TheDarkOverlord & VeraCrypt, Part 2: Peeling Back Layer2
Layer2 of TheDarkOverlord’s #911hacked saga contains many hidden files, tucked away in emails as attachments (.WDN, .WDM) and in the thumbs.db file. Carving these files grows the total container content to over 10,000 files.
TheDarkOverlord & VeraCrypt: An Analysis Of the Preview Container
Tracking Encryption, Part 1: VeraCrypt Usage
Bottom Line Up Front (BLUF): VeraCrypt Portable on Windows 10 leaves behind a wealth of usage artifacts - revealing associated drive letters, volume size, and other usage artifacts. Scroll to the bottom of this page if you'd like to skip to the artifacts. VeraCrypt...