- Challenges & CTFs – new entries added:
- Challenges:
- The DFIR Report – DFIR Labs
- XINTRA – Advanced APT Emulation Labs
- Challenges:
- Jobs – old entries cleaned up, new entries added:
- AT&T
- Mandiant (now part of Google Cloud)
- Microsoft
- modePUSH
- Palo Alto Networks Unit 42
- ZeroFox
- Tools & Artifacts – AWS – new entry added:
- Artifacts:
- AWS Amplify Logs – Do NOT forget the AWS Amplify Logs
- Artifacts:
- Tools & Artifacts – iOS – new entries added:
- Tools:
- iOS Unified Log Acquisition Tool
- Artifacts:
-
- Apple Data Usage – Investigating Apple Data Usage
- iOS Calendar – Investigating iOS Calendar
- Photos.sqlite – How Did That Photo Get On That iPhone
- Photos.sqlite Queries – PhotoData – Photos.sqlite and Syndication Photo Library – Photos.sqlite Query Updates
-
- Tools:
- Tools & Artifacts – Linux – new entry added:
- Artifacts:
- Linux Forensics – Orphan Processes in Linux
- Artifacts:
- Tools & Artifacts – Windows – new entry added:
- Artifacts:
- Memory Forensics – Windows Memory Forensics
- Artifacts:
RSA Conference 2024 is almost here and will be held between Monday May 6th – Thursday May 9th at the Moscone Center in San Francisco, CA. Ed Skoudis from SANS wrote a quick newsletter giving more details about the event which you can find here!
The DFIR Report has released their brand new DFIR labs which can be available for purchase here! The full details on this new service from The DFIR Report can be found here!
Lina Lau (@inversecos), who is the founder of XINTRA, has also released Advanced APT Emulation Labs which can be purchased on the XINTRA website here!
Don’t forget to submit any missing forensicators to our Forensicators of DFIR page! Also, please consider submitting any DFIR or InfoSec related job openings via our form!
Fabian (@DFIRDominican)