Week 19 – 2019

Last chance to throw in your nomination for the 2019 Forensic 4Cast Awards. You can place your nominations, including for this site, here. The awards will be taking place at the annual SANS DFIR Summit in Austin, Texas, July 25-26 and the agenda has just been released.

Lots of great talks at the DFIR Summit this year as usual, including one from Lodrina, who is currently recovering from lifting unbelievably heavy things and putting them back down again! As a result just links only for her sections this week

As always, Thanks to those who give a little back for their support!

FORENSIC ANALYSIS

  • Joshua Hickman at ‘The Binary Hick’ takes a look at some useful artefacts relating to Apple CarPlay that can be found on an iPhone (full file system extraction and iTunes backup)
    Ridin’ With Apple CarPlay

THREAT INTELLIGENCE/HUNTING

UPCOMING WEBINARS/CONFERENCES

PRESENTATIONS/PODCASTS

MALWARE

MISCELLANEOUS

  • Jesse Spangenberger at Cyber Fēnix Tech comments on the benefits of specialisation when it comes to career progression
    Life Lessons Learned

SOFTWARE UPDATES

  • Eric Zimmerman updated RECmd, Timeline Explorer, and Evtxcmd
    ChangeLog

  • Maxim Suhanov released v1.0.0-beta12 of his DFIR_NTFS file system parser
    1.0.0-beta12

  • Kenneth Ray shared a new tool, aptly named YAFORTO, as well as his GIAC GCFE Gold Paper
    YAFORTO

And that’s all for the week! If you think I’ve missed something, or want me to cover something specifically hit me up through the contact page or on the social pipes!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s