±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 30676
New Yesterday: 6 Visitors: 66

±Latest Articles

RSS Feed Widget

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News   Forums   Articles

Digital Forensics, Computer Forensics, eDiscovery

Cellebrite Introduces UFED Touch2 Platform

Wednesday, July 27, 2016 (09:05:07)
Cellebrite unveils UFED Touch2, the latest addition to the company’s industry-leading UFED Series family of mobile forensic solutions. With enhanced speed, usability, and portability, UFED Touch2 is a comprehensive mobile forensic solution that allows law enforcement, military, and intelligence agencies to extract evidentiary data in a forensically sound manner. The Touch2 can extract mobile device content up to three times faster than the UFED Touch, enabling investigators and examiners to accelerate investigations.

Hiding Data from Forensic Imagers – Using the Service Area of a Hard Disk Drive

Friday, July 22, 2016 (07:48:47)
By Todd G. Shipley and Bryan Door

Kaspersky Labs® recently released their research regarding the compromise of hard disk drive firmware. This has confirmed our long standing suspicion that data hiding techniques using a hard disk drives Service Area could be used for malicious purposes. Kaspersky Labs® identified a group of attackers, dubbed the Equation Group, reportedly having close ties to the groups responsible for writing Stuxnet and Flame.

The “Equation Group” is reported to have run the most advanced hacking operation ever uncovered (Goodin 2015). This group is reported to have used firmware update techniques to create a “secret storage vault” to store data in the firmware of the compromised hard drives. Thus allowing the storage of data including the malware itself allowing the ability to survive standard format and wiping operations.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2038 reads)

Join The Forensic Focus Twitter Chat, Wednesday 20th June: Education & Training

Tuesday, July 19, 2016 (12:10:18)
Join @ForensicFocus on Twitter at 3pm EST / 12pm PST / 7pm GMT (8pm BST in the UK) Wednesday 20th June for an in-depth chat on the topic of digital forensics education and training.

What do you wish you'd learned in training? Can someone succeed as a forensic examiner if they're entirely self-taught? Vendor training or university degrees? Join in the discussion on Twitter using the hashtag #dftalk
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1472 reads)

What Can The SV Strike Do For You? Unlock Thousands Of Phones!

Tuesday, July 19, 2016 (10:37:04)
The SV Strike is the only stand-alone pincode/passcode/pattern breaking tool built as a forensic device and now has a new low price. The SV Strike is capable of acquiring 6 digit pincode/passcodes on the most popular phones. More than just a simple brute force “box.” Created and built in the United States, this new technology gives the forensic investigator the go-to tool for breaking into iPhones and Androids. With easy to view videos and instructions, the SV Strike will replace foreign devices with questionable abilities. While hacker tools were able to break into certain phones, they were not built for law enforcement purposes. The SV Strike combined the need to access phones quickly, with need for accurate reporting features. Current phones supported include Android phones with USB OTG capability and iOS devices through 8.0.

Forensic Focus Forum Round-Up

Tuesday, July 19, 2016 (07:49:49)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

D1g14n6 is trying to extract data from an SSD that’s been encrypted with FileVault2.

Forum members discuss how to extract GPS data from Mercedes’ in-car navigation systems.

How would you ascertain whether a specific user has accessed a USB stick on a workstation?

What would you use to bypass a Samsung Galaxy Ace S5830i lock screen?

Is it possible to get text message data from AT&T with a subpoena?

Do you have any suggestions for this beginner forensics student? Add them in the forum.

Are there digital forensics jobs available that allow reduced hours?

Forum members discuss jump list examination.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1486 reads)

TomTom Triplog Decryption: Provided by Cellebrite Advanced Investigative Service

Monday, July 18, 2016 (12:03:41)
Global Positioning Systems (GPS) fall into the category of wireless communications that hold a considerable amount of evidence that can be used in an investigation. People’s whereabouts are recorded in “second-by-second” detail on their TomTom navigation system and retrieving this type of information can provide powerful digital evidence for your case.

Interview With Drew Fahey, VP of Product Development, BlackBag Technologies

Monday, July 18, 2016 (07:32:56)
Drew, you're VP of Product Development at BlackBag Tech. Tell us a bit about your work. What does your day-to-day role entail?

I manage a team of developers who work incredibly hard creating the outstanding products our customers have come to expect from us. With my team working from several different locations (Austin, San Jose, New Orleans and Washington, D.C., to name a few), that’s no easy task!

My team and I are focused on feedback from customers regarding their needs, and the user experience is the determining factor in what features and functionality you see brought to life in every one of our releases. In order to accomplish that, we work closely with our QA, Support, and Analyst groups to fully understand any concerns from our customers, as well as new feature and functionality requests that would make an examiner’s job a little easier.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (917 reads)

Collaborators Sought For Standardization Panel

Friday, July 15, 2016 (07:44:30)
On the Forensic Focus forum, tootypeg recently posted a call for collaborators on a project about standardisation in digital forensics; specifically, standardisation of witness statements / reports.

Tootypeg is looking to identify and define a panel of members to debate and develop the terminology.

The full text of the forum post follows below; if you are interested in collaborating, feel free to add to the thread or PM tootypeg for more information.

Just wanted to gather your thoughts on a few things and particularly a piece of work I am currently looking into. Basically it's looking at standardisation but from a report and evidence description point of view. It's interesting that this was sort of mentioned in the 'New digital forensics textbook - soliciting suggestions' thread, but from an evidence misunderstanding point of view.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1473 reads)

Global Report: Making The Case For Visual Analytics In Digital Investigations

Thursday, July 14, 2016 (09:56:19)
Nuix surveyed over 200 digital forensic investigators around the world to discover how they used keyword searches and other analytical investigation techniques. How do your experiences match up with others in the field? Download this report to find out.

The Takeover: How Police Ended Up Running A Paedophile Site

Thursday, July 14, 2016 (06:26:48)
It was one of the world’s largest and most secure paedophile networks – an online space where tens of thousands traded horror.

The website dealt in abuse; video and images of children, swapped and boasted about on a dark-web forum, accessible only through an encrypted browser.

Membership was tightly managed. Quiet accounts raised suspicion and could be suddenly terminated. Those who stayed had to upload new material frequently. More than 45,000 people complied.

But what those thousands never realised, even as heavy users began to disappear, was that the site was being run by police.

Read More (The Guardian)
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1358 reads)