We kick off this episode with highlights from the Techno Security Conference, our 80s-themed outfits, packed LEAPP labs, AI panel discussions, and great conversations with friends and colleagues across the field.
We discuss Brett Shavers’ recent series on DFIR entry-level work, and share our thoughts on the need for better forensic training and clearer distinctions between forensics, cybersecurity, and incident response.
We also talk about recent tool changes in the industry. Cellebrite’s acquisition of Corellium could make mobile app testing more accessible, and Magnet’s purchase of Dark Circuit Labs.
We cover Harper Shaw’s Vehicle Network App, a valuable source of vehicle-related data. Alongside that, we highlight a recent blog on cached screenshots in Windows 11.
Be sure to check out the excellent “Parsing the Truth” podcast.
Heather walks through her Easter road trip to test Android's Timeline feature (formerly Google Location History). The location data was impressively accurate, but also showed how easily some points can mislead without the right context.
Catch us at IACIS Reno in January and check out the some of the resources we mentioned.
Notes:
Parsing the Truth: One Byte at a Time https://parsingthetruth.com/
Cached Screenshots on Windows 11 https://thinkdfir.com/2025/06/13/cached-screenshots-on-windows-11/
The Vehicle Network App from Harper Shaw https://harpershaw.co.uk/the-vehicle-network-app-1
Beklkasoft CTF https://belkasoft.com/belkactf7/
Brett Shavers 6 part series https://www.linkedin.com/pulse/dfir-really-entry-level-brett-shavers-ewsvc/ https://www.dfir.training/new-to-dfir/dfir-career
Artifact of the Week/Android Location History https://thebinaryhick.blog/2024/06/28/the-green-look-back-androids-on-device-location-history/
Podden och tillhörande omslagsbild på den här sidan tillhör
Heather Charpentier & Alexis "Brigs" Brignoni. Innehållet i podden är skapat av Heather Charpentier & Alexis "Brigs" Brignoni och inte av,
eller tillsammans med, Poddtoppen.