Week 38 – 2020

Alexis Brignoni at ‘Initialization Vectors’It’s alive! – Attachment links in Discord Abhiram KumarGetdents – Insomni’hack teaser 2020 Atropos4n6Has the user logged into this account, or not? (Google Chrome’s Login Data-Part 1) Alexi Michaels at CellebriteValidating Artifacts with Cellebrite BlackLight Chris Vance at ‘D20 Forensics’ macOS – Safari Preferences and Privacy iOS 14 – First Thoughts […]

Week 37 – 2020

We’re finishing up with Beta 2 for FOR308, and the course is scheduled to run next at DFIRCON in November. If you’re looking for an introductory DFIR class then look no further! As always, thanks to those who give a little back for their support! AbdulRhman Alfaifi at U0041Certutil Artifacts Analysis Atropos4n6Artifacts of Dropbox Usage […]

Week 36 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. This will be her last week, I can’t thank her enough for the assistance as the workload for the blog has just gone through the roof. With everything in life at the moment I don’t think the summaries will be coming […]

Week 35 – 2020

FOR308 Beta 2 is getting closer, starting September 8th! As this is a beta this is run at a discounted price before it goes live. You can register here! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their […]

Week 34 – 2020

Come watch the Forensic Happy Hour next week with Lee Reiber! Friday, 1700ET, which is 7AM for me, so a bit too early for a beer, but I’ll be there with copious amounts of coffee! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who […]

Week 33 – 2020

I mentioned that FOR308 Beta 2 was running next month, but I forgot that I’ll also be taking an in-person FOR500 class in Canberra, Australia next month too. And Lodrina will be interviewed by Lenny Zeltser from Axonius on August 19! Life As A CISO – Q&A with Lodrina Cherne Thanks to Lodrina for her […]

Week 32 – 2020

We’ve set a date for Beta 2 of our FOR308 class. Come join Kat and I for a week of Digital Forensic Essentials at a discounted price. Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. One post worth checking out is Lee Whitfield’s DFIR For Good post. I say […]

Week 31 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their support! FORENSIC ANALYSIS Belkasoft Whitepaper: Using Belkasoft Evidence Center to Uncover Cyber Threat Actors’ Persistence Mechanisms Roey Arato at Cellebrite How to Extract Evidence From Samsung Devices Using Cellebrite UFED […]

Week 30 – 2020

Last week, the Forensic 4Cast awards were held at the end of the virtual DFIR Summit. Congratulations to all the winners, as well as everyone nominated. Everyone nominated should really pat themselves on the back for a job well done, it’s quite an achievement! Thanks to the DFIR Community, Cellebrite Wins Multiple Times at Forensics […]

Week 29 – 2020

No Lodrina this week, taking a well deserved break after the recent SANS DFIR Summit, and her keynote. As always, thanks to those who give a little back for their support! FORENSIC ANALYSIS Andrew Rathbun at AboutDFIR Introducing AboutDFIR’s KAPE Guide Abhiram Kumar Writing a simple Volatility plugin Andrew Malec Investigating web shells Defcon 2019 memory […]