As you may have noticed I’m currently only blogging about computer forensics and cybercrime investigations only at digital-forensics.de / computer-forensik.org. So please come over there and read on my dear.
SANS recently published a good summary of Windows memory forensics acquisition and analysis tools. It’s a good compilation
We updated the ForensiX Linux Incident Response Script. You can find the new version at
I have some open positions in my german team. Please
3rd Edition of “Computer-Forensik. Computerstraftaten erkennen, ermitteln, aufklären.” The new revised edition of my book on computer forensics in German language is available. For detailed information and the TOC check out computer-forensik.org or go directly to amazon.
In collaboration with the german IT journal iX I’m going to give again computer forensics lessons in Frankfurt and Berlin.
I pulished my Vista Forensics slides on my german computer forensics website.
Lance Mueller published a good article about bypassing a Windows login password with forensic tools . You can use his instructions if you plan to boot an Windows image within a virtual machine and like to login.
Cool stuff from Princeton researchers. They published a paper „Cold Boot Attacks on Encryption Keys“ and showed that whole disk encryption can be defeated by relatively simple methods. They demonstrated their methods by using them to defeat three disk encryption products: BitLocker,
I’m going to talk about Windows Vista Forensics at the DFN-CERT workshop. The workshop will be held on Februray 13 and 14, 2008 in Hamburg, Germany.