±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 35260
New Yesterday: 4 Visitors: 163

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Page 2

Search on This Topic: News

[ Go to Home | Select a New Topic ]

BlackBag Announces Physical Decrypted Image From Macs With T2 Chip

Monday, March 11, 2019 (10:35:05)

BlackBag Technologies is proud to announce the first and only solution to produce a decrypted physical image of Apple’s latest Mac systems utilizing the T2 chip. Current logical imaging solutions, including functionality available in the previous version of BlackBag’s own MacQuisition tool, and competing solutions like Sumuri Recon and EnCase, miss critical file system information that only this new level of physical access will be able to provide. This vital imaging functionality will be available in the upcoming MacQuisition 2019 R1 release and the output will be seamlessly ingested for analysis by BlackLight 2019 R1.

Paliscope Webinar Re-Run: Online Investigation Of A Real-World Trafficking Case

Thursday, March 07, 2019 (08:55:35)

By: Paliscope (peer company to Griffeye)
Date: 2019-03-13
Time: 15.00 CET (9 am EST)
Speaker: Christian Berg, CEO & Founder of Paliscope

Since many in our law enforcement community have asked for it: here's a re-run of our previous webinar "Online Investigation of a Real-word Trafficking Case". So if you missed the last one, or want to watch it again, take the chance to join us on March 13!

How To Install And Use The Thunderbolt I/O Card On Logicube’s Falcon-NEO

Thursday, March 07, 2019 (08:03:24)
Welcome to Logicube’s tutorial on the optional Thunderbolt I/O card on the Forensic Falcon-NEO. In this session, we’ll show you how to install and use this card.

The optional Thunderbolt I/O card connects directly to Falcon-NEO’s source or destination I/O card ports. This card allows you to image directly to or from Thunderbolt USB C, and USB 3.1 Gen 2 external drives and enclosures. The Thunderbolt card comes with a labelled replacement door for the Falcon-NEO, along with a small screwdriver.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1038 reads)

Logicube To Showcase Forensic Product Line at Techno Security San Diego

Tuesday, March 05, 2019 (15:47:31)
Logicube, Inc. is pleased to announce that we will be exhibiting at the upcoming Techno Security & Digital Forensics Conference, March 11-13, in La Jolla, California. Our flagship product, The Falcon®-NEO, along with our Talon® Ultimate forensic imager and our full line of WriteProtect™ write-blockers will be featured in the exhibit hall.

We’ve added some exciting new options to the Falcon-NEO forensic imaging solution since we launched the product last spring; a SCSI Module and a FireWire™ Module that adds the capability to image to/from SCSI or FireWire® storage solutions and just recently a new Thunderbolt™ 3/USB-C I/O card that supports imaging to/from Thunderbolt external drives and enclosures.
  • Posted by: lmd07
  • Topic: News
  • Score: 0 / 5
  • (1302 reads)

Digital Forensic Training From Belkasoft

Tuesday, March 05, 2019 (11:41:35)
Great news from Belkasoft: In addition to on-site digital forensic trainings, we are adding Live Online classes on BEC 2019!

We have also added more dates and locations for 2019 on-site trainings. The updated schedule is below:

Styx: Countering Robust Memory Acquisition

Monday, March 04, 2019 (13:02:21)
Ralph: Welcome, everyone, and thank you for the introduction as well as having the opportunity to present our research. As mentioned, my name is Ralph Palutke, and I work as a PhD student for the Security Research Group of the Friedrich Alexander University of Erlangen and Nurnberg, which is led by Prof. Freiling, who is also attending this conference.

As for this talk, I want to propose a novel rootkit technique that is able to counter memory acquisition tools that claim to be even robust against anti-forensics.

Nowadays, malware is still the enabling technology for modern cybercrime, and therefore, we have a great demand for methods to detect, acquire, and analyze such malware. And since modern malware often exists in volatile memory only, memory acquisition has become a vital tool for digital investigations. In this talk, I want to focus solely on software-based methods that run directly on the target system, and lately, we’ve seen that memory forensics has to face two new sophisticated threats, which are, on the one hand, hidden memory rootkits, as well as rootkits that subvert hypervisor technology.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1075 reads)

Interview With Christa Miller, Content Manager, Forensic Focus

Friday, March 01, 2019 (12:13:13)
Christa, you've just joined Forensic Focus as a Content Manager - welcome on board! Tell us a bit about your background and how you came to work in digital forensics content creation.

Thank you Scar! I’m coming to Forensic Focus after 10 years of working in marketing and communications for various DFIR vendors. While I’ve contributed more “typical” marketing content like brochures, emails, etc., my “sweet spot” has always been in meatier pieces like white papers, magazine articles, technical blogs, etc.

That’s because for the 10 years before that, I was a freelance writer specializing in tech topics for law enforcement trade magazines. I covered a wide range of post-9/11 technology, from CAD/RMS interoperability to red light cameras, along with articles about “softer” topics like media relations and how to identify cyber bullying and harassment.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1063 reads)

Free Online XRY Reader To XAMN Viewer Transition Course Now Available

Thursday, February 28, 2019 (16:48:30)
Learn to utilize XAMN Viewer and make your transition from XRY Reader easy

XRY Reader has served for many years as a widely used tool for viewing and analyzing XRY extraction files. In recent years, mobile phone use has increased dramatically, new types of mobile devices have come into wide use, and data volumes have grown exponentially. At the same time, MSAB has made many improvements in the technology on which we build our mobile forensic tools.

Decision-Theoretic File Carver For Triage Situations

Thursday, February 28, 2019 (15:28:55)
Pavel Gladyshev discusses his research at DFRWS EU 2018.

Pavel: Thank you. Good evening, good afternoon, ladies and gentlemen. Today, I’d like to briefly tell you about an open-source tool and general approach that we invented about a year ago. I’m going to talk about what we call decision-theoretic file carver, and that’s a collaboration between myself and Joshua James.

The original idea was to speed up file carving, and to give you an idea of what we did, I’ll ask you, do you know this game? Have you ever played Battleship game? You put ships on the map, and then you try to hit in different places to discover where the ships are. Then we thought, and we realized that file carving is like Battleship game on the Suez Canal, where you have all the files along the canal, and you can bomb them with a file carver [test] in particular, these blocks.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (757 reads)

Now Released: XRY 7.11.1 Office Version – With An Improved XRY Photon Feature

Thursday, February 28, 2019 (13:57:15)
XRY 7.11.1 is now available for download for XRY Office customers only.

This is a technical maintenance release for XRY Office only. This release should be viewed as a minor update in terms of technical support and there will not be any corresponding updates to Kiosk, XAMN or XEC products at this time.