Week 13 – 2020

Links only from me again. Thanks to Lodrina for putting in the work on the Threat Hunting and Malware Analysis sections. As always, thanks to those who give a little back for their support! FORENSIC ANALYSIS Arman Gungor at Metaspike Dates in Hiding Part 2—Gmail MIME Boundary Timestamps Vico Marziale at BlackBag Technologies Exploring the […]

Week 12 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! COVID has continued to take over the news, but now we have forensics companies discussing how they can assist during these times. Some of my highlights from the […]

Week 11 – 2020

The Forensic 4Cast nominations are closing on May 15, so get your nominations in! Cellebrite have a post about what they want you to nominate them for, but here’s my take on some of the peoples/companies/tools that deserve a nomination. Due to the current COVID19 pandemic, SANS has also moved *all* of their classes until […]

Week 10 – 2020

Links only this week, we needed a break! Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. The SANS DFIR Summit CFP closes at the beginning of this week, get your talk proposals in soon! The 4Cast Awards closes soon, get your nominations in here As always, Thanks to those […]

Week 9 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Teru Yamazaki at Forensicist has started a series on MSSQL forensics MSSQL Forensics Series (1) Jamie McQuaid at Magnet Forensics describes a couple of the timestamps […]

This Month In 4n6 – February – 2020

A monthly wrap-up of the DFIR news for February 2020. Thank you to those Patreon donors for the last month. I decided to go with the value-for-value model rather than advertising. Alternatively, it would be great if you could leave an iTunes review. If you are a Patreon donor the show notes can be found here. Special thanks to […]

Week 8 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! Who’s at #AAFS2020 this week? We’d love to see a blog about DFIR in the greater forensic world next week! FORENSIC ANALYSIS Oleg Skulkin and Svetlana Ostrovskaya at […]

Week 7 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Alexis Brignoni at ‘Initialization Vectors’ shares his thoughts on the state of data parsing on an Android 10 image and how tools are still missing data. […]

Week 6 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS Stephanie Thompson at BlackBag describes how to ingest the various types of mobile extractions that Cellebrite’s products produce BlackLight – Ingestion of Cellebrite Mobile Extractions Ian […]

Week 5 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. Links only this week but still plenty to read through! As always, Thanks to those who give a little back for their support! FORENSIC ANALYSIS News about Bezos’ iPhone hack TLDR #1: Jeff Bezos’ iPhone hack How to decrypt WhatsApp end-to-end […]