±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 34485
New Yesterday: 1 Visitors: 147

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Latest Forum Posts

 
 Topics   Replies   Author   Views   Last Post 
  Samsung DVR Model SDR-B85300n 2 mkwest 205   Tue Sep 25, 2018 9:38 am 
LeGioN
  FRP Lock Bypass - FRP Hijacker 5 Thomass30 511   Mon Sep 24, 2018 7:45 pm 
passcodeunlock
  Volatility: Error with building linux profile 4 kawbin 377   Mon Sep 24, 2018 7:29 pm 
AmNe5iA
  Encrypted data and strange MFT entries 8 T_Oliver 542   Mon Sep 24, 2018 3:12 pm 
T_Oliver
  linux tracing abnormal executable 2 jolintan 288   Mon Sep 24, 2018 1:59 pm 
Logan

Walkthrough: Analyze DI Face Detection Recognition

Friday, September 21, 2018 (14:21:17)
Let’s check out the new features of the Face Detection within Griffeye Analyze DI. Make sure in the Analyze Forensic Market you have the Face and Video utility pack both activated before you create your case. Once you do so, we can go ahead and create a new case, and bring in our data. I’m going to call it the ‘Training Case – Faces’. Bring in the folder containing the images in our investigation.

Now, when you bring the case in, make sure that you have the Face Detection and Recognition turned on in the video options and, after the import is done, make sure that you have the face detection app checked so that it can run after it ingests the data. Now, Griffeye is going to go through its normal ingestion process, analyzing and doing what it needs to do, and once this process is done, it will begin running the face detection app that we can then use later, as you can see here.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (464 reads)

Review Of BlackLight From BlackBag

Thursday, September 20, 2018 (14:49:46)
by Scar de Courcier

In recent months there have been several new and exciting developments to BlackBag’s BlackLight solution. BlackLight helps investigators to analyse computer volumes and mobile devices; it can acquire Android and iPhone devices and runs on Mac or Windows. We took a look at some of the latest changes and how they work.

Read More
Read More...
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (549 reads)

Job Vacancy: MI5 - Covert Technical Operations Specialist

Wednesday, September 19, 2018 (16:35:57)
Major disruptions ahead for terrorists.

At MI5, we help to keep the country safe. Our talented teams work against ever-evolving threats, from terrorism to espionage. In Covert Technical Operations, our specialists disrupt the work of potential terrorists. Leading on high-profile cases, they use technical capabilities to collect vital intelligence. And now we’re looking for more forward-thinking individuals to join us.

Working within legal frameworks, you’ll find innovative ways to gain access to computers and devices that belong to suspected terrorists. You’ll learn to quickly solve technical problems in tactical, covert and creative ways - providing unique insights into the threats we face. You’ll come to understand the risks posed by particular individuals and groups. Working collaboratively with other investigators, teams and intelligence agencies, you’ll be required to explain complex topics to a non-technical audience, making sure everyone has a good understanding of your work.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (633 reads)

Word Forensic Analysis And Compound File Binary Format

Tuesday, September 18, 2018 (15:14:37)
by Arman Gungor

Microsoft Word forensic analysis is something digital forensic investigators do quite often for document authentication. Because of the great popularity of Microsoft Office, many important business documents such as contracts and memoranda are created using Word. When things go south, some of these documents become key evidence and subject to forensic authentication.

My goal in this article is to review a sample Word document in Word Binary File Format, take a look at the underlying data in Compound File Binary (CFB) file format and see what we can find out beyond what mainstream tools show us.

I chose a sample in Word Binary Format (i.e., .doc) rather than in Word Extensions to the Office Open XML File Format (i.e., .docx) because many other file types in the Microsoft universe, such as MSG files, are also based on the CFB file format. I consider CFB to be a treasure trove of forensic artifacts.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (823 reads)

Webinar: Fraud, IP Theft, And An Intrusion - A Case Study

Tuesday, September 18, 2018 (14:33:14)
When you’re faced with an intrusion — whether you were brought in as an outside consultant or are responsible for incident response for your organization — your stakeholders or management ask the same question: What did they take, and how did they get in?

In order to answer these questions, examiners must correlate a lot of different data. From the primary source files of interest, to system and network logs, to supporting artifacts that indicate user and file activity, there is a lot of data to go through and having a sound process and reliable tools can help answer these questions.

In this webinar, Nathan Little, Gillware Digital Forensics and Jamie McQuaid, Magnet Forensics will use a real case to demonstrate how Magnet AXIOM can be used to help identify the source of an intrusion and what sensitive data was taken by the attackers.

Join us for this live webinar where you’ll not only be able to learn more about how you can get all this information using AXIOM, but you can ask the experts questions during a live Q&A.

Presenters: Nathan Little, Gillware Digital Forensics and Jamie McQuaid, Magnet Forensics

Tuesday, September 25th @ 1:00PM EDT
Register here

Wednesday, September 26th @ 9:00AM EDT
Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (890 reads)

Interview With Kevin Fisher, Senior Support Engineer, Paraben

Monday, September 17, 2018 (15:54:54)
Kevin, tell us a bit about yourself. What's your background, and how did you become interested in digital forensics?

I have always been a person with interest in electronics (hardware) taking apart and fixing TVs, CB Radios, VCRs and the like. I went back to school at the age of 41, and received my degree in computer science, technology, networking and securities.

I have always had an interest in law enforcement and wanted to be a police officer, following in my father’s footsteps so to speak. My dad was a deputy sheriff for Lincoln County in Montana. Digital forensics is the logical step between these two areas so I took it.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (684 reads)

Register For Webinar: Targeted Search On Live Remote Systems With AD Enterprise

Friday, September 14, 2018 (15:10:26)
AD Enterprise 6.5 introduced new, enhanced targeted search capabilities on live remote systems. Come join us for a short introduction to the new ability. Use it to search and preview data including keywords, hash values, email, security events, etc. These capabilities can be used for any event from post-breach analysis and threat hunting, to searching for unauthorized data and file content.

Presenter: Steve Sunday, Senior Sales Engineer, AccessData

Date / Time: Friday September 21, 8:00am PST

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (823 reads)

Big Improvements Make Magnet AXIOM 2.5 The Fastest Version Yet

Friday, September 14, 2018 (12:44:52)
Magnet Forensics has been working hard to make sure that that the day-to-day experience of using Magnet AXIOM is improving all the time. With the latest version of Magnet AXIOM, Magnet AXIOM 2.5, we’re continuing to build on the huge features we’ve brought in with AXIOM 2.0. We know that differences of hours — or even minutes — can be crucial in an investigation and we’ve been busy ensuring that working the case takes less time than ever.
Read More...

Database of Software “Fingerprints” Expands to Include Computer Games

Thursday, September 13, 2018 (15:58:34)
by Richard Press, NIST

One of the largest software libraries in the world just grew larger. The National Software Reference Library (NSRL), which archives copies of the world’s most widely installed software titles, has expanded to include computer game software from three popular PC gaming distribution platforms—Steam, Origin and Blizzard.

The NSRL, which is maintained by computer scientists at the National Institute of Standards and Technology (NIST), allows cybersecurity and forensics experts to keep track of the immense and ever-growing volume of software on the world’s computers, mobile phones and other digital devices. It is the largest publicly known collection of its kind in the world.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1133 reads)

Review Of Analyze DI Pro From Griffeye

Tuesday, September 11, 2018 (16:24:41)
by Scar de Courcier, Forensic Focus

Griffeye Analyze sprung from a need for better triage and decreased investigator stress in child exploitation investigations. Specialising in visual media, the idea is to increase workflow whilst decreasing the level of exposure for analysts.

Although the idea was born from experience in child exploitation, and this was also the use case for this review, Analyze DI Pro can of course be used across a range of cases for triage, similarity matching and more.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (962 reads)