An aggregator for digital forensics blogs
Finally some new stuff (hmm, no)Let's talk about Win32/Spy.POSCardStealer.O identified by ESET.It's pretty lame but let's see it anyway.On the first procedure the malware will register a reg key in HKLM with 'HDebugger'And start to search for … [Continue Reading]
I decided a couple days ago to try out Volatility's ability to examine Linux memory images. I had never tried capturing RAM from a Linux machine, aside from .vmem files, so this was all new territory for me. My friend Gleeda recommended I use LiME to … [Continue Reading]
The Hacker Academy recently released its new Windows Registry Master Class. Prior to its release, Hacker Academy senior instructor Andrew Case contacted me and asked if I'd like to review the course. I, of course, said yes and got signed up when the … [Continue Reading]