David Cowen at the ‘Hacking Exposed Computer Forensics’ blogDaily Blog #703: Looking back at AWS EBS Direct Block access API ThinkDFIRI can see and hear you seeing and hearing me! Alex Caithness at CCL SolutionsAndroid ABX – Binary XML Cheeky4n6Monkey and Michael LacombeMike & the Monkey Dumpster Dive Into Samsung Gallery3d App Trash Doug Metz […]

DFIR ReviewValidation of X-Ways Forensics Evidence File Containers Kibaffo33At the roundabout, take the second exit… Daniela Elmi Best of Digital Forensics Cheatsheet Security Logs Dr. Neal Krawetz at ‘The Hacker Factor Blog’Sharing Research Elcomsoft Breaking BestCrypt Volume Encryption 5 Digital Evidence in Encrypted Backups Forensafe Investigating Task Scheduler Investigating Remote Desktop Connection MRU Hal Pomeranz […]

And that’s a wrap for 2021! Was it better than 2020? Maybe a little? Down in Sydney we spent a bit longer in lock-down here – 3-4 months I think it was this time around, but otherwise life was “COVID normal”. I can empathise with those that were hit hardest by this all, and thankfully […]

Alexis Brignoni at ‘Initialization Vectors’Android Tor Browser Thumbnails. What? Adam at Hexacorn Mapping Chrome extension IDs to their names Putting .inf files and NSRL database to a better use AhnLabCase of Ransomware Infection in a Company Using Local Administrator Accounts Set with Same Password Blake’s R&DMonitoring File mods through ETW and Velociraptor Matt Muir at […]

Brandon Lee at 4sysopsRecover deleted emails in Microsoft 365 Ahmed MusaadGoogle Workspace Security Investigation Tool BelkasoftiCloud acquisition and analysis with Belkasoft X Doug Metz at Baker Street Forensics Adding RAM collections to KAPE Triage CSIRT-Collect USB Dr. Neal Krawetz at ‘The Hacker Factor Blog’Apple and Fraud Elcomsoft More on checkm8 and USB Hubs, Upcoming iPhone […]

Starting off by mentioning a fantastic initiative by Chris Sanders. Contributing to Rural Tech Fund and a foodbank of your choosing will help people and you may just win a significant prize in return.Win My Golden Ticket! Sal Aziz at Magnet ForensicsAnatomy of a Business Email Compromise Investigation Andrea GaravagliaOrochi meets YARA Chris SandersA Cognitive […]

Joshua I. James at DFIRScienceiPhone forensics with Linux command line and bplister Forensafe Investigating Windows 10 Maps Investigating Computer Name Forensic-ResearchDigital Forensic Challenge 2020 [104] Jaron Bradley at The Mitten MacWhat does APT Activity Look Like on MacOS? Kyle Song Blog #32: Building a Forensic Environment with WSL & Chocolatey part 2. [EN] Blog #32: […]

Baki Onur Okutucu at 4sysopsManage Activity Logs in Azure using PowerShell Cyber Social HubAndroid Viber Forensics Digital Forensics Myanmar eCDFP  (Disk Drives) – Part (2) eCDFP  (Disk Drives) – Lab SSD Forensics Challenges  (Part-2) SSD Forensics Challenges  (Part-2) SSD Forensics Challenges (Part-2) Forensafe Investigating Evernote Investigating Printers Information Ian Whiffin at DoubleBlakResearching iOS Using ArtEx […]

Cado SecurityNew ESG Research Reveals 89% of Companies Negatively Impacted by Cloud Cyber-Attacks Prior to Full Investigation Chris Sistrunk, Ken Proska, Glen Chason, and Daniel Kapellmann at MandiantIntroducing Mandiant’s Digital Forensics and Incident Response Framework for Embedded OT Systems Digital Forensics Myanmar eCDFP (Data Representation & File Examination) (Part-3) eCDFP (Data Representation & File Examination) […]