Correlation isn’t the same thing as causation.  Forensics professionals often seem to forget that when they deal with incident data.  Just because an event occurred and malware was found on a machine that could have caused the event doesn’t mean the malware caused the event.  Is there a correlation? Sure.  Is this enough to establish […]