Here is Andrew Case’ presentation on memory forensics of Linux and Mac systems from Enfuse 2016.

Here is Patrick Wardle’s presentation from RSA Conference USA 2016 on practical OS X malware detection and analysis.

We suggest starting 2017 from improving your organisation’s digital forensics and incident response (DFIR) capabilities with Matt Swann‘s Incident Response Hierarchy of Needs. Reading this article by Russ McRee you will learn about all phases of the hierarchy: inventory, telemetry, detection, triage, threats, behaviors, hunt, track, act.

Joshua Trombley has published a useful tutorial in his OpenSec Labs blog on how to install Volatility on Ubuntu on Windows 10.

Matt Bromiley has published a very useful post on forensic analysis of Volume Shadow Copies.

Impfuzzy for Volatility is a tool created by JPCERT/CC, which can be used for extracting known malware from memory images.

If you are interested in memory forensics, and especially in identifying malware in memory dumps, this post by Adam Bridge may be very interesting for you.

Adam from Hexacorn has published an interesting post about using Wine for malware analysis.

Here is a presentation by Ali Hadi in which he talks on anti-forensics focusing on operating system and file system artifacts that can be used to confirm/refute if anti-forensics was used on a hard drive.