Daily Blog #188: Saturday Reading 12/28/13

Saturday Reading by David Cowen - Hacking Exposed Computer Forensics Blog

Hello Reader,
      It's Saturday! Time for links to make you think while your kids are still fascinated with their christmas toys. Get some coffee its time for some reading!

1. We had an interesting experiment this Friday on the forensic lunch, http://www.youtube.com/watch?v=4kntixnk0lI. We did what I call an OpenChat where anyone could join the video chat room, I'll leave the judgement of success or failure to you.

2.  Yogesh Khatri has a new Windows 8 related blog up, http://www.swiftforensics.com/2013/12/device-lastremovaldate-lastarrivaldate.html. This time he's focusing on the conditions that set the fields relating to when a removable device was last plugged in and when it was last removed. I've seen some discussion regarding this new artifact before but not the conditional table that Yogesh has made.

3. Lee Whitfield has posted the solution to the forensic challenge in the last issue of 4:Mag, http://forensic4cast.com/2013/12/4mag-challenge-solution/. Forensic challenges are fun and help you to improve your skills! I would recommend trying it on your own and seeing if you can solve it.

4. Nicole Ibrahim, you may have seen on a past forensic lunch, has written up more of her research into different USB attached devices and protocols. http://nicoleibrahim.com/part-4-usb-device-research-usb-first-insert-results/. It's very thorough and worth a serious read and consideration.

Also Read: Daily Blog #187

Post a Comment