Some weeks ago I’ve already written about information gathering on OSX systems, related to the forensic investigation process.
Today i’ll talk you briefly about the Windows 10 “Timeline“: a feature that can come in handy during a forensic analysis. How to access it and how to analyze it?
Researchers from Cisco Talos recently discovered a new malware loader being used to deliver and infect systems using NodeJS as well as the legitimate open-source utility WinDivert.
The Windows Recycle Bin contains files that have been deleted by the user, but not yet purged from the system: a valuable source of evidence for an examiner.
A useful tool: fast and easy to use.