And that’s a wrap for 2021! Was it better than 2020? Maybe a little? Down in Sydney we spent a bit longer in lock-down here – 3-4 months I think it was this time around, but otherwise life was “COVID normal”. I can empathise with those that were hit hardest by this all, and thankfully […]
Alexis Brignoni at ‘Initialization Vectors’Android Tor Browser Thumbnails. What? Adam at Hexacorn Mapping Chrome extension IDs to their names Putting .inf files and NSRL database to a better use AhnLabCase of Ransomware Infection in a Company Using Local Administrator Accounts Set with Same Password Blake’s R&DMonitoring File mods through ETW and Velociraptor Matt Muir at […]
Brandon Lee at 4sysopsRecover deleted emails in Microsoft 365 Ahmed MusaadGoogle Workspace Security Investigation Tool BelkasoftiCloud acquisition and analysis with Belkasoft X Doug Metz at Baker Street Forensics Adding RAM collections to KAPE Triage CSIRT-Collect USB Dr. Neal Krawetz at ‘The Hacker Factor Blog’Apple and Fraud Elcomsoft More on checkm8 and USB Hubs, Upcoming iPhone […]
Starting off by mentioning a fantastic initiative by Chris Sanders. Contributing to Rural Tech Fund and a foodbank of your choosing will help people and you may just win a significant prize in return.Win My Golden Ticket! Sal Aziz at Magnet ForensicsAnatomy of a Business Email Compromise Investigation Andrea GaravagliaOrochi meets YARA Chris SandersA Cognitive […]
A monthly wrap-up of the DFIR news for November 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]
Joshua I. James at DFIRScienceiPhone forensics with Linux command line and bplister Forensafe Investigating Windows 10 Maps Investigating Computer Name Forensic-ResearchDigital Forensic Challenge 2020 [104] Jaron Bradley at The Mitten MacWhat does APT Activity Look Like on MacOS? Kyle Song Blog #32: Building a Forensic Environment with WSL & Chocolatey part 2. [EN] Blog #32: […]
Baki Onur Okutucu at 4sysopsManage Activity Logs in Azure using PowerShell Cyber Social HubAndroid Viber Forensics Digital Forensics Myanmar eCDFP (Disk Drives) – Part (2) eCDFP (Disk Drives) – Lab SSD Forensics Challenges (Part-2) SSD Forensics Challenges (Part-2) SSD Forensics Challenges (Part-2) Forensafe Investigating Evernote Investigating Printers Information Ian Whiffin at DoubleBlakResearching iOS Using ArtEx […]
Cado SecurityNew ESG Research Reveals 89% of Companies Negatively Impacted by Cloud Cyber-Attacks Prior to Full Investigation Chris Sistrunk, Ken Proska, Glen Chason, and Daniel Kapellmann at MandiantIntroducing Mandiant’s Digital Forensics and Incident Response Framework for Embedded OT Systems Digital Forensics Myanmar eCDFP (Data Representation & File Examination) (Part-3) eCDFP (Data Representation & File Examination) […]
Angry-Bender’s blog houseDFIR – Final result 1 – Powershell telemetry by Windows AT&T CybersecurityStories from the SOC – Powershell, Proxyshell, Conti TTPs OH MY! Benjamin Bruppacher at Compass SecurityDocker Forensics Digital Forensics Myanmar eCDFP (Data Representation & File Examination) (Part-1) eCDFP (Data Representation & File Examination) (Part-2) Robert Graham at Errata SecurityExample: forensicating the Mesa […]
BelkasoftMedia files forensics with Belkasoft X Heather Mahalik at Cellebrite Part 1: Walk-Through of Answers to the 2021 CTF – Investigating Heisenberg’s Android Device Part 2: Walk-Through of Answers to the 2021 CTF – Marsha’s PC Dan Maunz at CiscoNew Nexus Forensic Guide Dr. Brian Carrier at Cyber TriageCyber Triage on Azure: DFIR in the […]
