2021 Wrap Up

And that’s a wrap for 2021! Was it better than 2020? Maybe a little? Down in Sydney we spent a bit longer in lock-down here – 3-4 months I think it was this time around, but otherwise life was “COVID normal”. I can empathise with those that were hit hardest by this all, and thankfully […]

Week 52 – 2021

Alexis Brignoni at ‘Initialization Vectors’Android Tor Browser Thumbnails. What? Adam at Hexacorn Mapping Chrome extension IDs to their names Putting .inf files and NSRL database to a better use AhnLabCase of Ransomware Infection in a Company Using Local Administrator Accounts Set with Same Password Blake’s R&DMonitoring File mods through ETW and Velociraptor Matt Muir at […]

Week 51 – 2021

Brandon Lee at 4sysopsRecover deleted emails in Microsoft 365 Ahmed MusaadGoogle Workspace Security Investigation Tool BelkasoftiCloud acquisition and analysis with Belkasoft X Doug Metz at Baker Street Forensics Adding RAM collections to KAPE Triage CSIRT-Collect USB Dr. Neal Krawetz at ‘The Hacker Factor Blog’Apple and Fraud Elcomsoft More on checkm8 and USB Hubs, Upcoming iPhone […]

Week 50 – 2021

Starting off by mentioning a fantastic initiative by Chris Sanders. Contributing to Rural Tech Fund and a foodbank of your choosing will help people and you may just win a significant prize in return.Win My Golden Ticket! Sal Aziz at Magnet ForensicsAnatomy of a Business Email Compromise Investigation Andrea GaravagliaOrochi meets YARA Chris SandersA Cognitive […]

This Month In 4n6 – November – 2021

A monthly wrap-up of the DFIR news for November 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]

Week 49 – 2021

Joshua I. James at DFIRScienceiPhone forensics with Linux command line and bplister Forensafe Investigating Windows 10 Maps Investigating Computer Name Forensic-ResearchDigital Forensic Challenge 2020 [104] Jaron Bradley at The Mitten MacWhat does APT Activity Look Like on MacOS? Kyle Song Blog #32: Building a Forensic Environment with WSL & Chocolatey part 2. [EN] Blog #32: […]