1. Windows Forensic Analysis Including DVD Toolkit - Harlan Carvey(Syngress) ISBN: 159749156X is now available as an e-book only (printed version available next month). If you order the e-book first, Syngress will deliver the hardcopy when available. Click here for more info
   
   
2. The Secrets of Network Cartography: A comprehensive guide to NMap by James Messer - only available as an e-book from www.professormesser.com - Click here to visit the site
   

An excellent analysis of the Gromozon rootkit has been released on the Internet by an Italian author. This particularly nasty piece of malware has a number of interesting capabilities which can be found described in Harlan Carvey's Windows Incident Response Blog which can be accessed by clicking here. 

The analysis takes an in depth look at the scripts behind the malware and is an excellent model for how to research such threat and learn from them. It is highly recommended to take a look at the report which can be downloaded by clicking here

The famous free forensics software "Sleuth Kit" has long been a standard program for anyone working in the forensics world on a Linux platform. Brian Carriers project is a collection of command line tools based on the Coroner's Tool Kit (TCT). It has a graphical front end known as Autopsy.

The new version of Sleuthkit now has Windows executables, and the Autopsy frontend can be run using Cygwin. That an excellent free alternative to commercial software tools is now available on a Windows platform is good news for all who are working in the field.

More information and downloads from the official Sleuth Kit site (click here)

A new tool to convert dd image files to bootable VMWare image files was unveiled at the recent Digital Forensics Research Workshop (DFRWS) Conference in the USA.

Entitled Live View, this easy to use program quickly allows raw hard drive images to be booted up in a VMWare environment. The obvious advantage is that forensic images can now easily be run as if using the original computer making it easier to see how files and software was organised on the original machine.

It also makes it easier to present evidence in legal proceedings when the court can see the computer as it had been used.

The tool can be downloaded free of charge from http://liveview.sourceforge.net/

How often do you deliver talks at conferences, seminars or product sales pitches where you bring your powerpoint presentation on a USB thumbdrive? What other information do you keep on that thumbdrive and how personal is the data?

A new stealth software designed to steal that data has recently been made available for download. What implications does this have for privacy? Click the heading to read more....