Week 2 – 2018

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog took a look at the Win10 Thumbnail index database, thumbcache_idx.db. Win10 と Thumbnail Index  Brian Maloney stumbled across a Windows event log, Microsoft-Windows-MBAM/Operational, that tracks RemovableDriveMounted and RemovableDriveDismounted (event ID 39 and 40) Check out @bmmaloney97’s Tweet  There were a few posts on the Cyber Forensicator […]

Week 1 – 2018

Happy New Year! It was a bit hectic last week posting a few times on New Year’s Eve; in case you missed it, I posted my monthly podcast episode, as well as a wrap up for the year. FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog posted a couple of times this week The […]

2017 Wrap Up

Another year has passed! I figured I did a wrap-up post last year so I decided I would do it again. (Most people relax on Sundays right? I wonder what that’s like…) This year has been as interesting as last year from a personal growth and development perspective. I decided to change a few things about […]

Week 52 – 2017

Last weekly post for the year! It’s both good and bad that the year ends on a Sunday. It does round things off nicely, but it also means that I have a podcast to put together next. Thank you to everyone that reads this every week, and also shares it around with others. I really […]

Week 51 – 2017

Merry Christmas and Happy Holidays! Hope everyone’s enjoying their break…although the last couple weeks have been 120+ links shared a week, and this week is no exception. FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog uses eventlogedit to delete an Event Log record. EventLogとEVTX There were a few posts by the guys at Cyber […]

Week 50 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog takes a look at registry transaction log files and shows to examine them using Maxim Suhanov’s YARP tool. RegistryとTransaction log files The guys at Cyber Forensicator shared a paper by Xingzi Yuan, Omid Setayeshfar, Hongfei Yan, Pranav Panage, Xuetao Wei, and Kyu Hyung Lee titled “DroidForensics: […]

Week 49 – 2017

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog looks at deleting values from the Windows Registry. RegistryとFile format(3) Digital Forensics Corp shared an article by Jason Fenech at Altaro showing a few methods for accessing data on a VMDK. How to extract data from Virtual Machines Scar de Courcier at Forensic Focus has posted […]