This week we have updates to two great tools, a variety of interesting reads, including one to come soon, and some events to fill your calendar for the 1st quarter of the new year.
- Arxsys has released V0.9 of the open source Digital Forensics Framework (DFF), which has some cool new features. You can see info here and download the new version here.
- DEFT V6 is also out with some additions – You can see info on the new version here. and the iso is downloadable here. The virtual appliance and dd image for the USB stick should be available next week – check here for status.
- With iPads appearing everywhere, and iPhones now available on Verizon, iOS forensic analysis is fast becoming an important skill to have. Sean Morrisey has written a book on the subject, and Christiaan Beek has a nice review on his blog.
- Eric Huber has an very interesting interview with UNIX security guru and SANS digital forensics team member Hal Pomeranz on his blog.
- Ever start an investigation with an idea of what you’ll find, and come up empty handed? David Cowen has some good reminders of some sanity checks when you don’t see what your experience leads you to expect.
- Even investigators need to stay out of trouble. Jesse Kornblum lists 4 cardinal rules to keep investigators out of hot water. Are there others you can add?
- Jesse also has information on some scenarios developed by Simson Garfinkel which can be used by those of us who teach forensics, or who just want to keep our skillz up to date. Follow the Computer Forenscis Tool Testing mailing list for developments on this subject.
- And in the “coming soon” category, Harlan Carvey’s “Windows Registry Forensics” is scheduled for publication at the end of this month.
- The FBI has opened the newest Regional Computer Forensic Lab in Orange County. The press release and links to other information are here. There are now 16 of these important centers across the country.
- Relying on US Supreme Court precedents, the California Supreme Court has ruled that cell phones can be searched without a warrant. The text of the controversial opinion is here, and a Google search will reveal quite a reaction from various quarters. Given the information available on a smart phone, including links to information in other locations, including the cloud, this will be an interesting development to watch.
- Down under the Coming Events section, you’ll see mention of the U.S. DoD Cyber Crime Conference. We’re pleased to announce that a number of SANS instructors are on the agenda to present at DC3, some are presenting multiple times. For more details on who is speaking about what, check out the Forensics Speakers flyer.
- The 2011 Sleuth Kit and Open Source Digital Forensics Conference has issued a call for papers. The event will be held on 14 June in McLean VA, and the CFP is available here.
- For 610: Reverse Engineering Malware via vLive — Class starts on Jan 17 so GET REGISTERED!
- SANS Computer Forensic Essentials (FOR 408) – New Orleans, LA – Jan 20-25
- U.S. Department of Defense Cyber Crime Conference – Atlanta, GA – Jan 21-28, 2011
- Mandiant M-Trends Launch Party – M After Dark Reception at DoD Cyber Crime Conference – Atlanta, GA – Jan 26, 2011
- RSA Security San Francisco 2011 – San Francisco, Feb 14 – 18, 2011
- Lenny Zeltser will participate in the Cyber Forensics Team Players panel at RSA, so if you’re going to RSA, check that out.
- SANS Forensics 558: Network Forensics – Chicago, Feb 21 – Feb 25, 2011
- Forensics 408: Computer Forensics Essentials – Boston, Feb 28 – Mar 4, 2011
- Encase CEIC 2011 – Orlando, May 15 – 18, 2011
- AccessData User’s Conference – Las Vegas, May 15 – 18, 2011
If you have an article to suggest for case leads please email it to firstname.lastname@example.org.
Digital Forensics Case Leads for 20110113 was compiled by G W Ray Davidson, PhD, CISSP, GCIA, GCFA, ETC, assistant professor of Information Technology at Purdue Calumet, SANS Mentor and serial facilitator.