Week 02 – 2022

David Cowen at the ‘Hacking Exposed Computer Forensics’ blogDaily Blog #703: Looking back at AWS EBS Direct Block access API ThinkDFIRI can see and hear you seeing and hearing me! Alex Caithness at CCL SolutionsAndroid ABX – Binary XML Cheeky4n6Monkey and Michael LacombeMike & the Monkey Dumpster Dive Into Samsung Gallery3d App Trash Doug Metz […]

Week 01 – 2022

DFIR ReviewValidation of X-Ways Forensics Evidence File Containers Kibaffo33At the roundabout, take the second exit… Daniela Elmi Best of Digital Forensics Cheatsheet Security Logs Dr. Neal Krawetz at ‘The Hacker Factor Blog’Sharing Research Elcomsoft Breaking BestCrypt Volume Encryption 5 Digital Evidence in Encrypted Backups Forensafe Investigating Task Scheduler Investigating Remote Desktop Connection MRU Hal Pomeranz […]

2021 Wrap Up

And that’s a wrap for 2021! Was it better than 2020? Maybe a little? Down in Sydney we spent a bit longer in lock-down here – 3-4 months I think it was this time around, but otherwise life was “COVID normal”. I can empathise with those that were hit hardest by this all, and thankfully […]

Week 52 – 2021

Alexis Brignoni at ‘Initialization Vectors’Android Tor Browser Thumbnails. What? Adam at Hexacorn Mapping Chrome extension IDs to their names Putting .inf files and NSRL database to a better use AhnLabCase of Ransomware Infection in a Company Using Local Administrator Accounts Set with Same Password Blake’s R&DMonitoring File mods through ETW and Velociraptor Matt Muir at […]

Week 51 – 2021

Brandon Lee at 4sysopsRecover deleted emails in Microsoft 365 Ahmed MusaadGoogle Workspace Security Investigation Tool BelkasoftiCloud acquisition and analysis with Belkasoft X Doug Metz at Baker Street Forensics Adding RAM collections to KAPE Triage CSIRT-Collect USB Dr. Neal Krawetz at ‘The Hacker Factor Blog’Apple and Fraud Elcomsoft More on checkm8 and USB Hubs, Upcoming iPhone […]

Week 50 – 2021

Starting off by mentioning a fantastic initiative by Chris Sanders. Contributing to Rural Tech Fund and a foodbank of your choosing will help people and you may just win a significant prize in return.Win My Golden Ticket! Sal Aziz at Magnet ForensicsAnatomy of a Business Email Compromise Investigation Andrea GaravagliaOrochi meets YARA Chris SandersA Cognitive […]

This Month In 4n6 – November – 2021

A monthly wrap-up of the DFIR news for November 2021. Thank you to those Patreon donors for the last month. This project takes a lot of time, so it’s very much appreciated that people see enough value in it to contribute back 🙂 If you are a Patreon donor the show notes will be found here. Special […]

Week 49 – 2021

Joshua I. James at DFIRScienceiPhone forensics with Linux command line and bplister Forensafe Investigating Windows 10 Maps Investigating Computer Name Forensic-ResearchDigital Forensic Challenge 2020 [104] Jaron Bradley at The Mitten MacWhat does APT Activity Look Like on MacOS? Kyle Song Blog #32: Building a Forensic Environment with WSL & Chocolatey part 2. [EN] Blog #32: […]

Week 48 – 2021

Baki Onur Okutucu at 4sysopsManage Activity Logs in Azure using PowerShell Cyber Social HubAndroid Viber Forensics Digital Forensics Myanmar eCDFP  (Disk Drives) – Part (2) eCDFP  (Disk Drives) – Lab SSD Forensics Challenges  (Part-2) SSD Forensics Challenges  (Part-2) SSD Forensics Challenges (Part-2) Forensafe Investigating Evernote Investigating Printers Information Ian Whiffin at DoubleBlakResearching iOS Using ArtEx […]

Week 47 – 2021

Cado SecurityNew ESG Research Reveals 89% of Companies Negatively Impacted by Cloud Cyber-Attacks Prior to Full Investigation Chris Sistrunk, Ken Proska, Glen Chason, and Daniel Kapellmann at MandiantIntroducing Mandiant’s Digital Forensics and Incident Response Framework for Embedded OT Systems Digital Forensics Myanmar eCDFP (Data Representation & File Examination) (Part-3) eCDFP (Data Representation & File Examination) […]