Week 18 – 2019

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Marco Fontani at Amped demonstrate examining pictures using Authenticate’s hex viewer Even the (Byte)Streams Can Tell More Than It Seems: Learn How to Spot Hidden Data […]

This Month In 4n6 – April – 2019

A monthly wrap-up of the DFIR news for April 2019. Nominate “This Week in 4n6” for a Forensic 4Cast Award Thank you to those Patreon donors for the last month. I decided to go with the value-for-value model rather than advertising. Alternatively, it would be great if you could leave an iTunes review. If you are a Patreon donor […]

Week 17 – 2019

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Eric Zimmerman has released an Event Log parsing utility, EvtxECmd Introducing EvtxECmd!!  Damian Pfammatter at Compass Security explains the various event log entries that are useful […]

Week 16 – 2019

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Andrea Fortuna at ‘So Long, and Thanks for All the Fish’ demonstrates how to extract useful data from the pagefile using strings, grep, and YARA How […]

Week 15 – 2019

As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Brian Moran has updated the BriMor Live Response Collection to include many more Mac artifacts including logs and browser history; there’s a few Windows collection updates as well! Live Response Collection – Cedarpelta Danny Garcia at Cellebrite gives an overview […]

Week 14 – 2019

Thanks to Lodrina for her contributions As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Richard Frawley at ADF posted a couple of articles this week He describes how to perform a RAM capture Collect RAM on a Live Computer And demonstrates how to use DEI to boot scan […]

This Month In 4n6 – March – 2019

A monthly wrap-up of the DFIR news for March 2019. **** Apologies for the sound quality up front. I had some bad luck that meant my laptop died last week, so was using a loaner and turns out it recorded with the inbuilt mic instead of my proper one. **** Nominate “This Week in 4n6” […]