Yahoo redirect virus on Mac – what is it all about?

December 14, 2021

Ever since Internet traffic became an extensively monetizable commodity, bad actors have been focused on intercepting it to generate profit. Unsuspecting users’ devices, including computers and smartphones, are on the receiving end of this exploitation. Macs are in the same boat – moreover, they appear to be targeted the most....

Strings on Windows

October 23, 2014

The Many Shapes and Sizes of Strings on Windows Earlier this week I was toying around with the idea of implementing a lnk file parser in the go language. Yes, I occasionally do things like this for fun. Just to get a feel for things, I grabbed the most easily...

Announcing the BETA release of DAMM

September 17, 2014

Announcing the BETA release of DAMM, a FOSS memory analysis platform built on top of Volatility Memory analysis is the new(-ish) big thing in the incident response, malware analysis, digital forensics space for the moment, and so all the cool kids seem to be doing it. While memory analysis is...

What We Have Been Up To: March, April, and May in Review

June 6, 2014

So much has happened and it’s time to let you know what we have been up to these last couple months. Our own Vico Marziale was recently a guest on Forensics Lunch with David Cowan not once, but three times! Forensics Lunch is a weekly webcast featuring digital forensics practitioners...

Forensics Tools – find_times.py

April 23, 2014

Recently, we had the pleasure to join David Cowen on several episodes of his weekly show Forensic Lunch.  In this particular episode on Youtube, we discussed some of our recent research on discovering previously unknown Windows registry values with embedded timestamp information.  As promised, we are releasing our script to...