Hello Reader,
It's Friday and then means we had another Forensic Lunch! This week we had:
Rob Lee, @robtlee http://computer-forensics.sans.org/, talking about the new SANS FOR 408 class and the interesting journey into Windows 8 forensics.This included some really interesting discussions into artifacts being created across synced devices!
Mari DeGrazia, @maridegrazia http://az4n6.blogspot.com/, talking about her research into Google analytics cookies. This included a demo of her tool and its output. It allows you to recover so much more information if your trying to discover not only if a website was visited but at what times and to what extent.
Matthew and I talked about detecting files being created from alternative NTFS drivers, such as ntfs-3g, using artifacts within the $MFT only!
Try to make time to tune in live every Friday at Noon CST so you can ask your questions!
It's Friday and then means we had another Forensic Lunch! This week we had:
Rob Lee, @robtlee http://computer-forensics.sans.org/, talking about the new SANS FOR 408 class and the interesting journey into Windows 8 forensics.This included some really interesting discussions into artifacts being created across synced devices!
Mari DeGrazia, @maridegrazia http://az4n6.blogspot.com/, talking about her research into Google analytics cookies. This included a demo of her tool and its output. It allows you to recover so much more information if your trying to discover not only if a website was visited but at what times and to what extent.
Matthew and I talked about detecting files being created from alternative NTFS drivers, such as ntfs-3g, using artifacts within the $MFT only!
Try to make time to tune in live every Friday at Noon CST so you can ask your questions!
