±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 34714
New Yesterday: 2 Visitors: 225

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Page 3

Forensic Focus Forum Round-Up

Tuesday, October 23, 2018 (11:24:22)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

What is anti-forensics, how can we prove its relevance to an investigation, and how much of a challenge is it to the industry? Add your thoughts in the forum.

Can you help bjh505 to image a WinBook TW800?

What digital forensic case management software would you recommend?

The debate about whether ISO 17025 is the right standard for digital forensics rages on; and if not, what should the alternative be?

Why is this local admin account displaying incorrect time stamps? Share your thoughts on the forum.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1028 reads)

Atola Technology Shows How To Tackle Acquisition Of Growing Data Volumes

Monday, October 22, 2018 (07:38:24)
In the recently published survey by Forensic Focus, it was the volume of digital data per case that was named one of the biggest challenges facing forensic examiners these days. Over 23% of respondents agreed that this, along with the increase in the number of cases (nearly 5%), has become a pressing issue. To tackle this problem, Atola Technology has developed Atola TaskForce, a hardware forensic imager capable of imaging multiple drives at their top speeds, cumulatively achieving the overall speed of 15 TB/hour!
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (1638 reads)

Interview With Sheldon Feinland, VP Of Sales, BlackBag

Friday, October 19, 2018 (11:23:16)
Sheldon, you're VP of Sales at BlackBag. Tell us about your role: what does a day in your life look like?

At BlackBag, I am responsible for the revenue of the entire company. I plan and work with several other team members on the go to market strategy. This includes figuring out exactly who are we selling to, what we can sell them to help meet their needs, where the customer is, and how are we going to approach the marketplace.

A typical day involves working with current and prospective customers on solving their needs with our solutions. I speak to customers to understand how they are using our solutions and what they would like to see in future releases. Partners (resellers, consultants, and other software companies) play a major role in our strategy, so during the day I am usually talking to many of them.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (899 reads)

Executing Windows Command Line Investigations

Thursday, October 18, 2018 (12:46:32)
by Chet Hosmer, Joshua Bartolomie and Rosanne Pelli

Reviewed by Scar de Courcier, Forensic Focus

Ensuring the integrity of evidence is one of the most important parts of the digital forensic investigation process, and yet according to some reports it is one of the most frequently overlooked in courses on the subject.

The title of Hosmer, Bartolomie & Pelli's book is Executing Windows Command Line Investigations While Ensuring Evidentiary Integrity, and as far as I can tell it is the only book that gives a step-by-step guide to the Windows command line for DFIR practitioners.

Sensibly, the book begins with a discussion of the impact of Windows command line investigations. Not only does this set the scene for why the book's subject is important, it also helps investigators to understand some of the situations in which command line investigations might be necessary and some of the vulnerabilities they might come across.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1255 reads)

Register For Webinar: Overcoming Email Preservation Challenges

Thursday, October 18, 2018 (11:18:49)
Email evidence often plays a pivotal role in digital forensics investigations and eDiscovery. When preserving emails from the cloud, forensics experts have to consider issues such as multi-factor authentication, running-in-place searches on the server before the acquisition, handling server errors and throttling, privacy issues, and time constraints.

In this webinar, we will discuss how to overcome such challenges with the right tools and workflow. You will also be able to join the conversation and ask questions live!

Join Arman Gungor for a 60-minute webinar where you'll learn:

- How to acquire emails from mailboxes without having to learn the custodian's password.
- How law enforcement agencies can preserve emails from suspects' mailboxes using existing browser login sessions.
- What you can do to complete an acquisition successfully if the process gets interrupted due to network errors or server throttling.
- How you can run comprehensive, in-place searches on Gmail, Exchange, and IMAP servers before the acquisition.
- How to document your process effectively during a forensic email collection.

Presenter: Arman Gungor, Metaspike

Thursday, October 25, 2018 at 11 AM (PDT)

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (859 reads)

Requirements In Digital Forensics Method Definition: Observations From A Study

Wednesday, October 17, 2018 (13:39:34)
by Angus M. Marshall & Richard Paige

During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements in the methods and a reluctance or inability to disclose requirements on the part of tool producers. This leads to a break in evidence of correctness for both tools and methods, resulting in incomplete validation. They compare the digital forensics situation with other ISO 17025 accredited organisations, both forensic and non-forensic, and propose a means to close the gap and improve validation. They also review existing projects which may assist with their proposed solution.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1076 reads)

Review Of Data Pilot 10 From Susteen

Tuesday, October 16, 2018 (12:49:23)
by Scar de Courcier

Susteen’s Data Pilot 10 aims to make it easier for digital forensic examiners to acquire evidence from mobile devices in the field and analyse it back in the lab. In this review we will take a look at some of the Data Pilot’s key features and how it functions in a field environment.

The first thing that strikes you about this device upon removing it from the box is how rugged it is. It has a rubberised exterior that looks like it could deal with some fairly rough handling, and it has covers on all ports for protection. There is also dust and water resistance built in, and it's IP66 certified for water resistance and milspec.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (797 reads)

5 Ways Size Makes A Difference In Forensics

Tuesday, October 16, 2018 (11:12:26)
Forensics is frustrating, like most situations, when you lack the right tools.

Work in the field tests and proves theories discussed in an office. In theory, forensic solutions are needed, but they can’t come in a package the size of a house or at the cost of a new car.

Agents in field, need to have a forensic solution that’s not too big. It needs to fit in the palm of your hand. Who has the space to carry it in a suitcase or lug a desktop computer around.

In short, then, here’s our Top 5 Ways Size Makes a Difference

1. Size Matters
2. Tough and Rugged
3. It’s currently missing from your toolkit
4. Mobile Forensic Solutions Can Now Be in The Field
5. Give the Lab Guys Better Sourced Field Evidence

Data Pilot 10 Field Acquisition Device

Techno Security TX 2018 – Recap

Monday, October 15, 2018 (17:57:54)
This article is a recap of some of the main highlights from Techno Security TX 2018, which took place in San Antonio, Texas from the 17th-19th September.

The conference had four tracks: forensics; information security; audit / risk management; and investigations, along with sponsor demos. Forensic Focus attended the forensics and investigations tracks during the event.

Magnet Forensics’ Jessica Hyde opened the conference with a discussion on the proliferation of devices. With 20 billion connected devices projected to be online by 2020, this is a growing concern in the industry. And considering that the results of our latest survey show that data triage is one of the biggest challenges investigators face, it’s certainly a topic that requires attention. Hyde also mentioned the importance of verification and validation in the industry.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (681 reads)

Enhanced WhatsApp Support And Much More Available In Magnet AXIOM 2.6

Monday, October 15, 2018 (08:49:11)
Magnet AXIOM 2.6 is bringing big updates to Magnet AXIOM Cloud with WhatsApp backups, iCloud and Cloud Administrator account support. Together with improvements to Magnet.AI and to overall performance, AXIOM 2.6 demonstrates our commitment to being the gold standard for usability.

Try it for yourself now! If you’re a customer, download AXIOM 2.6 right now either in-app or in the Customer Portal. If you want to try AXIOM 2.6 for yourself, request a trial today.