Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Belkasoft have posted an article on examining LNK files and their potential as an attack vector for malicious actors Forensic Analysis Of LNK Files With Belkasoft […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS There’s a post on the attackd0gz blog walking through a packet capture examination to identify data exfil over wifi WiFi Forensics for Data Leakage David Milnes […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Alexis Brignoni at ‘Initialization Vectors’ examines the database on Android that stores app/widget/folder icons and positioning, as well as sharing a script to take the hard […]

Busy busy so links only this week! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Arsenal Recon BitLocker for DFIR – Part I The Office Document Cache and Introducing ODC Recon – Part I […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Marco Fontani at Amped demonstrates using Authenticate to detect a forgery First Things First: Learn How a Proper Visual Inspection Can Guide Your Image Authentication on […]

Lodrina and I were both busy this week so links only. I’m teaching this week in Singapore, so we’ll see how I go for next weeks post! As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Heather Mahalik at Cellebrite A First Look at iOS 13 – Here are […]

No Lodrina this week, so links only in the Threat Hunting and Malware Analysis sections this week. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Geri at ‘4n6 Ninja’ has started a blog and shares her research on iOS snapshots, and worked with Alexis Brignoni at ‘Initialization Vectors’ to […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Marco Fontani at Amped shares a fantastic featured in Authenticate where they’ve included samples as well as the associated analysis. Learning by Examples: You Have a […]

Lots of travelling between Lodrina and I this week so links only.  As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Alexis Brignoni at ‘Initialization Vectors’ Vendor binaries and data stores:  io-prefetcher.db Arman Gungor at Metaspike Dates in Hiding—Uncovering Timestamps in Forensic Email Examination Craig Ball at ‘Ball in […]

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS There were some writeups of the Defcon DFIR challenge by Adam Harrison and Antonio Sanz 2019 Unofficial Defcon DFIR CTF Writeup – DFA Crypto Challenge 2019 […]