-
May 6, 2026
When a crime scene has no physical address, investigators face a labyrinth of overlapping jurisdictions, conflicting laws, and technical challenges that traditional forensics never prepared them for.… read more »
-
May 4, 2026
AI incidents are forcing DFIR teams to rethink evidence, attribution, and chain-of-custody before prompt injection and agent autonomy make investigations unverifiable.… read more »
-
May 4, 2026
One of the things I find myself saying most often to the people on my team is this: learn from everyone, not just the best. The best will show you what to.… read more »
-
May 3, 2026
On April 30, 2026, Ryan Goldberg and Kevin Martin were each sentenced to four years in federal prison. The charges: conspiracy to obstruct commerce through extortion, in connection.… read more »
-
May 2, 2026
There is already a long queue of articles explaining how Copy Fail works, what kernel version you need to patch to, and what the Python PoC does step by step. This is.… read more »
-
May 1, 2026
The EU's DORA regulation forces financial institutions to rethink resilience as something deeper than disaster recovery. Here's what it really demands.… read more »
-
Apr 29, 2026
A few days ago, Cisco Talos published research that should concern anyone responsible for securing Mac fleets in the enterprise. Their report, titled "Bad Apples," systematically demonstrates how.… read more »
-
Apr 26, 2026
The old model is dead. For decades, security was built on the same premise: a wall around the network, sensors at the edge, and the assumption that malicious.… read more »
-
Apr 23, 2026
How Android silently tracks user behavior through UsageStats, Digital Wellbeing, and appops.xml—and why these artifacts matter for modern forensic investigations.… read more »
-
Apr 22, 2026
YARA-X 1.0.0 stable is finally here. After 15 years of YARA, VirusTotal delivers a Rust-based rewrite that fixes the original's architectural limits while keeping 99% rule compatibility.… read more »
-
Apr 21, 2026
A practical guide to Apple Watch acquisition and artifact analysis, from legacy checkm8-compatible workflows to modern paired-iPhone evidence recovery.… read more »
-
Apr 20, 2026
A few days ago, a friend saw me paying for coffee with my Apple Watch. He looked at me with a mix of curiosity and mild horror, and asked: "Do you really.… read more »
-
Apr 17, 2026
I have been doing security work long enough to develop a reliable instinct for when the industry is performing alarm versus when something has genuinely shifted. The week of April 7, 2026.… read more »
-
Apr 16, 2026
Over the years I have written quite a bit about memory forensics: Volatility cheatsheets, plugin-specific guides, compressed memory analysis, the migration to Volatility 3. But I never got around to writing about.… read more »
-
Apr 15, 2026
For a long time, the standard mental image of a disk wiper was simple: overwrite the MBR, make the machine unbootable, and let the damage speak for itself. For DFIR teams, that.… read more »
-
Apr 14, 2026
From the Apple Newton to CrowdStrike, some of the most instructive failures in tech come from misjudging the balance between ambition, timing, and operational caution.… read more »
-
Apr 13, 2026
A peculiar ritual plays out in the recruiting process of many large tech companies. The job description mentions flexible hours. The hiring manager speaks enthusiastically about remote-first culture.… read more »
-
Apr 12, 2026
There is a telling sentence buried deep inside the new ENISA Secure by Design and Default Playbook, published in March 2026 for public consultation: "security goals can often fail, even in the.… read more »
-
Apr 11, 2026
A few days ago, 404 Media published a detailed report that made a lot of people uncomfortable: the FBI managed to recover Signal messages from a suspect's iPhone, even though the app.… read more »
-
Apr 10, 2026
The question is simple: what software is actually running in your systems? Not what you think is running, not what the deployment manifest says, but what is really there, compiled, linked, packaged,.… read more »