Christa Miller: As the cybersecurity talent gap continues to widen, a number of universities are developing programs to fill it. Among them is University College Dublin, which has just launched its brand new Master of Science in Cybersecurity program. … Read more
Latest Forum Posts
Grayshift Introduces Reveal – Industry’s 1st Cloud-Native Mobile Device Forensic Analysis Solution
Grayshift Introduces Reveal, the Industry’s First Cloud-Native Mobile Device Forensic Analysis Solution, and Delivers Powerful New Features in GrayKey
Grayshift, LLC has announced Reveal Early Access, an innovative, cloud-native digital forensics solution that dramatically accelerates digital investigations, streamlines the investigative … Read more
Deep dive into ‘METADATA’
Deep dive into ‘METADATA’
Hancom is glad to release a new whitepaper of ‘Metadata’, and hope this can help you to improve your forensic investigation skills.
This whitepaper focuses on the research of Metadata. We will use MD-RED and analyze … Read more
Knock, Knock, Log: Threat Analysis, Detection & Mitigation of Covert Channels in Syslog Using Port Scans as Cover
In this paper, Kevin Lamshöft describes how researchers performed a threat analysis for a covert Command and Control (C2) channel using port scans as cover and syslog as carrier for data infiltration.
Session Chair: So, Kevin is presenting Knock, … Read more
Distant Traces and Their Use in Crime Scene Investigation
Starting with a physical crime scene – a fire – Manon Fischer describes how IoT devices such as “smart” plugs and thermostats store “distant traces” remotely, and could be used to help reconstruct a fire’s origin, cause, and timeline.
Session … Read more
Passware Kit 2022 v3 – Deleted Data Recovery from Encrypted FileVault/APFS Images
What’s new in Passware Kit 2022 v3:
- Recovery of deleted data for APFS images
- Decryption of QuickBooks for Mac 2022 databases
- GPU acceleration for bcrypt password recovery
- Updated password recovery for Acronis backups
- Password recovery for Dashlane for Mac
- Improved
The Wisdom of the Heap: Mesh It up by Weaving Data Structures
In this short presentation, Trufflepig Forensics’ Aaron Hartel and Christian Müller present some early stage research about the volatility of data in memory as data structures change version to version.
Session Chair: We’re now going over to memory forensics … Read more
Case Study: How a UK law enforcement agency solved more crimes faster with less investment
Implementing the MSAB Ecosystem saved a UK Law Enforcement Agency £80K over three years
The challenge
The use of digital evidence has significantly increased in the past few decades as the courts have increasingly started to accept digital files as … Read more
Oxygen Forensics Introduces User-Focused Advancements In Latest Release
Oxygen Forensics has released the latest version of the all-in-one digital forensic solution, Oxygen Forensic® Detective v.14.6. This version adds support for multiple new backups, continues to improve the iOS Agent extractor, and introduces a new analytic feature.
Brute-force for
… Read moreToward Graph-Based Network Traffic Analysis and Incident Investigation
At DFRWS-EU 2022, Milan Cermak describes the need to create data associations for use during network traffic analysis and incident investigation. The focus is on robust graph data visualization of the kind that’s commonly used in criminal investigation, allowing analysts … Read more
2022 2Q MD-Series Release Note Highlights
Find out the major features in MD-Series that are supported in 2Q 2022.
MD-NEXT v1.91.4–v1.91.9
- Supports new 2,428 models, updated 783 Models.
- Android Full filesystem extraction method added Samsung Galaxy S22 Qualcomm Series.
- Supports iOS Checkm8 Full Filesystem (iOS 15.0∼15.2.1
Memory Forensic Analysis of a Programmable Logic Controller in Industrial Control Systems
Winner of the Best Student Paper Award at DFRWS-EU 2022! Muhammad Haris Rais describes a step-wise approach to analyze the memory of specific PLCs, and subsequently find a generic framework applicable to all PLCs. By following a methodology that focused … Read more
Get Ready for the Next Big Reveal From Grayshift
Grayshift continues to extend its strength in lawful access and extraction capabilities
As a leader in cell phone forensics, Grayshift, has been hard at work developing new features for law enforcement partners like you.
We strive to provide law enforcement … Read more
Frontline Managed Services’ Kyle Campbell on DFIR & E-Discovery Skills & Pathways
Christa: Electronic discovery, or e-discovery, has always required some digital forensic skills as litigators prepare to present electronic data at trial. However, as technology evolves, likewise, the skills needed to identify, collect and analyze the data that’s most relevant … Read more
MSAB – a Major Player in IDC report on Digital Forensics
PEM: Remote Forensic Acquisition of PLC Memory in Industrial Control Systems
Winner of the Best Paper Award at DFRWS-EU 2022, Nauman Zubair proposes a new memory acquisition framework to remotely acquire a programmable logic controller (PLC)’s volatile memory while the PLC is controlling a physical process.
Session Chair: Welcome Nauman, … Read more