±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36763
New Yesterday: 2 Visitors: 91

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Page 2

Interview With Samuel Abbott, Software Trainer, Amped Software

Thursday, March 19, 2020 (16:06:23)
Samuel, congratulations on your new role! Tell us more about your career with the Royal Military Police. How did you come to be a video analysis expert?

Thank you! It is a very exciting move for me. My career began in the Royal Military Police in 2014 where I first started out doing general police duties but then discovered a Multimedia & Evidential Imagery Team (MEIT) within the RMP, so I immediately applied to a selection process and successfully earned a spot on that team.

The team consisted of four RMP members and two civilians, together we worked on every multimedia evidence investigation for the Army, Navy and RAF worldwide.

We had a wide range of capabilities from CCTV recovery to video enhancement, crime scene reconstruction, laser scanning, and body injury mapping.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1021 reads)

How To Acquire Cloud Data With MD-CLOUD

Wednesday, March 18, 2020 (12:55:13)
‘17.5 Zettabytes.’ This is the amount of data that the IDC estimates will be generated annually by 2025, and among those numbers, cloud traffic is expected to grow and reach 18.9 Zettabytes by 2021.

This tremendous amount of cloud data is generated and fueled in the course of building driver assistance and autonomous vehicle technologies; IoT devices including sensors in our bodies, homes, factories, and cities; high-resolution content for 360 video and augmented reality; and 5G communications globally.

As many digital forensic investigators are facing so-called ‘digital transformation’, finding evidence data from various cloud services is a highly demanding and important mission for digital forensic investigators.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1127 reads)

Toward Exact And Inexact Approximate Matching Of Executable Binaries

Tuesday, March 17, 2020 (14:05:05)
Lorenz Liebler discusses his research at DFRWS EU 2019.

The application of approximate matching (a.k.a. fuzzy hashing or similarity hashing) is often considered in the field of malware or binary analysis. Recent research showed major weaknesses of predominant fuzzy hashing techniques in the case of measuring the similarity of executables (Pagani et al., 2018).

Summarized, well known Context-Triggered Piecewise-Hashing approaches are not very reliant for the task of binary comparisons, as even benign changes heavily impact the underlying byte representation of an original binary. Modifications could be caused by benign or malicious source code changes, different compilers, and changed compiler settings.

Approaches based on the extraction of statistically improbable features (Roussev, 2010) or n-gram histograms (Oliver et al., 2013) showed a better detection performance in case of inexactly matching binaries with varying build settings or source code modifications.

Watch the presentation
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1079 reads)

Interview With Joe Sylve, Director Of Research And Development, BlackBag

Monday, March 16, 2020 (14:46:46)
Joe, your BlackBag profile describes how you "drive innovation and pursue emerging areas of research" as Director of Research & Development. Can you describe for us what your day-to-day looks like?

Usually I’m managing shifting priorities, so there’s not always a “typical” day for me. Some days I spend my days in IDA Pro, reverse engineering OS subsystems to learn how on-disk artifacts can be analyzed. Other days, I’m mostly wearing my developer hat and writing code that will eventually be integrated into the backend of BlackBag’s tools.

As with all things research, our initial approach doesn’t always work out, so there’s a lot of lessons learned and iteration going on behind the scenes.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (904 reads)

Get Audio Redaction In The Latest Amped FIVE Update 16112

Friday, March 13, 2020 (21:13:41)
Amped Software announced the release of another update to Amped FIVE, our one-stop toolkit for all your video and image enhancement needs. Update 16112 includes some exciting new features. Our users will be happy to know that Amped FIVE now includes an Audio Panel and with that the highly requested Audio Redaction feature. We've also included the option for selecting the quality of a H.264 output file allowing you to have more choice regarding quality when using this format within this filter, and much much more.

10 Quick Facts About Oxygen Forensic Cloud Extractor

Wednesday, March 11, 2020 (15:01:17)
In October 2014, Oxygen Forensics changed the DFIR landscape by bringing the first Cloud extraction tool to the forensic industry. This innovative, and included utility, was available within the powerful Oxygen Forensic® Detective software and allowed acquisition of data from Google, iCloud, and Microsoft cloud services, as well as Box, Dropbox and Bitcasa. Since then, cloud services have evolved – and so have we. Many digital forensic companies jumped onto the “cloud bandwagon” and now offer a cloud extractor. However, what still remains true, and only provided by Oxygen, is the fact Oxygen Forensic Detective is the only software that has a Cloud Extractor built into the software at no additional charge.

Let’s go through the 10 most important things investigators need to know about our Oxygen Forensic® Cloud Extractor!

Sarah Edwards On iOS Forensics And APOLLO

Wednesday, March 11, 2020 (13:46:15)
Christa: Hello and welcome to the Forensic Focus podcast. Monthly we interview experts from the digital forensics and incident response community on a host of topics ranging from technical aspects to career soft skills. I'm your host, Christa Miller.

Today we're talking with Sarah Edwards, senior digital forensics researcher at BlackBag Technologies. Sarah works in the DC Metro area and specializes in Mac and mobile forensics. She has worked with various federal law enforcement agencies and has performed a variety of investigations including computer intrusions, criminal intelligence, and terrorism products.

Listen to the podcast
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1271 reads)

NIST Test Results For Mobile Device Acquisition Tools - MSAB XRY

Wednesday, March 11, 2020 (13:22:55)
The results are out. The U.S. National Institute of Standards and Technology has published its report on the performance of XRY 8.1.0 in recovering and analyzing mobile device data using JTAG and chip off methods. This is part of NIST’s ongoing Digital Forensic Tool Testing Program, which law enforcement agencies rely on to validate their tools.

Download the report at: http://bit.ly/2ToRrln

Interview With Francis De Giorgio, Director Of Product Development, Susteen

Tuesday, March 10, 2020 (13:39:10)
Francis, tell us about your product development role. Where did you work previously, and what drew you to Susteen?

I always enjoy a good David versus Goliath challenge and have had the privilege over the last 25 years to work with some amazing companies and people to deliver on their dreams and ideas.

What drew me to Susteen was Steve, the company’s President. I’m working for a great 20-year Microsoft Managed Partner, managing and developing leading edge .NET, Azure and IoT applications, and I was invited to a technology round table that Steve belonged to, and we hit it off right away.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (900 reads)

Opinion: When Vendors Hire Research Talent, Where Does It Leave Research?

Monday, March 09, 2020 (13:08:55)
by Christa Miller

In the second half of 2019, a set of hirings made some waves in the digital forensics community. First, in July, Cellebrite hired well-known SANS Senior Instructor Heather Mahalik. Then in August, Mike Williamson joined Jessica Hyde, Christopher Vance, and others at Magnet Forensics. In December, the set completed when BlackBag Technologies hired likewise well-known SANS Senior Instructor Sarah Edwards.

“Name” researchers going to work for vendors is nothing new, of course. Amber Schroader founded Paraben in 1999; Lee Reiber took over as Oxygen Forensics’ Chief Operations Officer in 2015, while Edwards’ transition to BlackBag put her in the already well-established research powerhouse of Vico Marziale and Joe Sylve.

Then Cellebrite acquired BlackBag, consolidating that powerhouse together with Mahalik and a formidable R&D team. With that, the talent acquisition process began to feel more like a research ring match, with Cellebrite and Magnet Forensics trying to knock each other’s blocks off. Where does that leave research itself?

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1461 reads)