- Tools & Artifacts – Windows – new entries added – Microsoft Management Console MRU, File Carving, WordPad Recent Files, SDeleted Files, MRU, File Signature and Hash Analysis, Desktop Wallpaper, Windows Startup Programs, Microsoft Teams, and Email Forensics
- Tools & Artifacts – Android – new entry added – Forensic References
- Tools & Artifacts – iOS – new entry added – DFU: iPhone 8, 8 Plus, and iPhone X and Shared with You Syndication Photo Library
- Jobs – old entries cleaned up, new entries added – Sony, Microsoft, Sentinel One, Northrop Grumman, Binary Defense, vmware, AON, and MassMutual and a IBM X-Force IR Internship for Summer 2023
AboutDFIR stickers are still a thing! If you’re interested in one, please let us know! Here’s what they look like:
Devon will be speaking at the HTCIA Conference. If you choose to attend, definitely stop in and give his talk, “Trickle Down Effect”, a listen! He’ll be walking the audience through threat actor tactics and the trickle down effect of APT and skilled groups down to the Organized Crime groups and the mass scale executions. The conference has a virtual day on Tuesday (27th) this week and goes through Friday.
The SANS Blue Team Summit is October 3rd and 4th in Scottsdale, Arizona. Online attendance is again free!
Happy Fall!
Cassie (DFIRDetective)
