Anti Virus Scan

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Friday, 29 June 2012

Detect Fraud Documents 360 Slides

Posted on 08:31 by Unknown
I recently had the opportunity to attend the SANs Digital Forensics and Incident Response summit in Austin Texas. The summit was a great con; from the outstanding presentations to networking with others from the field. I gave a SANs 360 talk about my technique for finding fraudulent word documents (I previously gave a preview about my talk). I wanted to release my slide deck for anyone who wanted to use it as a reference before my paper is completed. You can grab it from my Google sites page listed as “SANs 360 Detect Frauduelent Word Documents.pdf”.

For those who were unable to attend the summit can still read all of the presentations. SANS updated their Community Summit Archives to include the Forensics and Incident Response Summit 2012. I highly recommend checking out the work shared by others; a lot of it was pretty amazing.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in fraud, metadata | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Ripping VSCs – Developer Method
    For the past couple of weeks I’ve been talking about the Ripping VSCs approach to examining Volume Shadow Copies (VSCs). I started using the...
  • Linkz 4 Free Infosec and IT Training
    In this day and age budgets are shrinking, training funds are dwindling, and the threats we face continue to increase each day. It's not...
  • Dual Purpose Volatile Data Collection Script
    When responding to a potential security incident a capability is needed to quickly triage the system to see what's going on. Is a rogue ...
  • Finding the Initial Infection Vector
    There are different ways to spread malware. Email, instant messaging, removable media, or websites are just a few options leveraged to infec...
  • Man versus AntiVirus Scanner
    Knowing what programs ran on a system can answer numerous questions about what occurred. What was being used to communicate, what browsers a...
  • Re-Introducing $UsnJrnl
    The NTFS change journal ($UsnJrnl) is not a new artifact and has been discussed before by others. The file's importance may have been ov...
  • You Are Not Admin with UAC
    There is a tendency to focus on what is different when we are faced with newer operating systems. What are the security changes and how does...
  • Building Timelines – Tools Usage
    Tools are defined as anything that can be used to accomplish a task or purpose. For a tool to be effective some thought has to go into how t...
  • Houston We’ve Had a Problem – Wow64
    This is a piggyback post to an issue Harlan has been raising about the Wow64 issue. His most recent post on the subject Wow64Node: Registry ...
  • Microsoft Word Jump List Tidbit
    Performing examinations on the Windows 7 (and possibly 8) operating systems is going to become the norm. In anticipation of this occurring, ...

Categories

  • adobe
  • advice
  • antivirus
  • attack vectors
  • autoplay
  • autorun
  • book review
  • categories
  • chain of evidence
  • conferences
  • delivery artifacts
  • detection
  • digital forensics search
  • drive-by
  • education
  • EEDI
  • email
  • encase
  • examination steps
  • exploits
  • feedreader
  • fraud
  • Google
  • hcp
  • investigation process
  • java
  • jumplists
  • kinect
  • links
  • malvertizing
  • malware
  • malware analysis
  • memory analysis
  • metadata
  • microsoft office
  • NTFS
  • perl
  • pfic
  • prefetch
  • program execution
  • readiness
  • registry
  • regripper
  • scams
  • script
  • search poisoning
  • sharing
  • shortcut files
  • spam
  • testing
  • timeline
  • timestomping
  • tools
  • tr3secure
  • training
  • triage
  • uac
  • volume shadow copies
  • xbox

Blog Archive

  • ►  2013 (20)
    • ►  November (1)
    • ►  October (2)
    • ►  September (4)
    • ►  July (2)
    • ►  May (3)
    • ►  April (2)
    • ►  March (3)
    • ►  February (1)
    • ►  January (2)
  • ▼  2012 (38)
    • ►  December (3)
    • ►  November (3)
    • ►  October (3)
    • ►  September (1)
    • ►  August (3)
    • ►  July (3)
    • ▼  June (3)
      • Detect Fraud Documents 360 Slides
      • Computers Don’t Get Sick – They Get Compromised
      • Compromise Root Cause Analysis Model
    • ►  May (3)
    • ►  April (3)
    • ►  March (5)
    • ►  February (6)
    • ►  January (2)
  • ►  2011 (41)
    • ►  December (4)
    • ►  November (3)
    • ►  October (3)
    • ►  September (4)
    • ►  August (4)
    • ►  July (3)
    • ►  June (5)
    • ►  May (3)
    • ►  April (3)
    • ►  March (3)
    • ►  February (2)
    • ►  January (4)
  • ►  2010 (17)
    • ►  December (2)
    • ►  November (3)
    • ►  October (3)
    • ►  September (3)
    • ►  August (6)
Powered by Blogger.

About Me

Unknown
View my complete profile