Tuesday, September 17, 2019 (10:53:28)
Belkasoft announces the upcoming release of its Belkasoft Evidence Center 2020 v.9.7. The new version significantly expands the mobile forensics and remote acquisition.
±Forensic Focus Partners
±Your Account
Site Members:
 New Today: 0
|
 Overall: 35980
|
 New Yesterday: 3
|
 Visitors: 127
|
±Latest Articles
±Latest Videos
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Cellebrite's UFED Chinex Kit can now extract data from non-standard Chinese phones.
The purpose of this paper is to encourage mobile forensic practitioners to consider a wider number of critical factors surrounding their choice and use of mobile forensic tools. Specifically, the quality of decoding, training of users and ultimately the preservation of digital as evidence in court proceedings.
There is a tendency in the world of mobile forensic tools to focus on one thing: data acquisition.
Most users tend to focus on purchasing a tool that gets them access to the data. Makes sense, right? Not much point in doing anything else, if you can’t get the data in the first place, and we would agree. But it shouldn’t stop there. There are four critical factors to consider.
Read More
Andrea Fortuna talks about browser fingerprinting.
Adam Harrison shares his unofficial write-up of the Defcon DFIR CTF.
Criminals have managed to use artificial intelligence to replicate the voice of a CEO and steal hundreds of thousands of dollars from an energy company.
SalvationDATA share a case study showing the capabilities of their VIP 2.0 tool.
Amped talk to Blaine Davison from the Norman, OK PD about the challenges of digital forensic investigation and how he uses their tools.
1. Type of Mac computer: Identify the serial number / model number; identify if the Mac is installed with a T2 security chip. Are SecureBoot settings enabled to prevent booting from external media?
2. What file system (HFS+ vs APFS) is currently running on the source Mac?
3. Is FileVault2 enabled on the source Mac? Do you have the password or Recovery Key available?
4. Do you need a logical or physical acquisition of the Mac?
5. Has the owner of the Mac enabled a firmware password on the system?
6. Is the Mac installed with a fusion drive?
7. Do you need a RAM image?
Having the answers to the above questions is imperative.
Read More
Jessica: Hey, everyone. Good morning. So we’re going to be talking about forensics of Chromebooks, as Hans just mentioned. Just a little bit about me, I work as Director of Forensics at Magnet Forensics, and I also teach mobile device forensics at George Mason University. (That is a really old picture of me, like twenty years ago.) And I also did all this work with our CTO, Jad Saliba, so we did this research together.
So what are we going to be talking about today? We’re going to be talking a little about what [a] Chromebook operating system is, why we care about it, what issues we have in the analysis of Chromebook forensics, what we learned in this, what we can recover, a lot about how it compares to data you may be able to get via other methods, and what the differences are. And then we’ll wrap it up.
Read More
When dealing with masses of previously unseen images and videos, investigators are often forced to work in the dark without really knowing where to start and what details and visual attributes to look for. As a result, information is often found too late, or not at all.
Griffeye Brain aims to reverse that trend. By applying Artificial Intelligence to investigative workflows, users can now get an indication of where to start digging and which data is relevant to the case.
Using Griffeye Brain, you can automatically detect and classify various objects in large image sets as well as identify and flag images that depict child sexual abuse content to tell whether a file is pertinent to your investigation or not. Not only does this decrease the time it takes to locate possible victims and suspects, but it also reduces redundancy and thus exposure to the material.
Oxygen Forensics show how to use KeyScout, a utility which uncovers and extracts user data and passwords.
Harlan Carvey provides a brief history of DFIR time and talks about the ransomware economy.
Fake images can play a crucial role in so many aspects of our life: politics, information, health, insurance, reputation, social media identity, terrorism. Virtually all aspects of our existence are somehow related to images.
Read More
Latest Forum Posts
| Topics | Replies | Author | Views | Last Post |
|---|---|---|---|---|
| Cleaning junk file in Android | 0 | Vera | 29 | Wed Sep 18, 2019 5:21 am Vera |
| Gifts Idea for souse birth day | 6 | Vera | 398 | Wed Sep 18, 2019 5:03 am Vera |
| Norton Ghost Backup | 4 | Kaly | 436 | Tue Sep 17, 2019 2:45 pm Kaly |
| Strongly blurred text and machine learning to deblur or OCR? | 0 | Zul22 | 147 | Tue Sep 17, 2019 11:23 am Zul22 |
| What Are You Reading? | 12 | scar | 3961 | Tue Sep 17, 2019 11:00 am scar |
What's Happening In Forensics - Sep 16, 2019
Monday, September 16, 2019 (15:02:39)
Craig Hinkley talks about preventing burnout for cybersecurity and digital forensics professionals. Cellebrite's UFED Chinex Kit can now extract data from non-standard Chinese phones.
MSAB Launches Mobile Forensics Blog
Monday, September 16, 2019 (10:11:54)
MSAB believes that knowledge is a powerful tool to help make the world a safer place. That is why we are so happy to announce the launch of our Mobile forensics blog. This forensic and evidence-centered blog focuses on news, stories from the real world, inspiration and guidance on how to use mobile forensics in the most effective ways possible.
Four Critical Success Factors In Mobile Forensics
Monday, September 16, 2019 (07:50:46)
by Mike Dickinson, Deputy Executive Officer at MSABThe purpose of this paper is to encourage mobile forensic practitioners to consider a wider number of critical factors surrounding their choice and use of mobile forensic tools. Specifically, the quality of decoding, training of users and ultimately the preservation of digital as evidence in court proceedings.
There is a tendency in the world of mobile forensic tools to focus on one thing: data acquisition.
Most users tend to focus on purchasing a tool that gets them access to the data. Makes sense, right? Not much point in doing anything else, if you can’t get the data in the first place, and we would agree. But it shouldn’t stop there. There are four critical factors to consider.
Read More
What's Happening In Forensics - Sep 13, 2019
Friday, September 13, 2019 (16:10:40)
Josh Hickman discusses the challenges of extracting data from the Wickr messaging app.Andrea Fortuna talks about browser fingerprinting.
Adam Harrison shares his unofficial write-up of the Defcon DFIR CTF.
Criminals have managed to use artificial intelligence to replicate the voice of a CEO and steal hundreds of thousands of dollars from an energy company.
SalvationDATA share a case study showing the capabilities of their VIP 2.0 tool.
Amped talk to Blaine Davison from the Norman, OK PD about the challenges of digital forensic investigation and how he uses their tools.
How To Acquire Data From A Mac Using MacQuisition
Friday, September 13, 2019 (12:08:13)
Depending on the digital forensic imaging tool you have available, creating a forensic image of a Mac computer can be either an anxiety-creating situation, or as easy as “1-2-3-START”. There are several things you must identify ahead of attempting a full disk image of the system. Below are some things to consider:1. Type of Mac computer: Identify the serial number / model number; identify if the Mac is installed with a T2 security chip. Are SecureBoot settings enabled to prevent booting from external media?
2. What file system (HFS+ vs APFS) is currently running on the source Mac?
3. Is FileVault2 enabled on the source Mac? Do you have the password or Recovery Key available?
4. Do you need a logical or physical acquisition of the Mac?
5. Has the owner of the Mac enabled a firmware password on the system?
6. Is the Mac installed with a fusion drive?
7. Do you need a RAM image?
Having the answers to the above questions is imperative.
Read More
Chrome Nuts And Bolts: ChromeOS / Chromebook Forensics
Thursday, September 12, 2019 (16:03:54)
Jessica Hyde discusses her research on Google Chrome at DFRWS EU 2019.Jessica: Hey, everyone. Good morning. So we’re going to be talking about forensics of Chromebooks, as Hans just mentioned. Just a little bit about me, I work as Director of Forensics at Magnet Forensics, and I also teach mobile device forensics at George Mason University. (That is a really old picture of me, like twenty years ago.) And I also did all this work with our CTO, Jad Saliba, so we did this research together.
So what are we going to be talking about today? We’re going to be talking a little about what [a] Chromebook operating system is, why we care about it, what issues we have in the analysis of Chromebook forensics, what we learned in this, what we can recover, a lot about how it compares to data you may be able to get via other methods, and what the differences are. And then we’ll wrap it up.
Read More
Register For Webinar: Griffeye Brain In Analyze DI Pro
Wednesday, September 11, 2019 (17:12:25)
Join us for this highly anticipated webinar and learn about Griffeye’s new and advanced AI technology: Griffeye Brain.When dealing with masses of previously unseen images and videos, investigators are often forced to work in the dark without really knowing where to start and what details and visual attributes to look for. As a result, information is often found too late, or not at all.
Griffeye Brain aims to reverse that trend. By applying Artificial Intelligence to investigative workflows, users can now get an indication of where to start digging and which data is relevant to the case.
Using Griffeye Brain, you can automatically detect and classify various objects in large image sets as well as identify and flag images that depict child sexual abuse content to tell whether a file is pertinent to your investigation or not. Not only does this decrease the time it takes to locate possible victims and suspects, but it also reduces redundancy and thus exposure to the material.
What's Happening In Forensics - Sep 10, 2019
Tuesday, September 10, 2019 (12:19:02)
Craig Ball talks about how career changes can bring about personal existential doubts.Oxygen Forensics show how to use KeyScout, a utility which uncovers and extracts user data and passwords.
Harlan Carvey provides a brief history of DFIR time and talks about the ransomware economy.
How To Create Compelling Image Authentication Reports With Amped Authenticate
Tuesday, September 10, 2019 (11:25:03)
How many times have you said or heard: “I’ll believe it when I see it”? This expression reveals our eyes’ dramatic convincing power: when you see something, you tend to believe it’s true much more easily than when you hear or read about it. In the digital age, for most people, this convincing power seamlessly extended to pictures they see on their computer or smartphone. Unfortunately, we all know how easy it is to forge images nowadays, to the point that seeing is no longer believing.Fake images can play a crucial role in so many aspects of our life: politics, information, health, insurance, reputation, social media identity, terrorism. Virtually all aspects of our existence are somehow related to images.
Read More