±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 32784
New Yesterday: 3 Visitors: 144

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Page 2

Forensic Focus Forum Round-Up

Friday, September 15, 2017 (12:25:01)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Forum members discuss how to identify bad sectors on a drive.

Have you had any experience with Ethereum forensics? Chime in on the forum.

Can you help ssstu to work out why LNK files aren’t showing up?

How would you extract data from this Galaxy S6? Share your thoughts on the forum.

Can you recommend any resources to help HuzyComp, a student of digital forensics?

Forum members talk about options for recovering data from a Motorola G4 after it’s been reset to factory settings.

Binarybod shares an open-source Windows link file examiner.

Where would you go to find deleted tweets from a specific Twitter user?

Forum members discuss the return of Forensic CaseNotes.

Do you have any advice for Bell_4, who is trying to create forensically sound images using only free software?

FameMoose is a student who’s looking to do a year in industry - share your advice on the forum.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (766 reads)

Passware Kit 2017v4: Supports DriveCrypt, Extracts 1Password/Mac Master Password

Thursday, September 14, 2017 (13:21:42)
Passware Kit 2017 v4 recovers passwords for DriveCrypt and instantly extracts the master password for 1Password for Mac from memory images. This version improves GPU-accelerated password recovery (up to 25% faster for RAR, ZIP, Microsoft Office, and Apple Keychain files). It also introduces GPU-accelerated password recovery for PDFs (encryption revision 3).
What’s New in Passware Kit Forensic 2017 v4

- Password recovery for DriveCrypt
- Master password extraction for 1Password for Mac
- Increased performance of GPU-accelerated password recovery
- GPU-accelerated password recovery for PDF
  • Posted by: dmitrys
  • Topic: News
  • Score: 0 / 5
  • (1064 reads)

New Security Measures In iOS 11 And Their Forensic Implications

Wednesday, September 13, 2017 (09:51:01)
by Oleg Afonin, Elcomsoft

Apple is about to launch its next-generation iOS in just a few days. Researching developer betas, we discovered that iOS 11 implements a number of new security measures. The purpose of these measures is better protecting the privacy of Apple customers and once again increasing security of device data. While some measures (such as the new S.O.S. sequence) are widely advertised, some other security improvements went unnoticed by the public. Let us have a look at the changes and any forensic implications they have.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (839 reads)

Review Of MacQuisition 2017 From BlackBag Technologies

Tuesday, September 12, 2017 (10:01:45)
Reviewed by David Flynn, Forensic Examiner for the Pitt County Sheriff’s Office, Greenville, North Carolina.

MacQuisition has been the go-to tool for acquisition of Apple computers for quite some time. With the most recent changes in the methods of acquiring data from Apple products, the MacQuisition software is now needed more than ever.

This tool has been time tested and remains at the top of the list for must have tools in the arena of computer forensics.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (718 reads)

BlackBag Technologies Launch Forensic Software Educational Program

Monday, September 11, 2017 (10:52:49)
A partner recently commented to BlackBag Technologies that their digital forensic software ‘performed like a champ.’ The fact this partner, Bay Path University, is educating the next generation of digital forensic investigators, adds even more to the endorsement.

BlackBag Technologies fully appreciates the value Universities and Colleges of Higher and Further Education bring to the forensic community. To support this, BlackBag Technologies proudly announces the launch of their Educational Program, including multiple user licensing and instructor training.

Cellular GPS Evidence: Waze + Cellebrite + CellHawk

Friday, September 08, 2017 (13:55:53)
by Patrick Siewert, Principal Consultant, Pro Digital Forensic Consulting

It’s becoming common knowledge that location evidence on cellular devices can provide a wealth of evidence in any number of civil, criminal and investigative matters. Law enforcement agencies use cellular location evidence from service providers to help place a criminal suspect at or near a crime scene in a given time frame. Search and rescue analysts can use cellular call detail records to help locate missing persons as well. And as we’ve detailed in previous articles, this type of evidence can be useful in any number of other matters, from divorce to alimony to fraud investigations and beyond.

So where does all of this evidence come from and how can we best utilize it? It can come from a variety of different places, but the two main areas are the mobile device itself and the records from the cellular provider.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (882 reads)

Webinar: Hyperscale Your Investigation And Intelligence Capabilities

Friday, September 08, 2017 (12:00:17)
How do you future-proof your investigative lab capabilities to handle the expanding complexity and volumes of digital evidence involved in cases today?

During this session you will hear some ideas and concepts to help tackle this ever growing problem and how intelligent, defensible workflows enable investigators to work together at a national level, giving them one view over multiple jurisdictions and multi-terabyte case files.

Learn how to:

• Automatically identify and link key artifacts and intelligence items such as named entities and digitally fingerprinted material across multiple evidence sources and historical cases
• Set up collaborative investigations involving hundreds of investigators, officers and analysts, who can all work together on cases no matter where they are located
• Prioritise and distribute key data to users of differing skill levels to maximise skill sets and resources.

Date: 14 September 2017
Time: 11am BST

Presenter: Paul Slater, Global Head of Investigations, Nuix

Register here
  • Posted by: scar
  • Topic: All
  • Score: 0 / 5
  • (860 reads)

Interview With Thomas Barton, Research Associate, Canterbury Christ Church

Thursday, September 07, 2017 (12:46:16)
Thomas, tell us a bit about yourself - what's your background, what are you studying at the moment, and how did you become interested in digital forensics?

I have always been interested in engineering, electronics, and computing from a young age. By the time I reached sixth form I knew I wanted to go into computing, but still had no direction. I saw a lot of people interested in gaming, coding and networking, but none of it really appealed to me. It was at a careers fair, I heard the words "digital forensics", which caught my attention, and for a project I did an investigation into the extraction of data from used electronics.

That was 4 years ago now, and I recently completed my undergrad BSc Forensic Computing at CCCU with a few publications on top while at university, and have not looked back.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (688 reads)

Blog Series: Using F-Response In Enterprise Investigations

Thursday, September 07, 2017 (11:09:07)
This month, Jamie McQuaid, a Forensics Consultant at Magnet Forensics, looked at how F-Response and Magnet AXIOM can be used together to recover data remotely in enterprise investigations.

In this three-part series, Jamie discusses how to establish a read-only, secure connection to a remote host allowing examiners to acquire or analyze physical disks and volatile data. The series uses Magnet AXIOM as an example of a tools that can be used to recover and examine the data, but as F-Response is tool-agnostic, any tool could conceivably be used.

Oxygen Forensics Adds An Industry Leading Ability To Decode Drone Data

Wednesday, September 06, 2017 (10:32:20)
Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, can now parse and decode drone data from Phantom 3 and Inspire 1 drones manufactured by DJI.