- Challenges & CTFs – new entries added – CTF Walkthrough – Cellebrite CTF 2023 – Abe (Forensafe), LetsDefend – Ransomware Attack (N00b_H@ck3r)
- Jobs – old entries cleaned up, new entries added – Ankura, Arete, Cadence, Lockheed Martin, Peraton, Tesla, TransPerfect Legal
- Tools & Artifacts – AWS – new entry added – Tools – cloudgrep
- Tools & Artifacts – Azure – new entry added – Tools – cloudgrep
- Tools & Artifacts – Google Cloud – new entry added – Tools – cloudgrep
- Tools & Artifacts – macOS – new entry added – APFS File Timestamps – File Timestamps for Apple APFS
- Tools & Artifacts – Windows – new entries added – SRUM – Leveraging SRUM for Incident Response, Webshells – Hunting Webshells, KAPE – Collaboration between KAPE and Microsoft Defender for Endpoint at the service of the SOC, KAPE – Remote collection of Windows Forensic Artifacts using KAPE and Microsoft Defender for Endpoint, Microsoft Edge – How can I be of WebAssist(ance)?
SANS has made a significant update to the “FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response” course. Check out the details here!
Don’t forget to submit any missing forensicators to our Forensicators of DFIR page! Also, please consider submitting any DFIR or InfoSec related job openings via our form!
Fabian (@DFIRDominican)