±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 35980
New Yesterday: 3 Visitors: 127

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Latest Forum Posts

 Topics   Replies   Author   Views   Last Post 
  Cleaning junk file in Android 0 Vera 29   Wed Sep 18, 2019 5:21 am 
  Gifts Idea for souse birth day 6 Vera 398   Wed Sep 18, 2019 5:03 am 
  Norton Ghost Backup 4 Kaly 436   Tue Sep 17, 2019 2:45 pm 
  Strongly blurred text and machine learning to deblur or OCR? 0 Zul22 147   Tue Sep 17, 2019 11:23 am 
  What Are You Reading? 12 scar 3961   Tue Sep 17, 2019 11:00 am 

Sneak Peak Of New Belkasoft Evidence Center 2020

Tuesday, September 17, 2019 (10:53:28)
Belkasoft announces the upcoming release of its Belkasoft Evidence Center 2020 v.9.7. The new version significantly expands the mobile forensics and remote acquisition.

What's Happening In Forensics - Sep 16, 2019

Monday, September 16, 2019 (15:02:39)
Craig Hinkley talks about preventing burnout for cybersecurity and digital forensics professionals.

Cellebrite's UFED Chinex Kit can now extract data from non-standard Chinese phones.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (684 reads)

MSAB Launches Mobile Forensics Blog

Monday, September 16, 2019 (10:11:54)
MSAB believes that knowledge is a powerful tool to help make the world a safer place. That is why we are so happy to announce the launch of our Mobile forensics blog. This forensic and evidence-centered blog focuses on news, stories from the real world, inspiration and guidance on how to use mobile forensics in the most effective ways possible.

Four Critical Success Factors In Mobile Forensics

Monday, September 16, 2019 (07:50:46)
by Mike Dickinson, Deputy Executive Officer at MSAB

The purpose of this paper is to encourage mobile forensic practitioners to consider a wider number of critical factors surrounding their choice and use of mobile forensic tools. Specifically, the quality of decoding, training of users and ultimately the preservation of digital as evidence in court proceedings.

There is a tendency in the world of mobile forensic tools to focus on one thing: data acquisition.

Most users tend to focus on purchasing a tool that gets them access to the data. Makes sense, right? Not much point in doing anything else, if you can’t get the data in the first place, and we would agree. But it shouldn’t stop there. There are four critical factors to consider.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (608 reads)

What's Happening In Forensics - Sep 13, 2019

Friday, September 13, 2019 (16:10:40)
Josh Hickman discusses the challenges of extracting data from the Wickr messaging app.

Andrea Fortuna talks about browser fingerprinting.

Adam Harrison shares his unofficial write-up of the Defcon DFIR CTF.

Criminals have managed to use artificial intelligence to replicate the voice of a CEO and steal hundreds of thousands of dollars from an energy company.

SalvationDATA share a case study showing the capabilities of their VIP 2.0 tool.

Amped talk to Blaine Davison from the Norman, OK PD about the challenges of digital forensic investigation and how he uses their tools.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1280 reads)

How To Acquire Data From A Mac Using MacQuisition

Friday, September 13, 2019 (12:08:13)
Depending on the digital forensic imaging tool you have available, creating a forensic image of a Mac computer can be either an anxiety-creating situation, or as easy as “1-2-3-START”. There are several things you must identify ahead of attempting a full disk image of the system. Below are some things to consider:

1. Type of Mac computer: Identify the serial number / model number; identify if the Mac is installed with a T2 security chip. Are SecureBoot settings enabled to prevent booting from external media?
2. What file system (HFS+ vs APFS) is currently running on the source Mac?
3. Is FileVault2 enabled on the source Mac? Do you have the password or Recovery Key available?
4. Do you need a logical or physical acquisition of the Mac?
5. Has the owner of the Mac enabled a firmware password on the system?
6. Is the Mac installed with a fusion drive?
7. Do you need a RAM image?

Having the answers to the above questions is imperative.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (837 reads)

Chrome Nuts And Bolts: ChromeOS / Chromebook Forensics

Thursday, September 12, 2019 (16:03:54)
Jessica Hyde discusses her research on Google Chrome at DFRWS EU 2019.

Jessica: Hey, everyone. Good morning. So we’re going to be talking about forensics of Chromebooks, as Hans just mentioned. Just a little bit about me, I work as Director of Forensics at Magnet Forensics, and I also teach mobile device forensics at George Mason University. (That is a really old picture of me, like twenty years ago.) And I also did all this work with our CTO, Jad Saliba, so we did this research together.

So what are we going to be talking about today? We’re going to be talking a little about what [a] Chromebook operating system is, why we care about it, what issues we have in the analysis of Chromebook forensics, what we learned in this, what we can recover, a lot about how it compares to data you may be able to get via other methods, and what the differences are. And then we’ll wrap it up.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (689 reads)

Register For Webinar: Griffeye Brain In Analyze DI Pro

Wednesday, September 11, 2019 (17:12:25)
Join us for this highly anticipated webinar and learn about Griffeye’s new and advanced AI technology: Griffeye Brain.

When dealing with masses of previously unseen images and videos, investigators are often forced to work in the dark without really knowing where to start and what details and visual attributes to look for. As a result, information is often found too late, or not at all.

Griffeye Brain aims to reverse that trend. By applying Artificial Intelligence to investigative workflows, users can now get an indication of where to start digging and which data is relevant to the case.

Using Griffeye Brain, you can automatically detect and classify various objects in large image sets as well as identify and flag images that depict child sexual abuse content to tell whether a file is pertinent to your investigation or not. Not only does this decrease the time it takes to locate possible victims and suspects, but it also reduces redundancy and thus exposure to the material.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1348 reads)

What's Happening In Forensics - Sep 10, 2019

Tuesday, September 10, 2019 (12:19:02)
Craig Ball talks about how career changes can bring about personal existential doubts.

Oxygen Forensics show how to use KeyScout, a utility which uncovers and extracts user data and passwords.

Harlan Carvey provides a brief history of DFIR time and talks about the ransomware economy.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (750 reads)

How To Create Compelling Image Authentication Reports With Amped Authenticate

Tuesday, September 10, 2019 (11:25:03)
How many times have you said or heard: “I’ll believe it when I see it”? This expression reveals our eyes’ dramatic convincing power: when you see something, you tend to believe it’s true much more easily than when you hear or read about it. In the digital age, for most people, this convincing power seamlessly extended to pictures they see on their computer or smartphone. Unfortunately, we all know how easy it is to forge images nowadays, to the point that seeing is no longer believing.

Fake images can play a crucial role in so many aspects of our life: politics, information, health, insurance, reputation, social media identity, terrorism. Virtually all aspects of our existence are somehow related to images.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (754 reads)