±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 33166
New Yesterday: 0 Visitors: 65

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Search on This Topic: News

[ Go to Home | Select a New Topic ]

MediaCache On Seagate drives – A Potential Problem For Digital Forensics

Tuesday, December 12, 2017 (16:03:08)
Imagine a situation where a police unit is preparing for the arrest of a person who committed a fraud with credit cards over the internet. He is using his laptop at the moment and filling the Excel file with the CC numbers.

Police officers break the door and when they are about to put on the hand cuffs, the felon smashes his laptop with something or drop it on the floor. If he is using a certain Seagate drive (families: Rosewood, Yarra, Granada…), there is a chance of losing files which can be used for digital evidence.

This potential problem can be explained as a corrupted MediaCache.

New MOBILedit 5.0 With Revolutionary Live Updates System Released

Tuesday, December 12, 2017 (13:31:24)
The new MOBILedit Forensic Express 5.0, the all-in-one mobile device examination tool, comes with a revolutionary feature - Live Updates of the app analyzer engine. It allows for quick response to new apps, their updates, new data structures and encryption. You can get the necessary updates of this forensic tool in hours or days instead of weeks or months. You no longer need to analyze app databases manually, the MOBILedit team does it for you...

PFIC & Park City - Together Again!

Tuesday, December 12, 2017 (12:50:29)
11th Annual PFIC is back where it all started, in the mountains of Park City, Utah.

We, at Paraben, have been missing the fresh mountain air. We are excited to announce that PFIC 2018 will be back at our favorite location in Park City, UT and hosted at the Park City Marriott hotel. We have announced the dates and call for speakers for PFIC 2018. The 2-day training event will be held on September 5th and 6th at the Park City Marriott hotel.
This is the 11th year of PFIC, which is renowned for bringing together top-notch speakers and excited attendees to create a high energy learning event focused on cyber-forensics. PFIC is designed so that attendees get to attend 100% of the conference by going to lectures on one day and labs on the next day; no more being stuck with the issue of picking and choosing between great topics.
  • Posted by: Shan
  • Topic: News
  • Score: 0 / 5
  • (502 reads)

MSAB And Kovar & Associates Agree To Partner On Drone Forensics Work

Tuesday, December 12, 2017 (10:11:45)
MSAB and Kovar & Associates announced today that the two companies have signed an agreement to work together to expand the drone forensics capabilities offered by MSAB.

Evidence Gathering For Network Security And Forensics

Monday, December 11, 2017 (09:58:39)
Dinil Mon Divakaran discusses his research at DFRWS EU 2017.

Divakaran: Good morning, everyone. My name is Dinil Mon Divakaran, and this work is with three other authors – Kar Wai, Ido, and Vrizlynn. We are from the A Star Institute for Infocomm Research. And as has been introduced, [00:25] Evidence Gathering for Network Security and Forensics.

So I think [00:30] takeaways from yesterday’s dinner talk was that [00:37] evidence, right? [00:42] trying to figure out if they can say something with more number of evidences. Before I start, I also would like to say that [00:57] [active borders between security and forensic attributes], kind of similar in many network security and forensic work that at least I am involved in. In the sense that the solution can be used for forensic analysis, can also be used for security analysis, offline, online, and real-time [01:19].

Read the full transcript and watch the video here.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (607 reads)

Mobilyze 2017 R1.1 Is Now Available

Thursday, December 07, 2017 (10:32:36)
BlackBag Technologies is pleased to announce the release of the latest version of our mobile device triage tool, Mobilyze 2017 R1. New features added to this version of Mobilyze are designed to increase the capabilities of Mobilyze examiners to analyze the latest iOS and Android devices.

Improvements include:
- Support for Apple iOS 11
- Support for Android 8 Oreo
- iPhone 8 identified for full collection and analysis
- iOS 11 encrypted backups and MDM profiles detect and prompt for passwords
- Expanded Emoji support, including from the latest iOS 11.1 release

Learn more about the latest Mobilyze release.

Imaging Locked Motorola Devices Via Bootloader Exploit

Tuesday, December 05, 2017 (12:09:47)
Last-generation Android devices are gradually getting more secure, even approaching iOS-grade security in some usage scenarios. Equipped with fingerprint readers and compulsory encryption of the data partition, Android smartphones became a much tougher acquisition target compared to just a couple of years ago. In this world of increasing security, security firms go out of their way to discover usable techniques for imaging such devices. In this article, we will discuss the latest technique allowing experts to perform bootloader-level imaging and decryption of 2015, 2016 and 2017 Motorola models running Android 5.0 through 7.0.

Bootloader Lock

Before we go on to the new acquisition method, let us first have a look at Android data protection mechanisms. In this article, we’ll concentrate on three things: bootloader lock, encryption, and passcode. Let’s start with bootloader.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1047 reads)

Segmented Hashing With Atola Insight Forensic

Monday, December 04, 2017 (10:59:17)
It has been a year since Atola Technology introduced the concept of Segmented hashing, presented the open-source tool Seghash and supported it on its flagship device, Atola Insight Forensic.

While this method of hashing has a number of benefits for forensic specialists, among its strongest advantages is its applicability to damaged drives.
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (1078 reads)

New Webinar Added To The AccessData Coffee Break Webinar Series

Thursday, November 30, 2017 (12:56:50)
AccessData recently added a webinar to their popular Coffee Break Webinar series—a series of 30-minute “how to” webinars targeted to the end user.

The webinar, How to identify, assess and eliminate risk with AD RTK™ will walk attendees through the features and benefits of one of the newest products from AccessData. AD RTK™ (Risk Toolkit) is a powerful new tool corporations and government agencies can use to combat problematic or sensitive data. It locates potential information risks—very often, authorized data residing in unauthorized locations, such as classified information on an unclassified network—and remediates it across the enterprise. In addition, AD RTK can run scans of thousands of computer endpoints and network share repositories once at a time or it can be scheduled for recurring jobs to ensure ongoing vigilance.

To find out more about this exciting new product, register for the webinar on 19 December 2017.
  • Posted by: hhagene
  • Topic: News
  • Score: 0 / 5
  • (937 reads)

The CSI Effect – Expectations Vs Limitations

Thursday, November 30, 2017 (11:09:10)
by James Zjalic

Much has been written about the CSI phenomenon within digital forensics circles, but is there a way we as experts can reduce this effect, maybe not globally but at least amongst our own clients? In just the last couple of weeks, I’ve had requests to enhance a speaker on the other end of the phone, on a recording in which the voice on the other end of the phone sounded like something you would hear on a cartoon. It had the rhythm of somebody speaking but that’s about all it had going for it. Another request asked to enhance a video recording in which the two individuals were seated at a distance, in a dark room, with sunlight streaming through a window across the camera lens and a lamp in front of one of the individuals faces. A third and final example is being asked to enhance the screen of a mobile phone from pictures of said mobile phone. That shouldn’t be a problem you think. Until you consider the pictures were being taken from distances of over a meter of a phone that was turned away from the camera lens.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (743 reads)