Alexis Brignoni at ‘Initialization Vectors’It’s alive! – Attachment links in Discord Abhiram KumarGetdents – Insomni’hack teaser 2020 Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Login Data-Part 1) Alexi Michaels at CellebriteValidating Artifacts with Cellebrite BlackLight Chris Vance at ‘D20 Forensics’ macOS – Safari Preferences and Privacy iOS 14 – First Thoughts […]

We’re finishing up with Beta 2 for FOR308, and the course is scheduled to run next at DFIRCON in November. If you’re looking for an introductory DFIR class then look no further! As always, thanks to those who give a little back for their support! AbdulRhman Alfaifi at U0041Certutil Artifacts Analysis Atropos4n6Artifacts of Dropbox Usage […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. This will be her last week, I can’t thank her enough for the assistance as the workload for the blog has just gone through the roof. With everything in life at the moment I don’t think the summaries will be coming […]

FOR308 Beta 2 is getting closer, starting September 8th! As this is a beta this is run at a discounted price before it goes live. You can register here! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their […]

Come watch the Forensic Happy Hour next week with Lee Reiber! Friday, 1700ET, which is 7AM for me, so a bit too early for a beer, but I’ll be there with copious amounts of coffee! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who […]

I mentioned that FOR308 Beta 2 was running next month, but I forgot that I’ll also be taking an in-person FOR500 class in Canberra, Australia next month too. And Lodrina will be interviewed by Lenny Zeltser from Axonius on August 19! Life As A CISO – Q&A with Lodrina Cherne Thanks to Lodrina for her […]

We’ve set a date for Beta 2 of our FOR308 class. Come join Kat and I for a week of Digital Forensic Essentials at a discounted price. Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. One post worth checking out is Lee Whitfield’s DFIR For Good post. I say […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their support! FORENSIC ANALYSIS Belkasoft Whitepaper: Using Belkasoft Evidence Center to Uncover Cyber Threat Actors’ Persistence Mechanisms Roey Arato at Cellebrite How to Extract Evidence From Samsung Devices Using Cellebrite UFED […]

Last week, the Forensic 4Cast awards were held at the end of the virtual DFIR Summit. Congratulations to all the winners, as well as everyone nominated. Everyone nominated should really pat themselves on the back for a job well done, it’s quite an achievement! Thanks to the DFIR Community, Cellebrite Wins Multiple Times at Forensics […]

No Lodrina this week, taking a well deserved break after the recent SANS DFIR Summit, and her keynote. As always, thanks to those who give a little back for their support! FORENSIC ANALYSIS Andrew Rathbun at AboutDFIR Introducing AboutDFIR’s KAPE Guide Abhiram Kumar Writing a simple Volatility plugin Andrew Malec Investigating web shells Defcon 2019 memory […]