±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 2
New Yesterday: 5
Overall: 28190
Visitors: 81

±Forensic Focus Partner Links

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Page 2

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Nevis encryption-detection software updated to version 1.5.0

Thursday, March 12, 2015 (10:53:23)
The National Technical Assistance Centre (NTAC) has released a new version of Nevis, their free encryption-detection software.

Nevis runs over seized media to flag any encrypted files or encryption-related files, outputting a report to allow investigators to quickly identify any files of interest.
Nevis is available as a stand-alone Java application and an EnCase 6 EnScript (beta version) with plans for EnCase 7 in the pipeline.

Nevis is available free of charge to all UK Law Enforcement and Government Departments.

If you would like to use Nevis please email esd@ntac.gsi.gov.uk for details and download link.
  • Posted by: mykulh
  • Topic: News
  • Score: 0 / 5
  • (2016 reads)

March 26 Webinar to Discuss Being an Expert Witness in Cyber Investigations

Tuesday, March 10, 2015 (10:07:26)
With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony.

What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need?
  • Posted by: (ISC)2
  • Topic: News
  • Score: 0 / 5
  • (1929 reads)

Magnet Forensics Expands Support in EMEA

Friday, March 06, 2015 (11:30:01)
Waterloo, ON., March 4, 2015 - Magnet Forensics is pleased to introduce Carl Tinker as the new Business Development & Channel Manager for Europe, the Middle East, and Africa (EMEA). Carl joins the Magnet team to provide focused support for our resellers and rapidly expanding customer base in the region.

“I’m excited that Carl has joined us to lead our sales and marketing efforts in EMEA. Carl has an excellent track record and reputation within the digital forensics industry,” said Adam Belsher, CEO at Magnet Forensics. “Our business in the EMEA markets has grown quickly in the past 2 years, and we felt it was extremely important to find an experienced business leader to provide excellent service to our customers and partners in the region.”

Secure View Mobile Forensics and Belkasoft Announce Partnership

Wednesday, March 04, 2015 (12:22:45)
Susteen Inc, and Belkasoft are happy to announce their new partnership. This partnership will allow respective users of both Susteen’s Secure View cell phone forensic software and Belkasoft's computer forensic software to receive discounts on each other's offerings. Both companies offer industry leading tools to law enforcement, military, government and corporate users. This partnership will strengthen the ability for users of both products to manage their forensic cases and increase their forensic capabilities.

Head replacement tools from HddSurgery

Wednesday, February 25, 2015 (13:18:57)
Introduction to head replacement process

Head replacement process refers to the process of replacing defective HDD heads with the heads from identical and functional hard disk drive. This process must be performed in order to recover data from disks that have suffered from head crush failure.

Process of replacing damaged HDD heads with functional ones is pretty complex task, especially if you consider risk of damaging HDD platters, which may cause permanent data loss. Various methods and techniques were used to perform head replacement process, with different percentage of success and high chances that something will go wrong.

Belkasoft Adds Forensic Support for Windows Phone 8.1

Thursday, February 19, 2015 (12:08:29)
Belkasoft updates its digital forensic solution, Belkasoft Evidence Center 2015, with the ability to perform forensic analysis of Windows Phone 8.1 images acquired via JTAG flashers and Cellebrite UFED hardware.

The new release enables automated extraction, discovery and analysis of user data available in chip-off dumps acquired from mobile devices running Windows Phone 8 and 8.1. Supported data includes Web browsing histories, contacts, call logs, chats, instant message conversations, cached social network communications, screenshots of background applications, and many other types of data.

IEF Artifact Updates Have Become a More Frequent Thing

Wednesday, February 18, 2015 (14:52:08)
To stay on top of the rapidly evolving app landscape (and ensure IEF users continue to find as much digital evidence as possible in their investigations), the Magnet Forensics team has started to release more frequent artifact updates, adding to the list of hundreds of artifacts that IEF supports on computers, smartphones and tablets.

New this month, we have released support for a number of native iOS applications including Owner Information, Saved Wi-Fi Profiles, Saved Bluetooth Devices, Spotlight Searches, Word Dictionary, Installed Applications, Calendar Events, Deleted Notes, and Contacts. This new update is available now to customers who have added the mobile artifacts module to their license...

Read More (Magnet Forensics)

AccessData MPE+ 5.5.6 has been released

Wednesday, February 18, 2015 (10:56:49)
MPE+ 5.5.6 has been released featuring a new simpler installation process as well as new analysis and reporting capabilities. Some of the new features include:

Analysis
You can now select files in both the media and the carved view to export the file to a desired location in the files’ native form. This allows you to:
Report on carved files using the attach file function in reports
Save native files to an evidence folder for later analysis
View files that are not currently viewable in the natural view

Reporting
You can now report the information from the conversation view. While in the SMS view, you may select a message, right-click, and select a conversation view or select the conversation in the conversation pane. You can elect to remove the report by following the same procedure.

Download Release Notes
Download ISO

Forensic Focus Forum Round-Up

Monday, February 16, 2015 (19:01:46)
Welcome to this round-up of recent posts to the Forensic Focus forums.

Is there an MFT equivalent for EXT or HFS filesystems?

Forum members discuss how to get started with Snapchat forensics.

Which is the best programming language to learn for computer forensics? Add your thoughts in the forum.

Forum members discuss how to examine the shellcode of malicious Office documents.

Do you have any recommendations for good books about mobile forensics? Let us know on the forum.

How should storage be set up when creating a small digital forensics lab?

Forum members discuss recovering 12GB of missing photos from a 32GB microSD card.

Do you talk about your work with friends and family? Add your view on the forum.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1933 reads)

Forensic Analysis of SQLite Databases

Monday, February 16, 2015 (15:02:32)
SQLite is a widely popular database format that is used extensively pretty much everywhere. Both iOS and Android employ SQLite as a storage format of choice, with built-in and third-party applications relying on SQLite to keep their data. A wide range of desktop and mobile Web browsers (Chrome, Firefox) and instant messaging applications use SQLite, which includes newer versions of Skype (the older versions don’t work anyway without a forced upgrade), WhatsApp, iMessages, and many other messengers.

Forensic analysis of SQLite databases is often concluded by simply opening a database file in one or another database viewer. One common drawback of using a free or commercially available database viewer for examining SQLite databases is the inherent inability of such viewers to access and display recently deleted (erased) as well as recently added (but not yet committed) records...

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1156 reads)