±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36763
New Yesterday: 2 Visitors: 135

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Page 3

Everything You Ever Wanted To Ask About Checkm8 And Checkra1n

Friday, March 06, 2020 (14:21:59)
by Oxygen Forensics

What’s Checkm8?

Checkm8 is an exploit (program exploiting OS or hardware vulnerabilities) aimed at obtaining access to the execution of its own software code at the earliest stage of iOS device loading.

What makes it stand out?

The richness, and honestly the hype, surrounding Checkm8 is that the vulnerability on which it is based cannot be patched by software (update or change) as it is incorporated in code from read-only memory, which cannot be rewritten, at the stage of manufacturing a device chip. This means that all iOS devices prone to this vulnerability will always remain vulnerable, regardless of the iOS version.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2194 reads)

BlackLight R3 From BlackBag

Thursday, March 05, 2020 (16:12:43)
by Jade James

BlackLight is a simple but smart investigation tool which allows examiners to quickly analyse computer systems and mobile devices. Searching is made easy with advanced filtering to sift through large data sets. The tool is aimed at law enforcement and federal agencies as well as corporations.

BlackLight R3 supports processing of the latest Mac systems including T2 chip, Fusion and encrypted devices. Examiners can also review history in APFS snapshots and Time machine backups.

Continuing support for Windows systems means that examiners can review, analyse and parse certain artifacts such as volume shadow copies, the registry, recent documents, the recycle bin, and much more.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1163 reads)

Forensic Tools For Investigating Child Sexual Abuse Material

Tuesday, March 03, 2020 (16:43:22)
Laura Sanchez discusses her research at DFRWS US 2019.

Hello, I'm Laura Sanchez and I'm a graduate researcher at the University of New Haven. And I'll be presenting the results of our survey that was conducted by my colleagues.

Our paper is a practitioner survey exploring the value of forensic tools, AI filtering and safer presentation for investigating child sexual abuse material or CSAM, believe it or not, that is actually a modified version of our original title. So our agenda for today is just a brief introduction, previous work survey, how the survey was designed, our results, challenges, future work and acknowledgements. So we decided to do some research in this particular area for those investigating child exploitation cases and we found two particular issues for those investigating these cases.

Watch the video
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1469 reads)

What's Happening In Forensics - Mar 03, 2020

Monday, March 02, 2020 (14:41:51)
13Cubed share a memory forensics challenge.

Petr Stuchlík discusses SMB endpoint fingerprinting.

DFRWS share presentations from last year's US conference.

Ryan Benson shares some digital forensics writing tips.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1219 reads)

Android Auto And Google Assistant – How Google Encourages Hands-Free Motoring

Monday, March 02, 2020 (10:10:28)
Josh Hickman shares his research at DFRWS US 2019.

Josh: My name is Josh Hickman. I am the forensic scientist manager for the digital evidence section in the North Carolina state crime lab. And I am here this morning to talk about Android Auto and Google Assistant. And I know I'm the last presentation before lunch, so I'll try to do my best to get you out here on time. Real quick before I do get started, I gave this presentation to our labs administrators as a dry run and I inadvertently set off a couple of Google Assistant phones during it. I will make a conscious effort to not say the hot word to trigger Google Assistant, but I may slip up inadvertently do it. So you're forewarned.

So Android Auto and Google Assistant work together. You know, the ability to have our vehicles interface with our mobile devices is not a new concept, but it's one that's really started to get into the mainstream.

Watch the video
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1220 reads)

Chromium-Based Microsoft Edge From A Forensic Point Of View

Wednesday, February 26, 2020 (15:06:46)
by Oleg Skulkin & Svetlana Ostrovskaya

Recently Microsoft finally released the Chromium-based version of Edge Browser, so it seems we’ll miss ESE databases soon (not). Of course, it may have a similar set of forensic artifacts to Chromium or Chrome, but we must check it anyway. What’s more, the browser is available not only for Windows, but also for macOS, Android and iOS.

On Windows, Edge data is available under the following location:

C:\Users\%USERNAME%\AppData\Local\Microsoft\Edge\User Data\Default

Let’s start from bookmarks or “favorites”. They are stored in a JSON file with the same name – Bookmarks. You can open it with any text editor. The timestamps are stored in WebKit format – a 64-bit value for microseconds since Jan 1, 1601 00:00 UTC.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1361 reads)

Forensic Pattern Of Life Analysis

Tuesday, February 25, 2020 (15:32:58)
by Christa Miller, Forensic Focus

Pattern of life analysis isn’t a new concept to anyone who’s ever been involved with intelligence, in particular surveillance. It’s all about the habits that people — suspects, persons of interest, crime victims, or those connected to any of the above — carry out in day-to-day life.

When it comes to digital devices, how users interact with them can tell a very detailed story about any given timeframe. There are two reasons for doing this. One, as Brett Shavers outlined in a blog post last year, is to tie a particular device to a user — more of an issue for a computer or tablet than a smartphone.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1229 reads)

Get Uber Acquisition And Timestamps In Google Search URLs In Magnet AXIOM 3.10

Monday, February 24, 2020 (18:02:35)
Magnet AXIOM 3.10 is now available for AXIOM users! Get Magnet AXIOM 3.10 today to acquire from Uber, get new timestamps in Google search URLs, as well get more than 20 updated artifacts.

If you haven’t tried AXIOM yet, request a free trial here.

BlackBag Announces Release of MacQuisition 2020 R1

Monday, February 24, 2020 (16:15:56)

MacQuisition brings together the most comprehensive Apple imaging with new live and booted triaging of Apple devices, in industry-leading release.

FORMOBILE Survey: Law Enforcement Officers' Requirements For Training

Monday, February 24, 2020 (14:31:36)
For a project that promises great leaps in the development of mobile forensic related technologies, and a complete guide to the practices and standards that professionals in Europe should follow, the necessary training to support these initiatives is critical!

That is why a new ‘Novel Training Curriculum’ was defined as the third objective of FORMOBILE. Effective training empowers specialists, instilling them with confidence and assuring them that they are following the best methods to complete their work.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1950 reads)