±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

New Today: 0
New Yesterday: 5
Overall: 28802
Visitors: 52

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Project Spartan Forensics

Monday, July 27, 2015 (13:26:01)
by James Gratchoff & Guido Kroon, University of Amsterdam

Project Spartan is the codename of the new Microsoft Edge browser and successor to its previous, Internet Explorer. This research paper gives insight into the current artefacts that the current development versions of Project Spartan leaves behind on workstations. The authors analysed what these artefacts are, where they are located and how can they be gathered. This research led to the conclusion that Project Spartan’s back end does not differ much from the latest Internet Explorer versions, as Project Spartan still uses similar ways to store data on the workstation it runs on. Furthermore, an open source tool has been developed to gather some of these artefacts in an automated way. The purpose of the tool is to gather the location of the artefacts not present in the database.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (739 reads)

FT Cyber Security Summit Europe – London 22nd September

Thursday, July 23, 2015 (11:17:36)
On the 22nd of September 2015, Forensic Focus will be attending the FT Cyber Security Summit in London. If there are any topics you’d specifically like us to cover, or any speakers you think we should interview, please let us know in the comments.

The second annual FT Cyber Security Summit Europe 2015 will bring together boardroom directors, chief executives, senior management and chief information security officers to discuss the current threats in cyberspace and what more should be done to build safer and more resilient businesses.

Chaired and moderated by senior FT journalists, the speakers and panellists will include a mix of corporate CISOs and senior officials from government departments responsible for helping public and private sector organisations manage their cyber risks.

Forensic Focus readers save 15% on the ticket price. Quote code FORF15 when registering online at http://live.ft.com/cybersecurity

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1000 reads)

Webinar: Mobile Chat & Social App Forensics

Wednesday, July 22, 2015 (17:06:56)
Date: Thursday, July 23, 2015

Registration: http://www.magnetforensics.com/mobile-forensics/mobile-chat-social-app-forensics

Presenter: Tayfun Uzun, Product Manager at Magnet Forensics

Smartphone apps that allow users to express themselves by messaging, posting, tweeting, liking, commenting, and sharing images and videos, have radically altered communication patterns. This new world of hyper-connected mobile chat and social apps is evolving at warp speed, and it seems like a new app explodes in popularity every month, with others constantly changing and adding new features.

These apps are drastically altering the field of mobile forensics, creating new demands of digital forensics examiners who are expected to stay abreast of the latest app developments in order to recover and interpret data. The Magnet Forensics R&D team tracks the latest mobile app trends in order to develop the timely artifact updates that IEF mobile module users require.

Register now at http://www.magnetforensics.com/mobile-forensics/mobile-chat-social-app-forensics
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1291 reads)

Evidence Acquisition and Analysis from Live Exchange

Tuesday, July 21, 2015 (10:37:58)
A great amount of legal and forensics discussion is involved when there is an investigation procedure that involves the seizing of crucial evidence from Live Exchange server. Whenever there is such an investigation, two things remain in focus

1. Identification of suspect evidence from the network
2. Collection approach that maintains exactitude of evidence

There has been an increasing effort in the theory of live imaging approaches because of the liabilities that come up when a server is taken down. In such a situation, the rules of law and evidence acquisition have caused new approaches and techniques of acquiring electronic evidence to be formed; many of these are specifically targeted at the large storage of data.

What are the data that are generally in question?

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1674 reads)

Guidance Software, Inc. Introduces Tableau Password Recovery

Saturday, July 18, 2015 (09:29:47)
Guidance Software, Inc. is pleased to introduce Tableau Password Recovery, a powerful solution that accelerates dictionary-based and brute force password attacks to unlock protected files. By helping investigators access encrypted and locked files, the appliance expedites time-sensitive investigations and prevents them from becoming stalled or incomplete. The product was developed through a collaboration with leading vendors Passware and Digital Intelligence, Inc.

New Belkasoft Evidence Center 7.3 Enhances Data Carving and SQLite Analytics

Friday, July 17, 2015 (08:21:39)
Belkasoft updates Belkasoft Evidence Center, the company’s flagship digital forensic solution, to version 7.3. The new release comes with significant improvements to file carving and SQLite analysis algorithms as well as the search engine. With this update, Belkasoft Evidence Center enables investigators discover more evidence faster, while raising the bar of SQLite analysis to a whole new level. In addition, the product now supports Cellebrite Link Analysis integration, and offers numerous other enhancements.

Cybercriminal Darkode Forum Taken Down Through Global Action

Thursday, July 16, 2015 (10:34:04)
This week, law enforcement and judicial authorities worldwide have taken down the most prolific English-speaking cybercriminal forum to date: Darkode. In an international coordinated action against the hacking forum and its users, investigators from all over the world targeted cybercriminals that were using the Darkode forum to trade and barter their hacking expertise, malware and botnets, and to find partners for their next spam runs or malware attacks.

The operation was led by the FBI and supported by Europol’s European Cybercrime Centre (EC3), with the involvement of law enforcement officers from 20 countries in and outside the European Union. The takedown and arrests were coordinated from command posts set up by the FBI (Pittsburgh, USA) and Europol’s EC3 (The Hague, the Netherlands).

Read More (Europol)
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2535 reads)

Nuix Appoints Paul Slater as Executive Director for EMEA Region

Thursday, July 16, 2015 (09:40:03)
Nuix, a technology company that enables people to make fact-based decisions from unstructured data, today announced it has appointed Paul Slater as Executive Director for the Europe, Middle East and Africa (EMEA) region. Slater will be an ambassador and subject matter expert for the company throughout EMEA, oversee Nuix’s operations in the region and directly manage the UK-based team of subject matter experts and sales engineers.

Forensic Focus Forum Round-Up

Wednesday, July 15, 2015 (14:53:05)
Welcome to this round-up of recent posts to the Forensic Focus forums.

Forum members discuss password retrieval using EnCase.

How would you recover data from a ciphered NTFS after a reinstall of Windows?

What has been your experience of forensic collection in Japan? Add your thoughts on the forum.

Forum members discuss thumb drive forensics.

How would you identify and analyse a fake large capacity Micro SD?

Chip-off forensics: when and why is it useful? Add your thoughts on the forum.

Forum members discuss analysing BlackBerry deleted data.

What would you recommend to help this forum member increase their knowledge and industry experience in digital forensics?
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2390 reads)

ReclaiMe's Research – Determining Timestamps On BTRFS

Tuesday, July 14, 2015 (10:41:54)
ReclaiMe Data Recovery Company announces that they have completed the research devoted to determining the reliability and accuracy of various file metadata like creation, modification, and access timestamps in modern filesystems using copy-on-write (CoW).