±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 31086
New Yesterday: 0 Visitors: 67

±Latest Articles

RSS Feed Widget

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News   Forums   Articles

Digital Forensics, Computer Forensics, eDiscovery

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Arsenal Recon Launches Breakthrough Microsoft Windows Hibernation Forensic Tool

Saturday, October 22, 2016 (08:59:39)
Hibernation Recon Provides Digital Forensics Experts with Unprecedented Access to Hibernation Data

Arsenal Recon, digital forensics experts building powerful tools to improve the analysis of electronic evidence, announced the formal release of Hibernation Recon today. Hibernation Recon extracts valuable information from Microsoft Windows® XP, Vista, 7, 8, 8.1, and 10 hibernation files that other tools have failed to reveal for many years. Digital forensics experts armed with Hibernation Recon are now able to exploit not only the active contents of Windows hibernation files, but also massive volumes of information in the multiple levels of slack space within them.

New Performance Enhancements in Magnet AXIOM Mean Faster Results

Friday, October 21, 2016 (10:15:05)
Processing Times Reduced Dramatically in AXIOM 1.0.6

By Jad Saliba, Founder and CTO at Magnet Forensics

Last week, we released Magnet AXIOM version 1.0.6. This update included a number of features and fixes, but one of the main goals was to address issues we, and our customers, had seen in processing times. And we did it! AXIOM Process times are now testing as being equal to, or slightly faster than, IEF.

Here’s how we did it…

BlackBag® helps Saskatoon Police Service put a criminal behind bars

Wednesday, October 19, 2016 (09:28:59)
BlackBag® Technologies’ premiere digital forensic software, BlackLight® helped put a man, convicted of possessing 450 child pornography images, behind bars. Marcel Cole Beuker, whose trial was held in March of this year, claimed the images found on a hard drive connected to his iMac, were not his. It took three long years for the Saskatchewan Internet Child Exploitation (ICE) unit to bring him to justice, but their diligent work secured a conviction. Beuker received an 18-month sentence, plus 4 months for disobeying release conditions.

During the trial, BlackLight®’s .fseventsd feature was featured prominently. The ICE unit had their work cut out for them, as Beuker was an experienced programmer and very tech savvy. Using tools, including BlackLight®, they were able to show almost all of the communication originated from the accused’s system, and no other devices.

Forensic Focus Forum Round-Up

Tuesday, October 18, 2016 (11:50:59)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Can you help honor_the_data work out this USB storage timestamp anomaly?

Forum members discuss iPhone 4S iTunes backup encryption.

Should you apply for ISO/IEC 17020 and 17025 if you’re a one-person organisation?

Which programming language should you learn if you’re a digital forensic examiner?

Do SSDs ‘shrink’ over time? Add your thoughts in the forum.

Forum members discuss detection of file-hollowing.

How would you bypass a PIN-locked SIM? Chime in on the forum.

Are we ready for Apple vs. the FBI round two?

Forum members discuss eSIM chip-off forensics.

How can we extract evidence from Virtual Assistants?
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2153 reads)

Oxygen Forensics Speeds Up Forensic Processing of Android Devices

Thursday, October 13, 2016 (13:38:43)
Oxygen Forensics, the worldwide developer and provider of advanced forensic data examination tools for mobile devices, announced today an agreement with the MITRE Corporation Technology Transfer Office that will make it possible for customers of Oxygen Forensics to take advantage of faster processing times on Android devices for data extraction.

Why False Positives Are Important

Wednesday, October 12, 2016 (08:25:41)
By Jamie McQuaid

Most forensic examiners are familiar with seeing false positives in their search or processing results. False positives will always be present in tools that conduct some form of data carving in their searching and/or processing.

I often get questions from forensic examiners (both new and experienced) on whether the data that IEF or AXIOM has found is valid. Without seeing the data myself, it’s quite difficult to determine the validity of the information so I’ll typically respond with several follow up questions trying to understand what the examiner is seeing. This helps me assess the likelihood of the data being either valid or a false positive.

Webinar: Challenges Mobile Devices Pose in Global Investigations

Wednesday, October 05, 2016 (13:32:13)
11 October
9:00AM ET / 2:00PM UK / 3:00PM CEST

Discussion Topics:

- To some extent, the ubiquity of mobile devices—and many people’s use of them as their primary digital interface—has come in the aftermath of the first wave of standards being set for e-discovery, data retention, and so on.
- What are a party’s duties of control, retention, production, and so on?
- In terms of data generated on or stored in mobile devices, where is the line drawn between what the corporate entity (presumably your client) is deemed responsible for as opposed to what the individual possessing the mobile device is responsible for? Is it primarily based on (a) physical possession; (b) legal title/ownership; (c) beneficial ownership/control; or (d) some other factor or combination?
- Enforcement procedures including parties, venue, noteworthy procedural requirements?

Panelists will include: Ian De Freitas, Partner, BLP, London; Tim Hickman, Counsel, White & Case, London; Kevin DeLong, Vice President of Mobile Investigations, AccessData

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (5851 reads)

Webinar: How To Break Passcodes / Patterns On Locked Android Phones

Monday, October 03, 2016 (07:34:35)
A recording of the webinar "How To Easily Break Pincodes / Passcodes / Patterns On Locked Android Phones" is now online and available to view here.

Join the forum discussion here.
View the webinar on YouTube here.
Read a full transcript of the webinar here.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (6897 reads)

Webinar: Deep Diving for Forensic Gold - Applications and Deleted Data

Friday, September 30, 2016 (07:22:38)
A recording of the webinar "Deep Diving for Forensic Gold - Applications and Deleted Data" is now online and available to view here.

Join the forum discussion here.
View the webinar on YouTube here.
Read a full transcript of the webinar here.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (7018 reads)

Review: Oxygen Forensic Detective From Oxygen Forensics

Wednesday, September 28, 2016 (07:27:19)
Reviewed by K. Gus Dimitrelos CEO – Cyber Forensics 360

Opening the Oxygen Forensic Detective Dongle packaging I did not expect my forensics world of 20 years and counting to change so quickly. As a retired Secret Service agent, I began forensics in the dark ages of 1996 and would never have forecasted the growth of the mobile device market or their involvement or use in criminal enterprise. The importance of connecting device extracted data, event timelines, and linked communications with the associated web, social and cloud artifacts has re-defined the role of examiners and detectives. Welcome to the future and the new baseline of mobile device and data forensics. Oxygen Forensic Detective moved the line across from the typical data-dump style result to a more analytical and fully functioning Swiss cyber knife.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (7546 reads)