Computer Forensics
Security Training
Security Certification
Internet Storm Center
Cyber Security Graduate School
Security Awareness Training
ICS/SCADA
Penetration Testing
Cyber Defense Foundations
IT Audit
Software SecurityMemory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer Jesse Kornblum, is incredibly comprehensive and a crucial course for any investigator who is analyzing intrusions.
It begins on Day 0: A 3-4 letter government agency contacts your organization about some data that was found at another location. Don't ask us how we know, but you should probably check out several of your systems. You are compromised by the APT.
Most organizations are left speechless as 90% of all intrusions are now discovered due to 3rd party notification. And in many cases, the APT has been on your network for years.
Learn how to hunt for the APT in this completely brand new training course from SANS - FOR508: Advanced Incident Response and Forensics Course.
The NEW FOR508 APT-based course debuted at SANS Security West
...
23
Mar 2012
Digital Forensics Case Leads: DUQU, Locks, Stego and Pirates What More Could You Ask For.
In this weeks CaseLeads, there's a bunch of new useful tools that might come in handy in certain situations while handling incidents PDF Analysis, Malware Analysis, Honeypots and MAC forensics! A sequel of a multi-part series on protecting our credentials whilehandling incidents. When some weird registry keys appear in log2timeline results, you discover an attack vector on manipulating execution chain? More and more on Prefetch Analysis Challenging forensicators, The Honeynet Project publishs a cool challenge for fun and profit. More on that weird DUQU source code guess what it is? When a digital lock refuses to unlock for the FEDS, guess what they do? STEGO techniques comes to light again using foreign languages!? And finally raids are not only in games! in our real life @ The Pirates bay?
If you have an item you'd like to contribute toDigital Forensics CaseLeads, please send it to caseleads@sans.org.
Tools:
With LinkedIn scoring the number two spot in social networking and Google+ trying to get up to speed it will make it an interesting time for social networks. There are some good reads by Little Mac, Harlan Carvey and Chris Pogue. See what Dilbert and BOFH are up to as well as checking out the upcoming conferences and training and the call for papers for numerous conferences.
If you have an item you'd like to contribute to Digital Forensics Case Leads, please send it to caseleads@sans.org.
Good Reads:
- Little Mac over athttp://forensicaliente.blogspot.com/2011/07/encrypted-container-file-recovery.html has a good posts onEncrypted Container File Recovery.
- Harlan Carvey of the Windows Incident Response blog has an interesting topic discussing how Structure adds Context and a followup to
24
Jun 2011
Digital Forensics Case Leads: There Is No Theme
This week in Case Leads, we feature a wide array of new tools and articles that defy classification under any particular theme. You'll find tools forensic image processing and analysis, PDF analysis, and password cracking. News and articles include issues of law, process automation, forensic value, and incident response.
Recent Comments