±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 1 Overall: 34628
New Yesterday: 8 Visitors: 197

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Digital Forensics News October 2018

Tuesday, October 23, 2018 (16:08:32)
It's the last week of submissions for the DFRWS EU 2019 call for papers.

The Passware Kit Forensic tool from Passware has introduced the ability to recover Bitcoin wallet passwords.

A post on Initialization Vectors demonstrates how to perform digital forensic analysis using a sandbox.

MSAB have released XAMN 4.0, with increased speed and new visualization options.

Griffeye's AI technology has been trained at Taskforce Argos and is now able to detect child abuse content in images and video sets.

Magnet's Trey Amick has posted an article showing how AXIOM can help in Instagram investigations.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (132 reads)

Mobilyze 2018 R2 Now Available

Tuesday, October 23, 2018 (12:18:11)
BlackBag Technologies is proud to release Mobilyze 2018 R2 with additional iOS and Android support. Mobilyze makes triaging mobile devices easy with an interface that lets you go straight from acquisition to a well-formatted report. Sometimes small adjustments need to be made though before reporting, like when the device is set to a different time zone. BlackBag's latest release includes the ability to update timezones as well as features geared to make investigators lives easier.

Mobilyze 2018 R2 now supports iOS 12.0 and displays HEIC images and HEVC videos, used by Apple for live pictures and videos. For Android, group message support for Samsung devices has also been added. For additional iOS updates and more information about the release see the Top New Feature Highlights below.

Forensic Focus Forum Round-Up

Tuesday, October 23, 2018 (11:24:22)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

What is anti-forensics, how can we prove its relevance to an investigation, and how much of a challenge is it to the industry? Add your thoughts in the forum.

Can you help bjh505 to image a WinBook TW800?

What digital forensic case management software would you recommend?

The debate about whether ISO 17025 is the right standard for digital forensics rages on; and if not, what should the alternative be?

Why is this local admin account displaying incorrect time stamps? Share your thoughts on the forum.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (204 reads)

Atola Technology Shows How To Tackle Acquisition Of Growing Data Volumes

Monday, October 22, 2018 (07:38:24)
In the recently published survey by Forensic Focus, it was the volume of digital data per case that was named one of the biggest challenges facing forensic examiners these days. Over 23% of respondents agreed that this, along with the increase in the number of cases (nearly 5%), has become a pressing issue. To tackle this problem, Atola Technology has developed Atola TaskForce, a hardware forensic imager capable of imaging multiple drives at their top speeds, cumulatively achieving the overall speed of 15 TB/hour!
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (918 reads)

Interview With Sheldon Feinland, VP Of Sales, BlackBag

Friday, October 19, 2018 (11:23:16)
Sheldon, you're VP of Sales at BlackBag. Tell us about your role: what does a day in your life look like?

At BlackBag, I am responsible for the revenue of the entire company. I plan and work with several other team members on the go to market strategy. This includes figuring out exactly who are we selling to, what we can sell them to help meet their needs, where the customer is, and how are we going to approach the marketplace.

A typical day involves working with current and prospective customers on solving their needs with our solutions. I speak to customers to understand how they are using our solutions and what they would like to see in future releases. Partners (resellers, consultants, and other software companies) play a major role in our strategy, so during the day I am usually talking to many of them.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (415 reads)

Executing Windows Command Line Investigations

Thursday, October 18, 2018 (12:46:32)
by Chet Hosmer, Joshua Bartolomie and Rosanne Pelli

Reviewed by Scar de Courcier, Forensic Focus

Ensuring the integrity of evidence is one of the most important parts of the digital forensic investigation process, and yet according to some reports it is one of the most frequently overlooked in courses on the subject.

The title of Hosmer, Bartolomie & Pelli's book is Executing Windows Command Line Investigations While Ensuring Evidentiary Integrity, and as far as I can tell it is the only book that gives a step-by-step guide to the Windows command line for DFIR practitioners.

Sensibly, the book begins with a discussion of the impact of Windows command line investigations. Not only does this set the scene for why the book's subject is important, it also helps investigators to understand some of the situations in which command line investigations might be necessary and some of the vulnerabilities they might come across.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (648 reads)

Register For Webinar: Overcoming Email Preservation Challenges

Thursday, October 18, 2018 (11:18:49)
Email evidence often plays a pivotal role in digital forensics investigations and eDiscovery. When preserving emails from the cloud, forensics experts have to consider issues such as multi-factor authentication, running-in-place searches on the server before the acquisition, handling server errors and throttling, privacy issues, and time constraints.

In this webinar, we will discuss how to overcome such challenges with the right tools and workflow. You will also be able to join the conversation and ask questions live!

Join Arman Gungor for a 60-minute webinar where you'll learn:

- How to acquire emails from mailboxes without having to learn the custodian's password.
- How law enforcement agencies can preserve emails from suspects' mailboxes using existing browser login sessions.
- What you can do to complete an acquisition successfully if the process gets interrupted due to network errors or server throttling.
- How you can run comprehensive, in-place searches on Gmail, Exchange, and IMAP servers before the acquisition.
- How to document your process effectively during a forensic email collection.

Presenter: Arman Gungor, Metaspike

Thursday, October 25, 2018 at 11 AM (PDT)

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (451 reads)

Requirements In Digital Forensics Method Definition: Observations From A Study

Wednesday, October 17, 2018 (13:39:34)
by Angus M. Marshall & Richard Paige

During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements in the methods and a reluctance or inability to disclose requirements on the part of tool producers. This leads to a break in evidence of correctness for both tools and methods, resulting in incomplete validation. They compare the digital forensics situation with other ISO 17025 accredited organisations, both forensic and non-forensic, and propose a means to close the gap and improve validation. They also review existing projects which may assist with their proposed solution.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (587 reads)

Review Of Data Pilot 10 From Susteen

Tuesday, October 16, 2018 (12:49:23)
by Scar de Courcier

Susteen’s Data Pilot 10 aims to make it easier for digital forensic examiners to acquire evidence from mobile devices in the field and analyse it back in the lab. In this review we will take a look at some of the Data Pilot’s key features and how it functions in a field environment.

The first thing that strikes you about this device upon removing it from the box is how rugged it is. It has a rubberised exterior that looks like it could deal with some fairly rough handling, and it has covers on all ports for protection. There is also dust and water resistance built in, and it's IP66 certified for water resistance and milspec.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (525 reads)

5 Ways Size Makes A Difference In Forensics

Tuesday, October 16, 2018 (11:12:26)
Forensics is frustrating, like most situations, when you lack the right tools.

Work in the field tests and proves theories discussed in an office. In theory, forensic solutions are needed, but they can’t come in a package the size of a house or at the cost of a new car.

Agents in field, need to have a forensic solution that’s not too big. It needs to fit in the palm of your hand. Who has the space to carry it in a suitcase or lug a desktop computer around.

In short, then, here’s our Top 5 Ways Size Makes a Difference

1. Size Matters
2. Tough and Rugged
3. It’s currently missing from your toolkit
4. Mobile Forensic Solutions Can Now Be in The Field
5. Give the Lab Guys Better Sourced Field Evidence

Data Pilot 10 Field Acquisition Device