Cado SecuritySpinning YARN – A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence Django Faiola at ‘Appunti di Informatica Forense’ iOS Burner – Cache.db iOS Burner Forensic Science International: Digital InvestigationVolume 48 Invictus Incident ResponseThe mystery of the EnrichedOffice365AuditLogs solved Nik Alleyne at ‘Security Nik’**TOTAL RECALL 2024** – Memory Forensics Self-Paced Learning/Challenge/CTF […]

Jessica Hyde at HexordiaMobile Forensic Images and Acquisition Priorities BelkasoftAndroid WhatsApp Forensics. Part I: Acquisition Cyber 5WChromium based browsers Investigation Cyber TriageWindows Scheduled Tasks for DFIR Investigations Hendrik Eckardt at cyber.wtfRecovering data from broken appliance VMDKs Dark Data DiscoveryData Carving vs File Carving vs Disk Carving Doug Metz at Magnet ForensicsComae Memory and Network Analysis: […]

ForensafeInvestigating Android WhatsApp Lionel NotariiOS Unified Logs – WiFi and AirPlane Mode Stephan BergerAWS Ransomware Teri RadichelInvestigating, Containing, and Removing Malware on a Mac The Sleuth SheetHow to Transition From OSINT Practitioner to Intelligence Analyst Tyler Hudak at TrustedSecMailItemsAccessed Woes: M365 Investigation Challenges Allan Liska at ‘Ransomware Sommelier’LockBit Down! Jinghua Bai at APNICDeep dive into […]

Cado Security How to be IR Prepared in AWS How to be IR prepared in Azure DCSO CyTecOverview: Evidence Collection of Ivanti Connected Secure Appliances ForensafeInvestigating iOS TikTok PasswareFrom FileVault to T2: How to Deal with Native Apple Encryption Phill Moore, Zach Stanford and Ross Brittain at CyberCXNetScalers are under attack. Or… they were… Bill […]

Alexis Brignoni at ‘Initialization Vectors’What is cacheV0.db and why are there only images in it? Bullsh*t HuntingBullshit Hunting: Digital Forensics Edition Django Faiola at ‘Appunti di Informatica Forense’iOS WAZE Dr. Tristan Jenkinson at ‘The eDiscovery Channel’COPA v Wright – The Identity Question Takes Centre Stage Oleg Afonin at ElcomsoftBootloader-Level Extraction for Apple Hardware ForensafeInvestigating Android […]

Andrew MalecIvanti Connect Secure Auth Bypass and Remote Code Authentication CVE-2024-21887 BelkasoftHow to Acquire Digital Evidence with Android Screen Capturer in Belkasoft X Amanda Berlin at BlumiraMasked Application Attack Incident Report CCL SolutionsAn expert deep-dive on data formats Felix Aeppli at Compass SecurityDevice Code Phishing – Add Your Own Sign-In Methods on Entra ID Dr. […]

Ann BransomHunting for File Deletion Artifacts in Google File Stream Data Monica Harris at CellebriteHow Cellebrite and Relativity’s Mobile Advisory Board is Shaping the Future of Mobile eDiscovery Bret at Cyber GladiusThe Active Directory Access Control List Explained Cyber TriageDFIR Next Steps: What To Do When You Find Mimikatz Was Run ForensafeInvestigating iOS Voice Triggers […]

Alexis Brignoni at ‘Initialization Vectors’SQLite 3.45 introducing binary JSON BelkasoftThe Investigator’s Guide to Android Acquisition Methods. Part I: Device Nate Bill at Cado SecurityContainerised Clicks: Malicious use of 9hits on vulnerable docker hosts CCL SolutionsSQLite’s New Binary JSON Format Foxton ForensicsInvestigating Microsoft Teams IndexedDB data International Journal of Electronic Security and Digital ForensicsVolume 16 Issue […]

Cyber 5W Memory Forensics – Practical Example, Detect Classic Remote Process Injection Malware Analysis – How to Bypass Anti-Debugging Tricks – Part 1 Oleg Afonin at ElcomsoftWhen Extraction Meets Analysis: Cellebrite Physical Analyzer Matt Shannon at F-ResponseF-Response and Apple, 2024 Edition ForensafeInvestigating iOS Calls Oxygen ForensicsHuawei Forensics: Data Extraction and Encryption Pending InvestigationsDissect vs SysInternals […]

Amged WagehDriveFS Sleuth — Revealing The Hidden Intelligence Cado Security The Importance of Depth: Cloud Forensics Beyond Log Analysis  The Cado Platform can now Capture AWS EC2 Systems into E01 Format ElcomsoftA Comprehensive Guide to Essential Tools for Elcomsoft iOS Forensic Toolkit ForensafeInvestigating iOS Venmo Gerardo Santos at Security Art WorkClusterización de Amenazas y Threat Hunting Taz […]