Sign up to save your podcasts
Or
Share DFSP # 015 - $UsnJrnl File
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DFSP # 015 - $UsnJrnl File
The $UsnJrnl is an artifact that logs certain changes to files in NTFS volumes. It is a great source of timeline information for malware\ IR investigations, time stomping concerns and anti-forensics activities (i.e. wiping) as well as an additional source of file use and knowledge evidence for disk forensics.
View all episodes
By Digital Forensic Survival Podcast
4.9
6161 ratings
The $UsnJrnl is an artifact that logs certain changes to files in NTFS volumes. It is a great source of timeline information for malware\ IR investigations, time stomping concerns and anti-forensics activities (i.e. wiping) as well as an additional source of file use and knowledge evidence for disk forensics.
More shows like Digital Forensic Survival Podcast
View all
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
627 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
363 Listeners
Hacked
183 Listeners
CyberWire Daily
1,003 Listeners
Smashing Security
311 Listeners
Click Here
399 Listeners
Darknet Diaries
7,875 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Forensic Focus
6 Listeners
Cyber Security Headlines
129 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners
Digital Forensics Now
14 Listeners