±Forensic Focus Partners

±Your Account


Forgotten password/username?

New Today: 0
New Yesterday: 0
Overall: 28040
Visitors: 47

±Forensic Focus Partner Links

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Page 2

"Test Drive" AccessData Products for FREE!

Wednesday, February 11, 2015 (17:11:57)
Available now:

Evaluate any available AccessData solution for 20 days, full product capabilities, no license, no dongle and no credit card required.

Click here to start your test drive today!

UK Home Office Report: eDiscovery in Digital Forensic Investigations

Wednesday, February 11, 2015 (12:52:25)
Nuix, a technology company that enables people to make fact-based decisions from unstructured data, welcomes the findings of the report ‘eDiscovery in Digital Forensic Investigations’ published by the United Kingdom Home Office. The report concludes that “Giving investigators rapid access to the digital information in a form that they can understand and work with has the potential to significantly enhance an investigation.”

The report details the results of a review of the use of eDiscovery software and workflows in the context of digital forensic investigation, conducted by the London Metropolitan Police Service and the UK Centre for Applied Science and Technology.

New CCFP Snapshot Describes What it Takes to Be a Certified Cyber Forensics Pro

Monday, February 09, 2015 (12:43:08)
The CCFP Snapshot offers an inside look at what it’s like to be a Certified Cyber Forensics Professional (CCFP). Offered by (ISC)2®, the global leader in information security certifications, CCFP is the only global cyber forensics credential that provides a comprehensive validation of a candidate’s knowledge and skills as a digital forensics expert.

Today’s digital forensics professionals need to understand far more than just hard drive and intrusion analysis. Whether a law enforcement officer supporting criminal investigations, a digital forensics specialist consulting clients, or an eDiscovery specialist working on litigation, CCFP demonstrates a professional’s ability to gather, analyze, and deliver digital evidence that is accurate, complete, and reliable.
  • Posted by: (ISC)2
  • Topic: News
  • Score: 0 / 5
  • (2222 reads)

Acquiring Memory with Magnet RAM Capture

Thursday, February 05, 2015 (16:40:11)
Recently, we released a new free tool that allows investigators to acquire the memory of a live PC. Customers using our IEF Triage module will already be familiar with this tool, as it’s used to acquire evidence from live systems. In realizing that others could benefit from our RAM capture tool, we decided to release it free to the forensics community.

Memory analysis can reveal a lot of important information about a system and its users. There are often instances where evidence stored in memory is never written to the hard drive, and may only be found in the pagefile.sys or hiberfil.sys. Memory analysis is essential to many malware and intrusion incidents and can be imperative in recovering valuable evidence for almost any PC investigation...

Read More (Magnet Forensics)

Review: IEF Mobile Module

Tuesday, February 03, 2015 (10:57:16)
Reviewed by John J. Carney, Carney Forensics

I am a digital forensics examiner who early in my career studied computer science and wrote code as a software developer and later in my career studied law and became a licensed attorney. I have acquired certifications in both mobile device forensics and computer forensics and own a private digital forensics firm in Minnesota. We love mobile! Half our case load is recovering dozens of flavors of deleted messages from every variety of phone known to humanity. But we also devise evidence strategy for complex civil litigation and draft preservation letters and requests for production and advise on e-discovery issues, which now increasingly turn on mobile evidence.

I obtained Magnet Forensics’ Internet Evidence Finder (IEF) in early January 2013 upon strong recommendations from friends in the industry. As a mobile examiner I procured it for examining microSD cards removed from the phone and placed behind a write blocker for live and deleted multimedia evidence including photo, video, audio, and anything else that might be there...

Read More
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (956 reads)

How Secure Is Your Password?

Sunday, February 01, 2015 (10:33:55)
How many passwords does an average Joe or Jane have to remember? Obviously, it’s not just one or two. Security requirements vary among online services, accounts and applications, allowing (or disallowing) certain passwords. Seven years ago, Microsoft determined in a study that an average user had 6.5 Web passwords, each of which is shared across about four different websites. They’ve also determined that, back then, each user had about 25 accounts that required passwords, and typed an average of 8 passwords per day.

It didn’t change much in 2012. Another study determined that an average person has 26 online accounts, but uses only five passwords to keep them secure, typing about 10 passwords per day. CSID has a decent report (opens as PDF) on password usage among American consumers, discovering that as many as 54% of consumers have five passwords or fewer, while another 28% reported using 6 to 10 passwords...

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1138 reads)

Atola Insight Forensic 4.2: Image Files on Target Media, Improved Performance

Friday, January 30, 2015 (15:59:09)
Atola Technology has announced a major update to Insight Forensic. All existing customers can freely download and install the new 4.2 software.

Having been asked many times by forensic experts to allow the creation of image files on target devices attached directly to an Atola DiskSense unit, this facility is now available.

Forensics and Bitcoin

Friday, January 30, 2015 (13:36:49)
This article does not attempt to provide a beginners guide to Bitcoin, nor an in-depth thesis on Bitcoin forensics. Rather, it will be an overview of the potential opportunities available to digital forensics and traditional investigators to obtain evidence in relation to attributing transactions or holdings to a specific person and (legally) seizing those funds.

I will discuss academic work that has been undertaken in this area, what precautions a security aware user may take and the issues introduced by them doing so. I will also discuss an open-source Python tool called BTCscan, which has been created to accompany this article and will carve out bitcoin addresses, private keys and other Bitcoin artifacts.

This article may be of interest to persons conducting investigations for criminal, civil, personal or business reasons. Some elements may be of limited relevance to agencies without powers of seizure and/or subpoena...

Read More
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (1036 reads)

Estonia President wants China and Russia to help fight cyber-crime

Wednesday, January 28, 2015 (09:47:41)
Speaking on the ‘Fighting Shadows' panel at the Davos convention in Switzerland on Saturday,Toomas Hendrik Ilves joined senior figures from Kaspersky, Microsoft and the United Nations in calling for improved cyber-crime policing, laws and collaboration – whilst also calling into question how – and if - countries can respond to cyber-attacks.

Estonian websites were famously hit by distributed-denial-of-service (DDoS) attacks in 2007, which at the time was rumoured to be work of the Russian government. Subsequently, the country became one of the world's most advanced countries on cyber-security, even establishing the NATO Cooperative Cyber Defence of Excellence in Tallinn in August 2010. Ilves – who said that the country also helped with similar DDoS attacks against Georgian websites a year later – admitted that DDoS and nation-state attacks are very different things, but said that defending against cyber-criminals is almost impossible considering outdated laws...

Read More (SC Magazine)
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (1114 reads)

Dealing With Records Found in SQLite Rollback Journals

Tuesday, January 27, 2015 (11:16:35)
Sanderson Forensics was recently contacted by a customer at a police force with a question relating to deleted SQLite records that were found in a rollback journal. The requirement was to create a report(s) showing both the live records in the Kik database as well as the deleted records that were found by a filename search in the rollback journal.

The article at the link below goes into a little detail of how the rollback journal works, some thoughts on recovering data from it and then details how the data was recovered from the rollback journal and then how we distinguished and created a report showing the deleted records in the journal vs the live records that were also present in the journal...

Read More (Sanderson Forensics)