LNK files have a healthy life in DFIR. There is good reason: they are so awesome for analysis. Whether it be linking a user to knowledge of a file, as
Inspired by a post by John Lambert and others who contributed, I've put together a table of Base64 encodings for certain file signatures and script elements often encountered in malware
Background Between August 2017 and July 2018 a suspected APT group gained access to the Singapore Health Services Private Limited (SingHealth) patient database and exfiltrated the personal details of 1.
Interviews are tough, and digital forensics jobs in law enforcement don't come up very often. So how do you prepare? Getting a job in #DFIR is a common thread and
Great sources of DFIR information are endless: books, blogs, repositories, Twitter, lectures, conferences, and journals. One of the hardest skills I am yet to master is transferring this huge amount