±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 2
New Yesterday: 10
Overall: 27381
Visitors: 99

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

Page 3

Using Dynamic App Finder to Recover More Mobile Artifacts

Tuesday, October 07, 2014 (10:45:38)
Data recovered from mobile chat apps is critical to many forensic investigations. However, with thousands of mobile chat apps in use today and a steady stream of new apps emerging, identifying, recovering and analyzing mobile chat data has become a challenging and time consuming duty for forensic professionals.

Often investigators will come across a less popular app, or even a custom app created by a suspect that isn’t supported by any tool, but will still require examination. Dynamic App Finder is a feature of the Internet Evidence Finder (IEF) Mobile Module that helps address this problem. DAF searches for any potential mobile chat app databases located on images or file dumps of iOS or Android mobile devices...

Read More (Magnet Forensics)

Interview with Stuart Clarke, Director of Cybersecurity, Nuix

Monday, October 06, 2014 (09:51:55)
Stuart, please tell us more about your role as Director of Cybersecurity and Investigation Services at Nuix.

My role covers three main areas: product development, support and training, and advisory to the United Nations’ International Telecommunications Unit (ITU).

Having used Nuix since 2008 as an industry practitioner working on a data breach cases, I knew Nuix had the power, flexibility and potential to do more. I was lucky enough to receive the backing of Nuix to explore this potential and spearhead Nuix’s product development in the incident response and cybersecurity space. I’m focused on everything from our collection technology, to enhancing the Nuix Engine and growing the investigator features. This role is fairly technical; I write scripts and create proof of concepts to initiate a new features in the product roadmap. Working with the Nuix development team is a hugely rewarding experience...

Read More
  • Posted by: scar
  • Topic: All
  • Score: 0 / 5
  • (723 reads)

What cops need to know about Apple’s iOS 8 lockout

Wednesday, October 01, 2014 (09:12:13)
In mid-September, Apple rolled out iOS 8 for users of the more recent models of the iPhone, iPad, and Mac computers. Among many changes was a statement from Apple CEO Tim Cook that Apple would no longer assist law enforcement agencies in unlocking iPhones and iPads. Actually, Apple’s claim is that they cannot assist law enforcement in this way, because iOS 8 encrypts the data on the device with a key linked to the user’s passcode, and that passcode is not transmitted to Apple. This saves Apple from being in the middle of a subpoena/search warrant war, as they can’t give the police what they do not have. Privacy advocates lauded Apple for taking this position.

Analysis by iOS forensics experts indicates that Apple is speaking the truth. Apple doesn’t have the key to unlock a device running iOS 8. However, that doesn’t always mean that the cops can’t get access...

Read More (PoliceOne.com)
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (1261 reads)

Learn How To Recover Vital Artifacts from BlackBerry Messenger

Monday, September 29, 2014 (10:54:45)
BlackBerry Messenger (BBM) was the original mobile messaging application, geared towards business users and productive consumers. Originally available only on BlackBerry devices, BBM has since gone cross-platform and is now accessible to Android and iOS users.

While consumer interest in BlackBerry devices has been on the decline, the recent OS extension of BBM has increased the application’s user-base substantially. It’s become widely popular in North America, but even more noteworthy is the adoption of BBM in countries such as Indonesia and South Africa, where it is the number one mobile chat application.

Learn how to retrieve BBM artifacts from iOS and Android devices...

Read More (Magnet Forensics)

A guide to RegRipper and the art of timeline building

Thursday, September 25, 2014 (13:19:26)
I have often heard RegRipper mentioned on forums and websites and how it was supposed to make examining event logs, registry files and other similar files a breeze. RegRipper is developed and maintained by Harlan Carvey, who is the author of several blogs, numerous books and tools, and is also very active in the forensic community in general.

RegRipper is a tool that can be used to quickly extract values of interest from within the registry. It is NOT a registry browser. You do not get the option to browse through the registry. That can quickly overwhelm any analyst.

Instead it extracts only values of potential interest and presents it in a document for easier reading. This does not mean that you will be presented with the smoking gun right off the bat...

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2285 reads)