Forensics Quickie: Methodology for Identifying Linux ext4 Timestamp Values in debugfs `stat` Command
Cloud Forensics in Breach Investigations
Anatomy of the thread suspension mechanism in Windows
Hasty Scripts: Capture Google Activity Log
Forensic Implications of Software Updates: iOS, Android, Windows 10 Mobile
Forensic Case Files: Employee Hard Drive Switcheroo
Memory Forensics Investigation using Volatility (Part 1)
SMB2 – File/Directory Metadata
Quickpost: Data Exfiltration With Tor Browser And Domain Fronting
Yet another way to hide from Sysinternals’ tools, part 1.5
Leveraging Emond on macOS For Persistence
We Smell a RAT: Detecting a Remote Access Trojan That Snuck Past a User
Hunting for Network Share Recon
Threat Spotlight: LockPOS Point of Sale Malware
New Year, New Look – Dridex via Compromised FTP
What can you do with 250K sandbox reports?
Interpreting Antivirus Detection Names
RIG Exploit Kit Delivers Ramnit Banking Trojan via Seamless Malvertising Campaign
A coin miner with a “Heaven’s Gate”
Huge Botnet Attacking Italian Companies
Decrypting malicious PDFs with the key, (Mon, Jan 15th)
Skygofree: Following in the footsteps of HackingTeam
Unpatched Oracle WebLogic Servers Infected with Cryptocurrency Software
The Big Zeus Family Similarity Showdown
Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in
Recent Campaign
Let’s Learn: Dissect Rig Exploit Kit Anti-Bot Filter Gate
LaZagne, a credentials recovery tool
Blockchain and Digital Forensics
Improved PRNU-Based Forgery Localization
The Power of Bro and why you should include it in your security infrastructure
Malware Data Science: Attack Detection and Attribution
Portable Dynamic Malware Analysis with an Improved Scalability and Automatisation
Growth in a Small Forensics Company – Our First Employee
Mobile forensic case study: Tennessee Dept. of Correction
from thisweekin4n6