Forensic Focus

Hexacorn suggests that the Run key in the Windows registry could be interesting for forensic investigators to look at. Harlan Carvey wrote a post discussing troubleshooting and deep knowledge, or what to do when a tool that we’re using doesn’t

by Christa Miller, Forensic Focus Malware aimed at industrial control systems (ICS) is nothing new. Nearly 10 years have passed since Stuxnet first targeted the supervisory control and data acquisition (SCADA) systems and programmable logic controllers (PLCs) associated with centrifuges

The Byton M-Byte is “a premium vehicle, the crowning glory of which is an enormous 4K screen that spreads across the full width of the dashboard, eliminating the need for conventional instruments and dials.” A great repository of information for

by Arman Gungor My last article was about using the Content-Length header field in email forensics. While the Content-Length header is very useful, it has a couple of major shortcomings: • Most email messages do not have the Content-Length header

by Jade James Griffeye Analyze DI Pro is used by law enforcement agencies and other national security and defence organisations for all sorts of investigations involving large volumes of media files. Although it is perhaps most well known for its

Welcome to Logicube’s tutorial on the Falcon-NEO forensic imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, or using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In

Congratulations on your new role! Tell us more about your law enforcement career. How did you get into digital forensics? Thanks so much! I am excited about the opportunity to come and work for Amped Software. I got into digital

This year’s Digital Forensics Challenge from the Korean Institute of Information Security & Cryptology (KIISC) has been announced. BlackBag’s latest version of MacQuisition can now decrypt physical images of the latest Mac systems utilizing the Apple T2 chip. Magnet AXIOM

by Christa Miller, Forensic Focus Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the

Welcome to this month’s round-up of recent posts to the Forensic Focus forums. Can you recommend a script for filling up NVMe storage drives with random data? How do you find the date and time stamps of encrypted volumes mounted