-up of the DFIR news for December 2017. Thank you to those Patreon donors for the last month. I decided to go with the value-for-value model rather than advertising. If you get a little bit of value from the show, then I appreciate those that decide to give a little back. Alternatively, it would be great if […]

Week 52 – 2017

Last weekly post for the year! It’s both good and bad that the year ends on a Sunday. It does round things off nicely, but it also means that I have a podcast to put together next. Thank you to everyone that reads this every week, and also shares it around with others. I really […]

Week 51 – 2017

Merry Christmas and Happy Holidays! Hope everyone’s enjoying their break…although the last couple weeks have been 120+ links shared a week, and this week is no exception. FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog uses eventlogedit to delete an Event Log record. EventLogとEVTX There were a few posts by the guys at Cyber […]

Week 50 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog takes a look at registry transaction log files and shows to examine them using Maxim Suhanov’s YARP tool. RegistryとTransaction log files The guys at Cyber Forensicator shared a paper by Xingzi Yuan, Omid Setayeshfar, Hongfei Yan, Pranav Panage, Xuetao Wei, and Kyu Hyung Lee titled “DroidForensics: […]

Week 49 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog looks at deleting values from the Windows Registry. RegistryとFile format(3) Digital Forensics Corp shared an article by Jason Fenech at Altaro showing a few methods for accessing data on a VMDK. How to extract data from Virtual Machines Scar de Courcier at Forensic Focus has posted […]

Week 48 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog continues his examination of the Windows registry file format RegistryとFile format(2) There were a couple of posts by Digital Forensics Corp this week They provided a brief overview of Volatility Workbench by Passmark software. Volatility Workbench Overview They shared an article on InfoSecAddicts on iOS device […]