±Partners and Sponsors

±Your Account


Forgotten password/username?

New Today: 5
New Yesterday: 12
Overall: 26994
Visitors: 76

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

Page 3

How to Analyze USB Device History in Windows

Tuesday, August 12, 2014 (18:49:55)
Whether you’re a corporate examiner working an intellectual property theft, or a law enforcement investigator searching for illicit images, most forensic examiners have investigated the USB device history of a computer.

There are five key pieces of information that need to be found when investigating USB device history. With the data from each of these sources, investigators can better understand how USB devices have been used on a given system, and possibly how a suspect might have used a USB device in the commission of a crime or incident...

Read More (Magnet Forensics)

Tor attack may have unmasked dark net users

Thursday, August 07, 2014 (14:07:50)
Developers of software used to access Tor - an otherwise hard-to-reach part of the internet - have disclosed that an attack on the network may have unmasked users for five months. The Tor Project said that it believed the assault was designed to de-anonymise the net addresses of people operating or visiting hidden sites. However, it said it was not sure exactly how users had been "affected". The project added that it believed it had halted the attack on 4 July.

Tor allows people to visit webpages without being tracked and to publish sites whose contents does not show up in search engines. The Tor Project said it believed that the infiltration had been carried out by two university researchers, who claimed at the start of July to have exploited "fundamental flaws" in Tor's design that allowed them to unmask the so-called dark net's users...

Read More (BBC)
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (947 reads)

New Blog Series - A Deep Dive: IEF Business Apps & OS Artifacts Module

Wednesday, August 06, 2014 (12:00:03)
Internet artifacts are only a subset of the potential evidence that can be found on mobile devices and computers. Internet Evidence Finder (IEF), from Magnet Forensics, now recovers more evidence in just one search with the new Business Applications & OS Artifacts module.

A new six-part blog series digs deeper into the evidence recovery capabilities now available with this module. Each blog will offer different tips and techniques that can be used to find important business applications and OS artifacts, as they often provide a wealth of information on a user’s activity and are valuable pieces of evidence...

Read More (Magnet Forensics)

Arnim Eijkhoudt, Lecturer in Digital Forensics, University of Applied Sciences

Tuesday, August 05, 2014 (18:37:17)
Arnim, please tell us about your role as a lecturer in digital forensics, and how you first became interested in the field.

I've been fascinated with 'tinkering' with computers from a young age: figuring out why things (don't) work, reverse-engineering, reconstructing what happened and so on. Therefore, it was natural for me to turn to the fields of Forensics and Security after I studied Informatics and became a lecturer. Before 2007 I was already incorporating Computer Security-related topics into my lectures and classes where possible. From 2007 to 2013, the Amsterdam University of Applied Sciences and the University of Amsterdam have offered a joint Minor in Forensic Intelligence & Security (MINFIS)...

Read more

EnCase 7.10: Better Visibility, Simpler Reporting, More Flexible

Monday, August 04, 2014 (14:36:09)
For more than 15 years, EnCase has empowered investigators by exposing data invisible to most tools and putting this data at the investigator’s fingertips with flexible, accessible analysis and reporting. EnCase 7.10 is built to continue this tradition.

EnCase 7.10 expands on best-in-class visibility by unlocking self-encrypting drives and supporting OS X investigations with HFS+ Double Files, Quick Look Thumbnail Caches and Keychain parsing. EnCase 7.10 simplifies analysis and reporting through a new Report Template Wizard. Not every investigation is a “dead box” investigation, and EnCase 7.10 has adapted to include EnCase Portable volatile data collection and triage capabilities at no additional cost.