The landscape of digital forensic investigations is continually evolving, which entails organizations to ensure their investigative staff is properly trained with the latest tools, techniques and best practices. Corporations and government agencies all over the world use OpenText™ EnCase™ Forensic software to conduct digital forensic investigations. Skilled investigators are in high demand. OpenText offers various world-class training and certification options to help investigators master this complex field. OpenText training will help develop both the technical know-how and the creative vision required to complete challenging investigations.

OpenText offers a training program to fit the needs of any investigator, from those just beginning their careers, to the most skilled veterans.

• Posted by: dgroskopfOT
• Topic: News
• Score: 0 / 5
• (454 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Ethan Bayne discusses his research at DFRWS EU 2018.

Ethan: Hello, everyone. I understand I am the last talk separating you between coffee, so I’ll try to keep it brief.

So, my name is Ethan Bayne, I’m coming today from Abertay University. Thank you very much for that introduction. For anyone that doesn’t know, that’s in Scotland. So, not sunny or what it’s like here.

Before I start, I’m just going to say a little bit about myself. I’m a lecturer at the university. But before I became a lecturer, I actually did my PhD in what I’m talking to you about today – OpenForensics. If this talk does interest you and you want to see exactly how the progression to this point in time has gone, certainly have a look at my thesis, and you’ll find all the answers in there.

Read More

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (673 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Gunnar Alendal discusses his research at DFRWS EU 2018.

Gunnar: Now to something completely different, as they say. My name is Gunnar Alendal, I’m a PhD student in Norway at the Norwegian University of Science & Technology. I’m mainly doing work in digital forensics, and mainly concerning the digital acquisition – that means getting access to data, in the first hand, not so much the analysis of it. And I will try to look into using more offensive techniques to get data in digital forensics. That’s sort of the goal.

So, you can see this paper, and this is sort of a contribution in that sense, sort of a case study. And this is also a long and complicated title, which promises probably more than it actually is giving you, as it implies something about common criteria. But if any of you are experts in common criteria, you’ll soon know that we are moving away from this; it’s just the name that it bears. So, you’ll soon see.

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (712 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

OpenText have released EnCase Forensic 8.08, with new cloud and encryption capabilities.

There's only one week left to submit your proposals for DFRWS US 2019, which takes place in Portland, OR in July.

The latest version of BlackLight from BlackBag has been released, featuring improved tagging and support for Android MMS on Samsung devices.

Atola's new version of TaskForce, 2018.12, includes NVMe support and a new interface.

BlackBag have released their APFS source code to The Sleuth Kit framework.

Adam Harrison wrote about testing SRUM on Windows Server 2019.

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (1110 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

What are your current best practices when you encounter a device that's full disk encrypted?

Would you be interested in attending a forensics get-together in the US Midwest? Armresl and UnallocatedClusters are organising one - find out more here.

Can you help tootypeg to find some information about deepfake creation?

Forum members discuss app data acquisition on the Samsung Galaxy S9.

How would you ascertain the history of OS installations on this machine? Share your recommendations on the forum.

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (826 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Take digital investigations to the next level with new features in OpenText™ EnCase™ Forensic 8.08. Whether in the field or the lab, digital forensic examiners must overcome investigation roadblocks like OS updates, encryption, new file types, acquisition from the cloud, and more. OpenText™ EnCase™ Forensic, the industry’s leading digital forensic solution, is more-than up to the task and provides regular updates to keep pace with technology advancements. For more information, visit our website.

• Posted by: dgroskopfOT
• Topic: News
• Score: 0 / 5
• (849 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Andy, you're Regional CCTV Manager for a forensic laboratory in Yorkshire & the Humber. Tell us about your role: what does a typical day in your life look like?

I usually start each day by checking emails on my laptop at home while having breakfast and trying to find out what the day's operational workload is likely to consist of.

Once in the office, as cliché as it sounds, it's true to say that every day is different. A "typical day” can vary from quality assurance meetings (implementation of ISO17025 and ISO17020 in line with the Forensic Science Regulator's requirements is a significant project for everybody in our sector at the moment), to balancing our resources against the demands of four police forces investigating a wide range of crime types.

Read More

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (538 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

Leonhard Hosch shares his research at DFRWS EU 2018.

Leonhard: Thank you. I’ll be presenting the paper ‘Controlled Experiments in Digital Evidence Tampering, or How Trustworthy is Digital Evidence?’ I’m Leonhard Hosch, I’m with Felix Freiling, I’m currently doing my master’s thesis, and … yeah, I work for him.

What actually is digital evidence? In our case, we use quite simple definition. We say that the evidence we get is on a hard drive, and of course this isn’t always the case, but mostly. And how does it come into existence? It’s some input to some device, and depending on the inputs, something gets written to the hard drive and we have our evidence. It’s not really that easy. I guess some of you already know this cartoon from P. Steiner from 1993. Actually, the year I was born. And yeah, that’s kind of a problem.

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (882 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

BlackLight 2018 R4 is officially released! There are several important updates and improvements that will help your software run as efficiently as possible.
What's New and Improved?

- Apple’s latest picture and video formats (HEIC/HEVC) support
- Tagging Improvements
- iPhone XS, XR, and iPad Pro device support
- Improved support for Android MMS on Samsung devices
- Parsing “Recent Items” on macOS 10.13
- Easier license management of BlackBag dongles
- BlackLight is now exclusively a 64-bit application

To learn more about the latest BlackLight release, click here.

• Posted by: blackbag
• Topic: News
• Score: 0 / 5
• (757 reads)

• comments?
• Printer Friendly Page
• Send to a Friend

by Swasti Bhushan Deb

Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to connected devices, and even propagating infection to other devices, among other things. Internet Relay Chat (IRC) networks are a popular medium for controlling bot networks. IRC-based bots with unpredictable degrees of sophistication and customized commands have something in common. An IRC bot, when executed in a client machine, connects to IRC server on random higher ports, logs into a definite predefined channel and listens for commands issued by the bot master.

Read More

• Posted by: scar
• Topic: News
• Score: 0 / 5
• (976 reads)

• comments?
• Printer Friendly Page
• Send to a Friend