Kevin RipaThe Truth About USB Device Serial Numbers – (and the lies your tools tell) BelkasoftWhy RAM dumping is so important and what tool to use? CellebriteIsolating Devices to Preserve Evidence Cheeky4n6MonkeyMonkey Attempts To Digest Some Google Takeout (DetectedActivitys) Digital Forensics MyanmarCHFI-V10-Dark Web-Note ForensafeInvestigating Windows Recycle Bin Herbie Zimmerman at “Lost in Security”2022-02-26 Quick Post […]
Abdallah Elnoty2019 Defcon DFIR CTF Write-up (Memory Forensics) Camille LoreParsing Google Voice Search CellebriteCellebrite Announces Fourth Quarter and Full Year 2021 Results Dr. Neal Krawetz at ‘The Hacker Factor Blog’Three Minute Forgeries Elcomsoft Dude, Where Are My Messages? GPU Acceleration On The Cheap: Using Affordable Video Cards to Break Passwords Faster ForensafeInvestigating PowerShell InfoSec Write-ups […]
ThinkDFIRTracking screenshots with LNK files Adam at HexacornAnalysing NSRL data set for fun and because… curious, Part 2 Awake SecurityForensic Investigation of the MEGAcmd Client Cellebrite Crime and Terrorism Have Changed: Today’s Investigators Rely on Digital Evidence How Digital Analysts Manage the Impact of Malware Nandeesha B at NII ConsultingThreat actor groups are targeting VMware […]
Digital Forensics MyanmarWindow Forensics With EZ-Tools (Part 1+2) diyinfosecWhy learning a Forensic Artifact matters? Elcomsoft checkm8 Extraction of iPhone 8, 8 Plus and iPhone X iPhone X, DFU mode and checkm8 Simon Wong at ExpelAttack trend alert: AWS-themed credential phishing technique ForensafeInvestigating User Accounts Lee Whitfield at Forensic 4castMac Randomization in Windows Forensic-Research [ART100] Digital […]
A monthly wrap-up of the DFIR news for January 2022. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]
Marco Fontani at AmpedHow To Check Video Integrity By Detecting Double Encoding With VPF Analysis CCL SolutionsUPDATE – Relativity Processing vs. Nuix Workstation Dr. Brian Carrier at Cyber TriageGeneral Purpose vs Specialized Digital Forensics Tools ForensafeInvestigating Cortana “Forensics – One Byte at a Time”Decrypting ‘Secret Calculator Photo Vault’ Febi Mudiyanto […]
Appalachian4n6AirTags within iOS File Systems BelkasoftWhere did this chat come from? The ‘Origin path’ concept in Belkasoft X Blake’s R&DMachine Learning and ETW Cado SecurityTechnical Indicators of Ukrainian Website Defacements James Lovato at CrowdStrikeMind the MPLog: Leveraging Microsoft Protection Logging for Forensic Investigations Krzysztof Gajewski at CyberDefNerdCan Windows Update fool you during the investigation? Digital […]
Bart Butler at ProtonMailA breakdown of a DKIM replay attack James Merritt at CCL SolutionsRelativity Processing vs. Nuix Workstation Roman Ferdigg at CertitudeRansomware Actor May Have Leaked Their Previous Victims Craig Ball at ‘Ball in your Court’Electronic Evidence Workbook 2022 Paul Pratley and Mark Goudie at CrowdStrikeCrowdStrike Services Offers Incident Response Tracker for the DFIR […]
David Cowen at the ‘Hacking Exposed Computer Forensics’ blogDaily Blog #703: Looking back at AWS EBS Direct Block access API ThinkDFIRI can see and hear you seeing and hearing me! Alex Caithness at CCL SolutionsAndroid ABX – Binary XML Cheeky4n6Monkey and Michael LacombeMike & the Monkey Dumpster Dive Into Samsung Gallery3d App Trash Doug Metz […]
DFIR ReviewValidation of X-Ways Forensics Evidence File Containers Kibaffo33At the roundabout, take the second exit… Daniela Elmi Best of Digital Forensics Cheatsheet Security Logs Dr. Neal Krawetz at ‘The Hacker Factor Blog’Sharing Research Elcomsoft Breaking BestCrypt Volume Encryption 5 Digital Evidence in Encrypted Backups Forensafe Investigating Task Scheduler Investigating Remote Desktop Connection MRU Hal Pomeranz […]
