±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 0
New Yesterday: 2
Overall: 28190
Visitors: 40

±Forensic Focus Partner Links

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Digital Forensics, Computer Forensics, eDiscovery

Passware Exposes Suspects’ Photo Stream to Computer Forensics

Wednesday, March 25, 2015 (13:15:19)
Passware, Inc., a provider of password recovery, decryption, and electronic evidence discovery software for computer forensics, law enforcement organizations, government agencies, and private investigators, announces version 2 of its flagship encrypted electronic evidence discovery product – Passware Kit Forensic 2015. This new release now acquires suspects’ iPhone and iPad photos without an Apple ID or password, provided there is physical access to the computer with iCloud application installed.

According to apple.com, “Your new photos appear automatically on the iOS devices, computers, and Apple TV you set up with My Photo Stream, no matter which iOS device or computer you use to take or import new photos.” (Source: Apple). This also concerns shared photo stream where photos and videos of trusted contacts are automatically synchronized with the Apple device.

Interview with Nikola Radovanović, CEO, HddSurgery

Tuesday, March 24, 2015 (19:08:41)
Nikola, please tell us about HddSurgery. What first gave you the idea to develop tools for data recovery and computer forensics?

I would not call it an idea, it was more a need for such tools. We have data recovery and forensics operations here and we had a problem that we needed to solve. At that time, seven years ago, we tried all the tools that were on the market.

To our regret, all the tools that we could buy were bad quality and could not help us in job well or could not help us every time as they are supposed to. It was all up to engineer who is doing data recovery and forensics, his/her experience and good mood. There were obviously repeatability problems.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (838 reads)

New AccessData UTK® Bundle

Tuesday, March 24, 2015 (18:58:33)
When it comes to incident response, the quick collection and triage of digital devices is crucial to identify where evidence may be contained. This expedites device processing and evidence identification to ultimately reduce case backlogs. AccessData’s Ultimate Toolkit® (UTK®) include FTK, nFIELD and AD Triage to allow you to collect and triage devices on-scene as well as analyze data from different sources faster.

Three solutions, three discounted packages.

Webinar: Being Your Own Cybersecurity "Expert Witness"

Monday, March 23, 2015 (14:01:37)
Date: March 26, 2015
Time: 1:00pm EST (US) / 5:00pm GMT (UK)
Duration: 60-75 minutes
Presenters: Spencer Wilcox, CISSP, Excelon; Herbert Joe, Certified Forensics Consultant, Yonovitz & Joe, LLP; Andrew Neal, TransPerfect

With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony. What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need? Join (ISC)2 on March 26, 2015 at 1:00 p.m. Eastern for their next "From the Trenches" webcast where they will talk about what it means to be an expert witness and the best practices for serving as one.

Register now at https://www.brighttalk.com/webcast/5385/145283?forensicfocus
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (745 reads)

Susteen Announces Acquisition of Pincodes/Passcodes from iPhones and Android

Thursday, March 19, 2015 (22:54:25)
Susteen Inc. is proud to announce their brand new iPhone/Android pincode breaking software. The SV Strike Secure View Strike is capable of acquiring 4 digit pincode/passcodes on the most popular phones including the new iPhone 6 and 6 plus. More than just a simple brute force "box", created and built in the United States, this new technology gives the forensic investigator the go-to tool for breaking into iPhones and Android devices. With easy to view videos and instructions, the SV Strike aims to replace foreign devices with unproven abilities.

How to Use EnCase and IEF Together

Thursday, March 19, 2015 (19:36:41)
When it comes to computer forensics, investigators often rely on a variety of tools to find the evidence they need. The real challenge is understanding how to use these tools together to make your investigations more efficient while still maximizing your results. In a previous blog post, we discussed the top reasons to use EnCase and IEF together to enable investigators to work through cases more thoroughly and efficiently. In this post, I want to take an in-depth look at how to integrate both tools into your investigations and get the most out of your analysis.

Read More (Magnet Forensics)

Review: Mobile Phone Examiner Plus (MPE+) - Part 1

Thursday, March 19, 2015 (10:54:36)
Reviewed by Si Biles, Thinking Security

That mobile devices are going to be used in any criminal activity is almost a given now – although post Snowden, at least the more intelligent crook might give some pause to consider the NSA or GCHQ before making their call. The capabilities of these devices have advanced so far that some manufacturers have attempted to use them to replace laptops...and that’s not considering the whole arena of tablets, a majority of which run variations of the mobile phone operating systems – Android, iOS or Windows Mobile.

Clearly this is a growing field, and to that end, it would be a foolhardy forensic software developer who didn’t produce a mobile phone tool. AccessData (henceforth AD) have survived long enough to prove that they aren’t foolhardy, and thus their tool Mobile Phone Examiner Plus (henceforth MPE+) is available to deal with that requirement for their clients...

Read More
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (818 reads)

Investigating the new Skype media_cache with the Forensic Browser for SQLite

Wednesday, March 18, 2015 (11:39:11)
Skype recently introduced cloud based operation and started moving away from peer-to-peer messaging with a view, to paraphrase Skype, of improving the service that we receive.

The move has had the effect of introducing a new set of artefacts and in particular a new location for stored/cached image files (pictures).

This article deals with the SQLite tables that reference to these pictures, the locations of the pictures themselves and how to join the relevant tables, decode the data held in certain blob fields and create a report showing who sent what to whom including the pictorial evidence where possible.

Thailand warns women who post 'underboob' photos face five years in jail

Tuesday, March 17, 2015 (17:36:17)
Thailand’s military government warned women on Monday against posting photos of the lower half of their breasts – a current social media trend – saying their actions could violate the country’s computer crime laws.

Thailand’s computer crimes act 2007 bans material that causes “damage to the country’s security or causes public panic” or “any obscene computer data which is accessible to the public”.

The culture ministry said offenders faced up to five years in jail, but did not say how they would identify the culprits.

Read More (Guardian)
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1194 reads)

DFRWS EU 2015 – Dublin 23rd – 26th March

Tuesday, March 17, 2015 (12:15:54)
On Monday 23rd of March 2015, Forensic Focus will be attending DFRWS EU – the European Digital Forensic Research Workshop – at University College Dublin, Ireland. If there are any topics you would particularly like us to cover in-depth, or if there are any speakers you think we should interview, please let us know in the comments.

DFRWS has been running in the USA since 2001 and expanded to Europe in 2013. Organised by some of the most prominent names in digital forensics, including Eoghan Casey, Frank Adelstein and Vassil Roussev, it has grown over the years from a small workshop group to a full conference with a double blind review and printed proceedings.

This year’s European conference runs from the 23rd – 26th of March, and Forensic Focus will be taking notes throughout the workshops and interviewing key figures.

Read More...
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (844 reads)