When Windows takes a nap and leaves you evidence: Inside hiberfil.sys
Hiberfil.sys is one of those Windows artifacts every examiner should know about. It can contain a near-complete capture of system memory but is also tricky to collect and parse.
Tag: Corporate
Bridging cybersecurity & forensics: Why DFIR belongs inside the modern SOC
Authored by Doug Metz Originally published in the November 2025 issue of Magnet Unlocked. Want to be the first to see new content? Sign up for our monthly newsletter, Magnet Unlocked. In many corporate environments, cybersecurity and DFIR still operate in separate lanes: SOC = Detection & containmentDFIR = Evidence & root cause That separation made … Continued
Leveraging digital forensics to advance employee misconduct investigations
Employee misconduct can pose serious financial, operational, and reputational risks to enterprise organizations. Bullying, sexual harassment, gambling, accessing inappropriate content, and similar misconduct costs U.S. companies up to $300 billion a year according to Work Shield. The 2024 Association of Certified Fraud Examiners’ “Report to the Nations” estimates occupational fraud alone leads to annual losses of more than $3 trillion globally.
The rising cost of digital fakes, frauds, and forgeries in the private sector
What was once an amusing novelty has become a systemic threat to global business. Deepfakes, synthetic media, and AI-generated material have infiltrated private enterprises, and their presence is now being felt across financial services, insurance, retail, human resources, ecommerce, and more.
How to execute defensible, comprehensive legal holds with digital forensics
When business data is distributed across cloud platforms, remote endpoints, mobile devices, and virtual systems, organizations face complex challenges responding to litigation or regulatory events, such as legal holds for eDiscovery investigations. Legal teams must not only identify and preserve electronically stored information (ESI) but also ensure the authenticity, integrity, and defensibility of the evidence collected.
IOC Insights Dashboard: A faster, smarter way to identify threats in Magnet Axiom Cyber
It’s no surprise the growing complexity of cyberattacks is the top challenge for DFIR professionals. As cyberattacks evolve, DFIR analysts and incident responders must analyze increasingly diverse datasets and artifacts to fully understand the full scope of an incident during investigations and reduce the risk of repeat attacks. Cyberattacks aren’t just growing more complex—they’re also … Continued
Digital Forensics: Artifact Profile – Windows Recycle Bin
Windows Recycle Bin in Digital Forensics The Windows Recycle Bin, a seemingly simple feature, has undergone significant changes across different versions of the Windows operating system. This artifact is not just a virtual trash can but a critical element in digital forensic investigations. Understanding its evolution and functionality can provide valuable insights into user activity … Continued
Digital Forensics Tools: The Ultimate Guide (2024)
Digital forensics tools have improved a lot in the past several years. With these advances, the digital forensics community now has many tool options for each phase of an investigation.
Why endpoint forensics is essential for business security
In today’s digital landscape, cyber threats are ever evolving, making cybersecurity measures a non-negotiable for businesses of all sizes. However, even the most comprehensive defenses can be breached, either through unpatched exploits, or by an insider who inadvertently causes one.
Magnet Axiom Cyber 7.9: Faster mobile processing, better video performance, new custom fields, and more
The release of Magnet AXIOM Cyber 7.9 is here, and it’s an exciting one for digital forensic examiners who support eDiscovery stakeholders.