Sunday, July 25, 2010

Misc Forensic News

I'm somewhat behind in my blogging... In the past couple of weeks a few things of interest have come out. Here are some highlights:

Moyix released psscan3: a robust process scanner. He also released GDI Utilities for taking screenshots of memory dumps, which is VERY cool! :-)

Lenny Zeltser released REMnux "a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu" which includes Volatility in its arsenal.

Detective Cindy Murphy published a guide on cell phone examinations, which is definitely worth a read.

There have been some updates to some of the Sysinternals tools that you might want to check out.

F-Reponse now supports Android
, which is pretty cool. You can check out their blogpost which includes details and a video.

Into the Boxes is currently looking for collaborators for 0x2. Don't be shy, I know there are a lot of people out who could contribute an article for the next edition. If you have an idea for an article, hit the call box.

Thursday, July 15, 2010

The Next HOPE and NYC4SEC

We will have another NYC4SEC meetup after Chris Pogue's talk on Sniper Forensics at The Next HOPE. You can RSVP here. Details:

This is the NYC4SEC after HOPE Meet-up for Sunday, July 18th at 6pm at Stout NYC on 33rd St. (btwn 6th & 7th) – just across the street from the Hotel Pennsylvania.

Informal meet up to hang out and mingle to talk about the highlights of the HOPE conference.

I spoke with Chris Pogue who will be presenting at the conference on Sunday at 4pm - Sniper Forensics - Changing the Landscape of Modern Forensics and Incident Response and he said he will stop by to join us. Checkout Chris’s on his blog:

C’mon by to drink, talk and hang with others in the NYC InFosec community!

Thanks to Douglas Brush for setting this up ;-)

Sunday, July 11, 2010

Moving Forward

A while back I read an article on managing geeks. I think it's fairly accurate and also carries over into the computer forensics arena. If you are in a position of managing geeks and are not one yourself, you might want to read this article.

Thanks to Harlan Carvey I read Lenny Zeltser's presentation on How To Respond To An Unexpected Security Event. That's another good read you shouldn't miss.

Ignoring the problem leads to discontent and inevitably: desertion. Content geeks on the other hand tend to be loyal.

That's about all I'm going to say about that...

Briefly: Moving of stuff

Since access to my QC website has now expired, I've moved some of the stuff that was linked to there from this blog to here. Future misc scripts will be dumped there as well.