±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36758
New Yesterday: 5 Visitors: 118

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Digital Forensics, Computer Forensics, eDiscovery

Magnet AXIOM 3.11 Now Available With Device Identifiers And .dar File Support

Tuesday, March 31, 2020 (12:00:13)
Magnet AXIOM 3.11 is now available to download within AXIOM or over at the Magnet Forensics Customer Portal. AXIOM 3.11 brings you new Device Identifiers — with device information like IP addresses and camera serial numbers — as well as support for .dar files from Cellebrite Advanced services and a number of new and updated artifacts, like Signal and Apple Pay.

If you haven’t tried AXIOM yet, request a free 30-day trial here.

Atola TaskForce Gets Segmented Hashing, Target Encryption & Segmented E01 Images

Monday, March 30, 2020 (10:28:11)
In the last two months, Atola Technology has come out with three firmware updates for Atola Taskforce forensic imager!

Each of the releases contained a key feature: 2020.1 introduced target drive encryption, 2020.2 allowed imaging to a segmented E01 file and finally 2020.3 features segmented hashing.

“These features were among the most anticipated by our customers and help further enhance evidence acquisition, verification, and storage process,” says Atola’s CTO Vitaliy Mokosiy. “While target encryption allows for secure image preservation and transportation, segmented E01 files are easier to create and store, and segmented hashing ensures image verification even if the evidence drive is damaged or the image goes corrupt before it can be presented in court.”
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (1028 reads)

Catalina: A Voyage Through Apple's New Artifacts

Friday, March 27, 2020 (14:27:12)
Apple's ever-changing features and updates can make it hard to keep up with the latest changes to the file system and understand how it impacts your investigations.

Forensic Focus Forum Round-Up

Thursday, March 26, 2020 (15:47:59)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

What tools would you recommend for MacOS remote forensic collection?

Can you help CopyRight with a question about internal hard disk removal logs?

How would you process an external WD HD with WD Smartware VCD?

Can you help mhibert to bypass a Windows 10 password?

How can you tell whether a Skype call was made using video or audio?
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (765 reads)

How To Decrypt WhatsApp Messages With Oxygen Forensic Detective

Thursday, March 26, 2020 (14:09:23)
Welcome to Oxygen Forensic Detective’s Knowledge Nuggets. In this video we’re going to discuss decrypting WhatsApp messaging.

Let’s go over a few very important points that you need to consider before analyzing WhatsApp.

Number one: always place the device in airplane mode. This is important for many reasons, but the reason specific to WhatsApp is [that] during the extraction of WhatsApp, iCloud backup or Google Drive backup or the WhatsApp cloud, entering the phone verification code will disable the previous WhatsApp installation. The application on the device will then lose its verified status.

Watch the video
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (968 reads)

BlackBag Announces New Live Instructor-Led Virtual Training Courses

Wednesday, March 25, 2020 (12:19:55)

BlackBag’s industry-leading courses, Basic Forensic Investigations, Windows Forensic Investigations, and Apple Forensic Investigations are now available as live, virtual courses.

Oxygen Forensics Offers Free Remote Trainings During COVID-19 Crisis

Wednesday, March 25, 2020 (12:15:51)
The COVID-19 pandemic has reshaped our world almost overnight—upending daily routines and disrupting much of the global economy. Unfortunately, crime never takes a day off, not even during times of crisis. Ongoing digital forensics investigations have lost none of their urgency, and investigators still need resources that will enable them to use their tools to the fullest potential. Oxygen Forensics is here to help.

How To Extract Cloud Data Using Oxygen Forensic Detective’s Cloud Extractor

Tuesday, March 24, 2020 (14:39:39)
Welcome to Oxygen Forensic Detective’s knowledge nuggets. In this video, I will show you how simple it is to extract cloud data using Detective’s Cloud Extractor. If you weren’t already aware, Oxygen Forensic Detective has a lot more to it than just extracting and parsing cell phones. Our Cloud Extractor is included, meaning if you own a license for Detective, you have Cloud Extractor.

There are two ways to enter into the Cloud Extractor. One is after you extract a device and you view the accounts and passwords section at the top of the screen, you will find the Cloud Extractor. If you access through here, all accounts with usernames, passwords, and tokens will automatically populate into the Extractor. The other location of your Cloud Extractor is on your home screen, under ‘extract’.

Watch the video
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (935 reads)

Register For Webinar: A Deep Dive Into Keychain And Spotlight Artifacts

Thursday, March 19, 2020 (16:20:22)

Join BlackBag for a where our experts will cover what can be extracted from the macOS keychain, what you can do to get the most out of it, and how Apple secures your passwords and other secrets. We will take a closer look at Spotlight artifacts beyond the System Level file metadata store that users are most familiar with. Come along as we explore user-specific metadata stores, user search history, and iOS metadata stores. We will walk through what Mac’s Spotlight artifacts can reveal about specific user actions. Finally, get a sneak peek of the latest Apple artifacts supported in the upcoming BlackLight 2020 R1 release.

  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1456 reads)

Interview With Samuel Abbott, Software Trainer, Amped Software

Thursday, March 19, 2020 (16:06:23)
Samuel, congratulations on your new role! Tell us more about your career with the Royal Military Police. How did you come to be a video analysis expert?

Thank you! It is a very exciting move for me. My career began in the Royal Military Police in 2014 where I first started out doing general police duties but then discovered a Multimedia & Evidential Imagery Team (MEIT) within the RMP, so I immediately applied to a selection process and successfully earned a spot on that team.

The team consisted of four RMP members and two civilians, together we worked on every multimedia evidence investigation for the Army, Navy and RAF worldwide.

We had a wide range of capabilities from CCTV recovery to video enhancement, crime scene reconstruction, laser scanning, and body injury mapping.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1015 reads)