Using OS X FSEvents to Discover Deleted Malicious Artifacts
Here is an article by William Tan describing the usage of OS X FSEvents to discover deleted malicious artifacts.
Here is an article by William Tan describing the usage of OS X FSEvents to discover deleted malicious artifacts.
If you prefer to use Linux or Mac OS X as primary operating system on your forensic workstation and deal with BitLocker-encrypted volumes on daily basis – you find this tool very helpful.
Dauda Sule has written a nice beginner’s guide to eDiscovery.
Belkasoft has published a fresh article at their website – “Comprehensive Forensic Chat Examination with Belkasoft”.
Shelly Giesbrecht, a member of Cisco’s Incident Response Services team, has written a very interesting post on Cisco IR go-bag.
Login