FORENSIC ANALYSIS Matt at ‘Bit of Hex’ takes a look at the memory artefacts left behind by “a user running Tor Browser Bundle (TBB) on an external USB drive to access webmail, and a Tor hidden service.” Memory Forensics &Tor Igor and Oleg at Cyber Forensicator examine the artefacts created by the “pCloud desktop application […]

There were a few more requests for votes for Forensic 4Cast Awards. Belkasoft – Phone Forensic Software, and Computer Forensic Software of the Year AboutDFIR – Digital Forensic Investigator, and Digital Forensic Resource of the Year Magnet Forensics – Digital Forensic Organization, Phone Forensic Software, and Computer Forensic Software of the Year FORENSIC ANALYSIS Hideaki […]

Campaigning for the 4Cast Awards is in full swing; I think I got three emails about it last week! The link to vote is here. FORENSIC ANALYSIS Oleg Skulkin and Igor Mikhaylov at Cyber Forensicator take a look at the artefacts created by a couple of desktop apps for cloud storage providers. Cloud Forensics: Analyzing […]

Lee Whitfield at Forensic 4Cast has opened up voting for the 2018 Forensic 4Cast awards, held at the SANS DFIR Summit in Austin, Texas. Thanks to everyone that nominated ‘This Week in 4n6’ for blog of the year. Voting ends May 25th, so I’ll post this up a couple times before then to remind people […]

FORENSIC ANALYSIS Hideaki Ihara at the Port 139 blog posted a couple of times this week First, he takes a look at the Property store data block of a LNK file. Hideaki indicates that this data is not parsed in Plaso. LNK と Property Store Next, he looks at some of the timestamps stored in […]