Posts for category: Forensics Weekly Executive Summmaries

Using AI to advance the Digital Forensics Process

Introduction As AI increases its prevalence for public and general usage, novel use cases are becoming more accessible. General model tools such as ChatGPT and Stable Diffusion have forced AI ...

Malware Reverse Engineering for Digital Forensics

Introduction A key component of any digital forensic investigation is malware reverse engineering (MRE). MRE involves locating malware on a system, decompiling that malware, and then breaking ...

Forensics Processing: Indicators of Compromise

Introduction Indicators of Compromise (IOCs) are a key feature to detect if a network or system was subject to a cyber-attack. They can give information about when a cyber-attack occurred, what ...

CVE-2023-5217 Explained: VP8 and Memory Buffer Overflow

Introduction CVE-2023-5217 is a recently identified exploit of the VP8 codec within the libvpx library. This exploit relies on memory corruption and heap buffer overflow. By utilizing a crafted ...

Real-Time Forensics: Hunting with Wireshark

Introduction Wireshark is a powerful network traffic analysis tool that is useful in digital forensics. By setting up Wireshark on a portable disk, real-time forensics can be performed to assist ...

New Apple Exploit Vulnerabilities Explained

Introduction On August 17, 2022 Apple released emergency security updates to address two critical zero-day vulnerabilities that have been used to compromise iPhones and Macs [1]. These ...

Memory CTF with Volatility Part 3

Introduction Memory analysis or Memory forensics is the process of analyzing volatile data from computer memory dumps. With the advent of “fileless” malware, it is becoming increasingly more ...

Memory CTF with Volatility Part 2

Introduction Memory analysis or Memory forensics is the process of analyzing volatile data from computer memory dumps. With the advent of “fileless” malware, it is becoming increasingly more ...

Memory CTF with Volatility Part 1

Introduction Memory analysis or Memory forensics is the process of analyzing volatile data from computer memory dumps. With the advent of “fileless” malware, it is becoming increasingly more ...

Installing SIFT Workstation

Introduction Sans Investigative Forensics Toolkit (SIFT) workstation is an open-source incident response and forensic toolkit created to perform on various settings for digital forensics. ...