I’m back! Thankfully was able to get the post done today before jetlag set in. I’ll probably do a recap of the trip this week if I get a chance to jot down some thoughts. Overall it was fantastic and I had a great time, but it’s good to get home; 4 weeks away is […]

  Another week of links only; I’m going to try get back to scheduled programming next week but that may be tough. Will do my best 🙂 FORENSIC ANALYSIS Port139 ActivitiesCache.dbとアクティビティ削除(3) Arsenal Consulting Quick Look Cache Parsing Arsenal Quick Look Cache Parsing Collecting Quick Look Data From a Live macOS System Cyber Forensicator TrueCrypt Container […]

Links only this week! FORENSIC ANALYSIS Port139 ActivitiesCache.dbとアクティビティ削除(2) Cloudy Forensics How to run Yara Rules during Incident Response Cyber Forensicator Darwin-Collector – collect key files for macOS investigations Windows Phone Physical Imaging Without JTAG and Chip-off Cyber Triage Using Volatility in Cyber Triage to Analyze Memory DFIR Science Testing File Systems for Digital Forensic Imaging […]

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog deletes some items out of the Win10 Timeline and shows that these events remain in the timeline database for a period (of unknown length) after the deletion. It would be good if he was to check the deleted records after a week or two and see […]

One more week of (vendor) campaigning for the Forensic 4Cast Awards! This will be my last mention of it before the actual awards, so if you haven’t already, head over here to vote! Magnet Forensics lists a few reasons why they deserve the Phone forensic tool of the year. 5 Reasons Magnet AXIOM Is Forensic […]

  Magnet Forensics wrote a blog post reminding you to go and vote in the Forensic 4Cast Awards. Only a couple more weeks till voting closes! 3 Reasons to Vote Magnet Forensics for Forensic 4:cast Digital Forensic Organization of the Year Brett Shavers at DFIR.Training shared some stats for the site, as well as asked […]