How do you identify abnormal or malicious behavior?

Reference: https://marksforensicblog.wordpress.com/ Malware, in general, has four main characteristics: 1. An initial infection vector – how it got on the system in the first place; this can be through browser download, email attachment, etc. 2. Artifacts – what actions does the malware take upon infection and what footprints does it leave? It’s sufficient and quicker […]

Read More

What is Helix3?

Helix3 is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics. According to Helix3 Support Forum, e-fense is no longer planning on updating the free version of Helix. Tools Included Live side for Mac OS X, Windows and Linux A bootable forensically sound environment based on Ubuntu Open […]

Read More

What is eDiscovery?

The courts mandate that each party identify and preserve potentially relevant electronically stored information (ESI), at the outset of litigation proceedings which has increased the need for an organized and proactive e-discovery process. This necessitates, among other requirements, an effective legal hold and e-discovery process to meet the obligations for more stringent preservation.  Under these […]

Read More