Articles Archives - Page 22 of 44

Facebook’s Privacy Manifesto: What Does It Mean For Digital Forensic Investigations?

22nd February 202316th May 2019

by Christa Miller, Forensic Focus Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the

How To Image From A Network Repository Using Logicube’s Forensic Falcon-NEO

12th May 20209th May 2019

Welcome to Logicube’s tutorial on the Falcon-NEO Forensic Imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, and to image from a network location using iSCSI. Two 10GbE ports provide

Following The RTM: Forensic Examination Of A Computer Infected With A Banking Trojan

12th May 20206th May 2019

by Oleg Skulkin Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the trojan have been sent to potential victims with admirable persistence. From September to December 2018 the RTM group

Walkthrough: Carving With Belkasoft Evidence Center

12th May 20203rd May 2019

by Yuri Gubanov, Danil Nikolaev & Igor Mikhailov © Belkasoft Research Carving is an irreplaceable technique widely used in data recovery and digital forensics. By using carving, we essentially perform a low-level scan of media for various artifacts, looking for

Mobile Virtual Network Operators (MVNOs) In The US

12th May 202017th April 2019

by Patrick Siewart Increasingly, cellular records and their associated location information are being used in civil litigation, where previously they were considered to be a “law enforcement only” tool. But in the age when users carry at least one smartphone

Windows Registry Analysis 101

12th May 20205th April 2019

by Chirath De Alwis Computer forensics is the process of methodically examining computer media (hard disks, diskettes, tapes, etc.) for evidence [1]. When considering computer forensics, registry forensics plays a huge role because of the amount of the data that

Digital Forensics Jobs And Career Paths

22nd February 20233rd April 2019

Digital forensics jobs and career path options have grown significantly over the past few decades. In fact, the profession has matured to the extent of making multiple career paths possible. Now, professionals who are interested in finding a job in

Using The Content-Length Header Field In Email Forensics

12th May 202029th March 2019

by Arman Gungor As forensic examiners, we often have to analyze emails in isolation without the benefit of server metadata, neighbor messages, or data from other sources such as workstations. When authenticating an email in isolation, every detail counts—we review

Burnout in DFIR (And Beyond)

5th August 202415th March 2019

by Christa Miller, Forensic Focus Quite a lot has been written over recent weeks about burnout. Not only DFIR-specific posts, first from Richard Bejtlich and then, in follow-up from Eric Huber and Brett Shavers; but also news articles including: Why

How To Install And Use The Optional Thunderbolt I/O Card On Logicube’s Falcon-NEO

12th May 20207th March 2019

Welcome to Logicube’s tutorial on the optional Thunderbolt I/O card on the Forensic Falcon-NEO. In this session, we’ll show you how to install and use this card. The optional Thunderbolt I/O card connects directly to Falcon-NEO’s source or destination I/O

Email Forensics: Investigation Techniques

12th May 202015th February 2019

by Chirath De Alwis Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails

Forensic Examination Of Manipulated Email In Gmail

12th May 202029th January 2019

by Arman Gungor Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using

Dissecting Malicious Network Traffic To Identify Botnet Communication

12th May 20207th January 2019

by Swasti Bhushan Deb Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to

Scene Of The Crime: You’ve Found A Drone. What Do You Do?

12th May 202021st December 2018

by Lee Reiber, COO, Oxygen Forensics, Inc. The proliferation of recreational drones and their impact on digital incident response has dramatically increased during the last several years. In January 2018, Nextgov stated the U.S. Federal Aviation Administration (FAA) reported over

Walkthrough: Forensic Falcon NEO From Logicube

12th May 20207th December 2018

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session, we’ll conduct a product tour, including all of the various ports available, and show you how hard drives are connected to the Falcon NEO. At the front of

How To: Multitask With Logicube’s Forensic Falcon NEO

12th May 20204th December 2018

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session we’ll show you how to multitask. For this tutorial I have connected the Falcon NEO to a network, and from a PC on the same network I’ve logged