Awareness Video

Great awareness video:

https://www.youtube.com/watch?v=F7pYHN9iC9I 

[...]

[RP]: Extracting ZeroAccess from NTFS Extended Attributes

just a quick link: Extracting ZeroAccess from NTFS Extended Attributes

[...]

Testing of Forensic Tools

  • Validation of Forensic Tools and Software: A Quick Guide for the Digital Forensic Examiner
    http://www.dfinews.com/print/5684
  • Computer Forensics Tool Testing (CFTT) Project Web Site
    http://www.cftt.nist.gov/
  • Digital Forensics Publications
    http://forensics.marshall.edu/Digital/Digital-Publications.html

[...]

[RP]: Hiding env./tools from malware

Just a quick repost of a nice article:

Hiding env./tools from malware a.k.a. fight fire with fire (but only inside VM)

[...]