±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 31277
New Yesterday: 4 Visitors: 64

±Latest Articles

RSS Feed Widget

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News   Forums   Articles

Page 3

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Mobile Forensics: Not for Dummies

Tuesday, November 08, 2016 (10:55:33)
ElcomSoft Co. Ltd. has published Mobile Forensics – Advanced Investigative Strategies by Oleg Afonin and Vladimir Katalov. The 7-1/2" x 9-1/4" paperback offers 380 pages of insight and knowledge accumulated by ElcomSoft researchers throughout the years. Amazon Kindle Edition as well as DRM-free PDF versions are available from Amazon and PACKT Publishing respectively.

Belkasoft and BlueBear Announce Integration of Evidence Center and LACE

Tuesday, November 08, 2016 (09:11:06)
Belkasoft and BlueBear integrate their corresponding digital forensic products, Belkasoft Evidence Center (BEC) and LACE. The integration enables forensic experts to perform automated search for illicit images and videos containing child abuse material.

Touch Screen Lexicon Forensics (TextHarvester / WaitList.dat)

Thursday, November 03, 2016 (10:38:12)
By Barnaby Skeggs

Since the release of Windows 8, and the ‘Metro’ interface, touch screen input has been implemented in a rapidly rising number of Windows devices including Microsoft Surface Pro/Book, 2-in-1s, convertible laptops and tablets. Microsoft has catered for this trend, implementing conversion between touch/pen handwriting to computer text in software such as OneNote. In this paper I will detail my research into the forensic artefact ‘Waitlist.dat’, which I believe to be associated with this functionality.

I identified the ‘WaitList.dat’ artefact while investigating a Windows 8.1 PC for the presence of a known email. I was provided with a copy of this email, and part of the investigation involved identifying whether or not this email ever existed on the custodian’s computer. After processing the .PST and .OST mailbox archives on the PC, I did not identify the existence of the email.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1691 reads)

Susteen's New Service To Break Pincodes / Passcodes On Thousands Of Cell Phones

Wednesday, November 02, 2016 (11:26:20)
Susteen is pleased to announce our new service available for law enforcement agencies. Agencies can now opt to send in locked cell phones and have our engineers open them for extraction. The cost of our new service starts at $495 per phone and thousands of different phone and tablets can be opened. For a complete list of phones, contact us today! If you have phones that you are unable to unlock, contact us today.

All-New, End-to-End Forensic Tool Now Available: Digital Evidence Investigator™

Wednesday, November 02, 2016 (10:17:34)
ADF Solutions, a leading provider of digital forensic and media exploitation tools, has released Digital Evidence Investigator™ (DEI), an end-to-end solution designed to streamline digital investigations. DEI has been built from the ground up and leverages ADF’s proven track record of reducing forensic backlogs.

Improved Searching And Filtering In Magnet AXIOM

Friday, October 28, 2016 (07:15:16)
One feature enhancement in Magnet AXIOM that IEF users will appreciate is improvements in searching and filtering. In AXIOM, we’ve made searching and filtering almost instant. You can stack filters to help narrow your search criteria and swap out any that no longer apply or aren’t needed.

Searching and filtering in IEF allowed for a lot of customization, but it was generally slower to search through all the evidence recovered. AXIOM definitely speeds this up and creates a more intuitive flow for layered searches and filters.

Malware Can Hide, But It Must Run

Thursday, October 27, 2016 (09:43:36)
It’s October, haunting season. However, in the forensics world, the hunting of evil never ends. And with Windows 10 expected to be the new normal, digital forensics and incident response (DFIR) professionals who lack the necessary (memory) hunting skills will pay the price.

Investigators who do not look at volatile memory are leaving evidence at the crime scene. RAM content holds evidence of user actions, as well as evil processes and furtive behaviors implemented by malicious code. It is this evidence that often proves to be the smoking gun that unravels the story of what happened on a system.

Although Microsoft is not expected to reach its Windows 10 rollout goal of one billion devices in the next two years, their glossiest OS to date currently makes up 22% of desktop systems according to netmarketshare.com.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2004 reads)

Breaking the Android Puzzle with Oxygen Forensic® Detective v. 9.0

Monday, October 24, 2016 (15:35:32)
Oxygen Forensics, the worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that it has added a Jet-Imager module to its Oxygen Forensic® Detective product that allows users to acquire data from Android devices faster saving experts critical time while solving law enforcement cases.
“With the new Jet-Imager module, experts using our products will be able to speed up data acquisition on Android devices which will save them minutes or maybe even hours in some cases and that directly translates to closing cases faster,” said Lee Reiber, Oxygen Forensics COO. “Oxygen Forensics will continue to seek ways to speed up the time it takes for forensics experts to do their job since budgets are always in the crosshairs and organizations are constantly looking for ways to save on overtime as well as solve cases more effectively”.

The “I’ve Been Hacked” Defence

Monday, October 24, 2016 (10:10:48)
by Yuri Gubanov, Oleg Afonin
(C) Belkasoft Research, 2016


Abstract
This article was inspired by an active discussion in one of the forensic listservs. Original post was asking on how to fight with an argument “This is not me, this is a malware”. The suspect was allegedly downloading and viewing illicit child photos and was denying that, explaining the fact of these photos’ presence by malicious software they presumably had.

I’ve Been Hacked
The “I’ve been hacked” tactic is the most common defense when it comes to crimes committed on or with computers. However obvious it might be, the burden of proof lies on you and not on the suspect. So how can you figure out whether or not the suspect’s computer has actually been subject to unauthorized activities?

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1996 reads)

Arsenal Recon Launches Breakthrough Microsoft Windows Hibernation Forensic Tool

Saturday, October 22, 2016 (08:59:39)
Hibernation Recon Provides Digital Forensics Experts with Unprecedented Access to Hibernation Data

Arsenal Recon, digital forensics experts building powerful tools to improve the analysis of electronic evidence, announced the formal release of Hibernation Recon today. Hibernation Recon extracts valuable information from Microsoft Windows® XP, Vista, 7, 8, 8.1, and 10 hibernation files that other tools have failed to reveal for many years. Digital forensics experts armed with Hibernation Recon are now able to exploit not only the active contents of Windows hibernation files, but also massive volumes of information in the multiple levels of slack space within them.