Saturday, May 17, 2014

Daily Blog #328: Saturday Reading 5/17/14

Hello Reader,
         It's the weekend between ADUC and CEIC. If you are a conference warrior like me this is your chance to take a breath and catch up the world. Get ready for more links to make you think before another week of good talks and knowledge on this weeks Saturday Reading.

1.  If it's #1 on the list its the Forensic Lunch, this week live from ADUC! This week we had:
  • Lee Reiber, @celldet, talking about what is new at AccessData, the conference, his product MPE+, FTK, insight and all the rest. It was fun getting to talk to him in person where I could ask hi, questions without a filter and we can get some good facts.
  • Matt came on and we talked about new features in our upcoming release of Triforce ANJP! Showing how to find evidence of exploitation of an XP system with metasploit via the netapi exploit.
  • Sheryl Falk, @sheryfalk, Pierre Lidome and I talking about our panel that I posted the slides to yesterday. Most importantly going over the most important things we said but didn't write down in the slides.
I hope you liked it and get ready for next week when we will be broadcasting live from CEIC and bringing the best information there to you at home.  You can watch the video here:
https://www.youtube.com/watch?feature=player_embedded&v=408XUV9gKXg

2. Harlan has a new blog up this week with updates and links, http://windowsir.blogspot.com/2014/05/updates.html. Most interesting to me was updates to Regripper!

3. The Forensic 4Cast award voting has been extended another week, read about it here: https://forensic4cast.com/2014/05/awards-update-deadline-change/. If you haven't done so already please vote (I'm up for two awards!) and help those who help you! Vote here: https://forensic4cast.com/forensic-4cast-awards/

4. Corey Harrell has a new blog post up all about what artifacts are left over from an exploit, http://journeyintoir.blogspot.com/2014/05/cve-2013-0074-3896-silverlight-exploit.html. These are always fun to read and can usually lead to you thinking of new sources of artifacts to look for.

5. Brett Shavers has a new blog post up announcing the arrival of training videos on WinFE, http://winfe.wordpress.com/2014/05/10/coming-soon-online-winfe-training-program/. I think WinFE is great and look forward to seeing these.

6. Going to be at CEIC? Make sure to signup for our TriForce party Wednesday night from 6-8pm or our TriForce classes! It's all free so go here and get a ticket: http://www.eventbrite.com/e/triforce-training-sessions-and-launch-party-during-ceic-conference-tickets-11533471925

That's all for this week, see you tomorrow for another Sunday Funday challenge!