video

Knock off Phone Forensics Some handsets Arent What They Appear To Be - SANS DFIR WEBCASTby Heather Mahalik via SANS Digital Forensics

Mobile devices are not always what they appear to be. Knock-off handsets are prevalent in Asia, Europe and are infiltrating...

video

Network Forensics What Are Your Investigations Missing - SANS DFIR WEBCASTby Phil Hagen via SANS Digital Forensics

Traditionally, computer forensic investigations focused exclusively on data from the seized media associated with a system of interest. Recently, memory...

article

How Malware Generates Mutex Names to Evade Detectionby Michael Boman

Lenny Zeltser talks about TreasureHunter (md5: 070e9a317ee53ac3814eb86bc7d5bf49), that uses the Windows Product ID to generate the mutex used to verify...

video

Protecting Privileged Domain Accounts during Live Response - SANS DFIR WEBCASTby Mike Pilkington via SANS Digital Forensics

It is amazing the amount of responders who accidentally gave the adversaries they are investigating their domain credentials accidentally by...

video

Detecting Persistence Mechanisms - SANS DFIR WEBCASTby Alissa Torres via SANS Digital Forensics

Persistence mechanisms are techniques used by malware to increase survivability on compromised host systems. For an incident responder, the identification...

Malware Research Institute

Knock off Phone Forensics Some handsets Arent What They Appear To Be - SANS DFIR WEBCASTby Heather Mahalik via SANS Digital Forensics

Network Forensics What Are Your Investigations Missing - SANS DFIR WEBCASTby Phil Hagen via SANS Digital Forensics

How Malware Generates Mutex Names to Evade Detectionby Michael Boman

Protecting Privileged Domain Accounts during Live Response - SANS DFIR WEBCASTby Mike Pilkington via SANS Digital Forensics

Detecting Persistence Mechanisms - SANS DFIR WEBCASTby Alissa Torres via SANS Digital Forensics