Hello Reader,
It's Saturday and here in Utah is snowing snowing snowing! It's time for more links to make you think on our weekly reading list. So get some coffee and get comfortable because we've got some good reads this week.
1. This week's forensic lunch was pretty great, not only did we have a snowy background from my hotel window but Kristinn Gudjonsson and Ryan Benson joined us. Kristinn gave us an amazing demo of the new visualization module for Plaso and Ryan walked his through his Google Chrome internet browser research. You can watch it here, http://www.youtube.com/watch?v=frbHxkl0PKU, if you know of an easy way to turn these videos into podcasts please let me know in the comments!
2. I'm always excited when I see new content from appleexaminer.com, this entry was no exception. Ryan Kubasiak has put together a great read on OSX's default file system partition structure, formatting options and file systems supported for creation. Give it a read! http://www.appleexaminer.com/MacsAndOS/Img_Pwds/DLCS/DLCS.html
3. Interested in Bitcoin forensics? Jad over at Magnet Forensics has posted a part 2 to his article showing more artifacts relating to Bitcoin usage. This blog focuses on Bitcoin-QT a popular bitcoin client and how to find the associated artifacts, http://www.magnetforensics.com/bitcoin-forensics-part-ii-the-secret-web-strikes-back/.
4. I linked to it in the Forensic Lunch youtube description and we had a demo of it during the Forensic Lunch but I'm going to again include a link to Kristinn's blog here to emphasizes that you need to look at this visualization module they've made for Plaso http://blog.kiddaland.net/2013/11/visualize-output.html.
5. Harlan has a new post up covering tools he's interested in and more conference feedback from OSDF. It's a good read though I don't have much to add to the conversation there having not gone to OSDF. http://windowsir.blogspot.com/2013/11/tools-malware-and-more-conference.html
6.
It's Saturday and here in Utah is snowing snowing snowing! It's time for more links to make you think on our weekly reading list. So get some coffee and get comfortable because we've got some good reads this week.
1. This week's forensic lunch was pretty great, not only did we have a snowy background from my hotel window but Kristinn Gudjonsson and Ryan Benson joined us. Kristinn gave us an amazing demo of the new visualization module for Plaso and Ryan walked his through his Google Chrome internet browser research. You can watch it here, http://www.youtube.com/watch?v=frbHxkl0PKU, if you know of an easy way to turn these videos into podcasts please let me know in the comments!
2. I'm always excited when I see new content from appleexaminer.com, this entry was no exception. Ryan Kubasiak has put together a great read on OSX's default file system partition structure, formatting options and file systems supported for creation. Give it a read! http://www.appleexaminer.com/MacsAndOS/Img_Pwds/DLCS/DLCS.html
3. Interested in Bitcoin forensics? Jad over at Magnet Forensics has posted a part 2 to his article showing more artifacts relating to Bitcoin usage. This blog focuses on Bitcoin-QT a popular bitcoin client and how to find the associated artifacts, http://www.magnetforensics.com/bitcoin-forensics-part-ii-the-secret-web-strikes-back/.
4. I linked to it in the Forensic Lunch youtube description and we had a demo of it during the Forensic Lunch but I'm going to again include a link to Kristinn's blog here to emphasizes that you need to look at this visualization module they've made for Plaso http://blog.kiddaland.net/2013/11/visualize-output.html.
5. Harlan has a new post up covering tools he's interested in and more conference feedback from OSDF. It's a good read though I don't have much to add to the conversation there having not gone to OSDF. http://windowsir.blogspot.com/2013/11/tools-malware-and-more-conference.html
6.
