I'm currently writing this blog post from my hotel room at Blackhat Federal. Jamie and I wrapped up our "Advanced Memory Forensics in Incident Response" class on Tuesday. It went very well and we are both looking forward to teaching it again in Las Vegas. I just finished giving my talk "Snort my Memory." I detailed the talk in a previous blog post. This post now includes links to available software. MindSniffer is available here. If you have any questions comments suggestions please feel free to contact me firstname.lastname@example.org.Read more...
Archive for 'February 2009'
February 10, 2009 12:10 AM By Jamie Butler
February 5, 2009 4:24 PM By Michael J. Graven
Russ McRee recently wrote that Memoryze is the 2008 Toolsmith Tool of the Year, and how it helped him find the full name of a malware author. He also wrote up a great description of using Memoryze to chase down a password stealing trojan in the February 2009 issue of the ISSA Journal.Read more...
February 18, 2009 4:58 PM By Jason Luttgens
A new version of Highlighter has been released today! A number of small bugfixes were made, as well as a significant performance improvement to drawing the graphic overview. If you are using Highlighter, you will definitely want to get this updated version.Read more...
February 13, 2009 1:25 PM By Kelcey Tietjen
I recently spoke at the DoD cybercrime conference on Advanced Persistent Threat (APT) forensics. During the presentation I talked about several ways you can use forensics to answer difficult questions that arise once an APT incident is identified. Some of these questions are:Read more...
February 4, 2009 6:31 AM By Atif Mushtaq
February 11, 2009 3:11 PM By Alex Lanstein
February 12, 2009 11:08 AM By Atif Mushtaq
February 13, 2009 4:01 AM By Alex Lanstein
February 17, 2009 4:00 AM By Alex Lanstein
February 17, 2009 7:17 PM By Atif Mushtaq
February 27, 2009 6:44 AM By Alex Lanstein