Week 13 – 2026 Offline AI—built for DFIRBelkaGPT saves you days of manual review and reporting:- Transcribes audio and video- Describes and classifies pictures- Searches for similar faces- Answers questions about…

Week 13 - 2026 #DFIR

thisweekin4n6.com/2026/03/29/w...

incident response team? #CSIRT #DFIR

Magnet Unlocked | Tool proliferation in DFIR: Why our toolkits keep growing (and what that really means) Read this March 2026 issue of Magnet Unlocked on why DFIR toolkits keep growing—and how integration gaps create investigative friction.

#DFIR toolkits keep growing — not because investigators are chasing new tools, but because modern cases demand it.

Hear from Doug Metz about why tool proliferation isn’t the problem we think it is, and what it means for speed, consistency, and reporting: https://ow.ly/5INW50YzUm8

Just Announced for BSides Luxembourg 2026!

𝗙𝗥𝗢𝗠 𝗛𝗢𝗨𝗥𝗦 𝗧𝗢 𝗠𝗜𝗡𝗨𝗧𝗘𝗦: 𝗔𝗨𝗧𝗢𝗠𝗔𝗧𝗜𝗡𝗚 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗥𝗘𝗦𝗣𝗢𝗡𝗦𝗘 𝗧𝗥𝗜𝗔𝗚𝗘 𝗪𝗜𝗧𝗛 𝗢𝗣𝗘𝗡-𝗦𝗢𝗨𝗥𝗖𝗘 𝗧𝗢𝗢𝗟𝗦 - 𝗠𝗔𝗥𝗞𝗨𝗦 𝗘𝗜𝗡𝗔𝗥𝗦𝗦𝗢𝗡

Speed is critical in incident response, and traditional forensic processes often slow teams down. This session […]

[Original post on infosec.exchange]

XP After Dark.

Tonight's Agenda:

1. D&D prep and campaign design

2. Ask Me Anything: Digital Forensics or Criminal Defense

Anything on your minds? #twitch #dfir #criminaldefense #CyberSec #digitalforensics

Your drives are fast. Your network isn't.
Meet the new Atola 25G Fiber Extension.
- two SFP28 ports
- compatible with Atola TaskForce 2 and Atola TaskForce
- built-in active cooling
- bonding support

#dfir #digitalforensic #forensicimaging

What’s new in Amped Authenticate? Explore the latest updates for image authentication and deepfake analysis, including improved models, stronger batch analysis, and faster workflows. www.youtube.com/watch?v=g5p... #AmpedSoftware #AmpedAuthenticate #DigitalForensics #DFIR

Read the latest DFIR news – courtroom challenges to expert testimony, a new Windows 11 execution artifact, Lost Apples 2.0, AI-generated abuse imagery concerns, and more. www.forensicfocus.com/news/... #DigitalForensics #DFIR

We’re seeing a “Missing Font” ClickFix chain in the wild.

Flow:
1️⃣ Fake “Missing Font” prompt
2️⃣ Leads to a BSOD-style recovery screen
3️⃣ Prompts users to open Terminal/PowerShell directly (skipping the Run dialog) and execute commands

#infosec #DFIR #threatintel

Esto de LiteLLM es un desastre.
es una librería usada ampliamente.

lo malo es que aparte de detectar si nadie la bajo, hay que hacer rotación de todo tipo de tokens y contraseñas.
y encima auditar logs a ver si nadie los uso ya!

no es solo de borrar la version.

#DFIR

AX250: Axiom Advanced Computer Forensics is now available in an online self‑paced format.

This training is built for experienced #DigitalForensics practitioners who want to deepen their expertise with Magnet #Axiom. Learn more: https://ow.ly/lIH750Yy6N2 #DFIR

Investigation Scenario 🔎

You've discovered a host with multiple instances of Chrome running the --hidden option.

What do you look for to investigate whether an incident occurred?

#InvestigationPath #DFIR #SOC

Week 12 – 2026 Mobile Forensics Cheatsheet Mobile devices track vast amounts of user activity—often a goldmine of forensic evidence: – Device information– Application usage– Bluetooth and Wi-Fi connections– …and other events, often paired with timestamps Our cheatsheet categorizes these records and maps them to exact locations in iOS and Android extractions. Download Belkasoft’s free cheatsheet for mobile system […]

Originally from This Week in 4n6: Week 12 – 2026 ( :-{ı▓ #dfir #incidentresponse #cyberresearch

Old Dog, New Tricks – Lost Apples 2.0 If you are not familiar with Lost Apples, please read the original post before proceeding. There have been some interesting cases in the news lately that have caused me to give some thought about devices being in proximity to each other, and how to prove that proximity, especially when those who are intent on doing harm are going dark prior to doing their bad deeds…

#DFIR

Week 12 – 2026 Mobile Forensics CheatsheetMobile devices track vast amounts of user activity—often a goldmine of forensic evidence:- Device information- Application usage- Bluetooth and Wi-Fi connections- …and ot…

Week 12 - 2026 #DFIR
thisweekin4n6.com/2026/03/22/w...

🚨 DFRWS EU 2026 | Conference Update Sweden has officially SOLD OUT for in-person attendance! You can still join us remotely. 🖥️ Register as a Virtual Attendee (€150) and use promo code VirtualFriends for 50% off. 🧿 Register: https://buff.ly/7k5IpsJ 👉 Program: https://buff.ly/w3Q17NS

🚨 DFRWS EU 2026 | Conference Update 🎉

Sweden has officially SOLD OUT for in-person attendance!

You can still join us remotely. 🖥️

Register as a Virtual Attendee (€150) and use promo code VirtualFriends for 50% off.

🧿 Register: buff.ly/7k5IpsJ
👉 Program: buff.ly/w3Q17NS

#DigitalForensics #DFIR

GitHub - Beercow/SmackThatHash: Hashing utility including AmCache SHA1 and QuickXorHash · GitHub Hashing utility including AmCache SHA1 and QuickXorHash - Beercow/SmackThatHash

SmackThatHash features AmCache SHA1 variant and QuickXorHash (OneDrive). Run against a single file or entire folder recursively. Pick from preset hashes or roll your own. Console and csv output. #DFIR

github.com/Beercow/Smac...

Redefining what's possible in digital investigations Magnet User Summit 2026, April 20-22, Nashville, TN. Kickstart your knowledge with the latest in Magnet Forensics innovations and industry trends—all from the top minds in the DFIR field.

We’re officially one month away from #MagnetUserSummit 2026!

Don't miss your chance for hands‑on learning, thought leadership, networking with the #DFIR community, and so much more at #MUS2026 .

Save your spot: https://ow.ly/M1R150Yx0mV

A checklist for building a private-sector digital forensics lab A practical checklist for building or leveling up a private‑sector digital forensics lab—from scope and tools to storage and training.

Thinking about building—or upgrading—a private‑sector #DigitalForensics lab?

This checklist walks through the key considerations teams often overlook, helping you plan for scale, efficiency, and investigative reality.

Read the blog: ow.ly/1wtY50YwSyJ

#DFIR #DigitalInvestigations

Discover what’s new on Forensic Focus – hear Rob Fried on new challenges shaping digital forensics, explore how vehicle data can help establish occupant actions and involvement, get insights from Belkasoft founder and CEO Yuri Gubanov, and more. www.forensicfocus.com/news/... #DigitalForensics #DFIR

56% are either likely to leave DFIR within 12 months or unsure if they’ll stay. DFIR Is Burning People Out. Digital forensics has a burnout problem. This isn't new news, but it is important.Forensic Focus and Northumbria University are running an anonymous international well-bein...

Incredible stat. Where do you fit, #DFIR?
www.dfir.training/blog/56-of-d...

Earlier this month, we welcomed corporate and private sector #DFIR professionals across APAC to our #MagnetTalks #EnterprisePulse events in Hong Kong and Taiwan.

A big thank-you to everyone who joined us, and to our partners STech and iForensics for making these events possible.

I just wanted to help solve crimes. Not explain why creation dates can be more recent that modification dates over and over again until I’m dead. #DigitalForensics #DFIR

mquire: Dependency-Free Linux Memory Forensics

~Trailofbits~
Trail of Bits released mquire, an open-source tool for Linux memory forensics that extracts BTF and Kallsyms data to analyze dumps without external debug symbols.
-
IOCs: (None identified)
-
#DFIR #Linux #ThreatIntel

BDC - More Battery Temps & Charging Stats for iOS Now that the CTF competitions for Magnet and MSAB summits are completed I can finally work on some new research that came from the evidence ...

#Stark4N6: BDC - More Battery Temps & Charging Stats for iOS

#DFIR #iOS #FOSS #iLEAPP

www.stark4n6.com/2026/03/bdc-...

Magnet Automate: Making backlogs disappear for good Learn how Magnet Automate breaks the cycle of growing caseloads with automated processes—from acquisition to analysis to reporting.

What if your #DigitalEvidence backlogs could actually disappear?

Discover how Magnet Automate is transforming forensic workflows from acquisition to reporting: https://ow.ly/opb950YvTWT

#DFIR #DigitalInvestigations #DigitalForensics #DFIRAutomation

Read the latest DFIR news – free mobile forensics talks from MSAB, vehicle data analysis, deepfake audio risks, memory forensics research, and more. www.forensicfocus.com/news/... #digitalforensics #dfir

🚨 DFRWS EU 2026 | Conference Update Sweden has officially SOLD OUT for in-person attendance! You can still join us remotely. 🖥️ Register as a Virtual Attendee (€150) and use promo code VirtualFriends for 50% off. 🧿 Register: https://buff.ly/7k5IpsJ 👉 Program: https://buff.ly/w3Q17NS

🚨 DFRWS EU 2026 | Conference Update 🎉

Sweden has officially SOLD OUT for in-person attendance!

You can still join us remotely. 🖥️

Register as a Virtual Attendee (€150) and use promo code VirtualFriends for 50% off.

🧿 Register: buff.ly/7k5IpsJ
👉 Program: buff.ly/w3Q17NS

#DigitalForensics #DFIR

Release Arc2Lite v2.0.0 - Combined Script · stark4n6/Arc2Lite GUI and CLI have been combined into one script. If no switches are supplied it will run the GUI. Other updates include: Hashing for archives Recursive processing for folders of archives Fallback t...

Arc2Lite v2.0.0 is out. GUI and CLI have been combined into one script.

#️⃣ - Hashing for archives
📂 - Recursive processing for folders of archives
⌚ - Fallback timestamps if extended attributes aren't found
ℹ️ - High level metadata about archive in each SQLite DB

#DFIR

github.com/stark4n6/Arc...

🎯 New #BSidesLuxembourg2026 Session Reveal!

A Phishing Trip with Fancy Bear – Analyze APT28 Malware Together! (2h Workshop) with 𝗠𝗔𝗥𝗜𝗨𝗦 𝗚𝗘𝗡𝗛𝗘𝗜𝗠𝗘𝗥

Join this beginner-friendly 2h workshop to walk through a real Fancy Bear (APT28) attack chain: targeted […]

[Original post on infosec.exchange]