Techno Security Myrtle Beach 2018 – Recap

by Scar de Courcier

This article is a recap of some of the main highlights from the Techno Security & Forensic Investigation Conference 2018, which took place in Myrtle Beach, SC from the 3rd-6th June 2018.

Under the sunny skies of South Carolina, the digital forensic community got together at the beginning of June this year to discuss topics ranging from international espionage to the admissibility of evidence obtained from the cloud. The conference was split into several streams: audit / risk management; forensics; information security; and investigations. There were also labs run by Cellebrite and Magnet Forensics, and various sponsor demos throughout the conference. The exhibition hall was open at various points throughout the day, allowing attendees to meet representatives from universities, forensics companies and law enforcement agencies and discuss current industry trends.

The first session Forensic Focus attended was conducted by Richard Spradley from Whooster, who was discussing how to decode investigative data in real-time. Spradley talked about how VOIP and burner phones are the hardest devices to investigate, but there are ways of identifying people using such phone numbers. Often a person will use a burner phone for more than one thing; while they might not use it to call their friends, they may place a personal ad, for example. Geographical identifiers are also important and may be able to give you a back door into a phone, especially if you have a partial name or frequently used alias.

Mark Spencer from Arsenal Consulting then spoke about what happens when things go wrong in a digital forensic investigation, particularly in a high stakes case. Attendees discovered the full story behind the forged digital forensics report which was discussed in our forums last year: a fascinating and definitely high-stakes investigation! The main takeaway? Timelines can lie to you. It is possible, in certain cases, that every timestamp has been forged and there is no ‘hidden’ timestamp that will help you in these situations.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Yulia Samoteykina and Mokosiy from Atola discussed the need for speed in digital investigations, and demonstrated how their new Atola TaskForce tool can help to ease the pain of large-scale investigations. They quoted the results of Forensic Focus’ 2015 survey, specifically the response to the question ‘What is the biggest challenge facing digital forensic investigators today?’

The proliferation of devices and the number of damaged drives investigators are having to look at are both important challenges in digital forensics. It was interesting to see Atola’s latest offering and its ability to address these issues, particularly for cases that require very quick turnaround times.

The keynote address on the second day of the conference was by Roman Yampolskiy, who looked at AI and its implications for the future of cybersecurity. Sticking with the subject of new advances in technology, Jerry Diamond from MSAB discussed drone forensics and some of the unique challenges of extracting data from drones.

Admissibility of evidence from the cloud is something that affects law enforcement agencies around the world, and in the afternoon on Monday a panel session convened to discuss this topic. One of the main areas of concern is that case law is being developed as we go along, so it can be hard to understand what is and what is not allowed to be admitted as evidence. Consent is another issue: if a suspect won’t give you access to their device but their spouse gives you access to the cloud account to which they know the password, will that stand up in court? The concensus seemed to be that it generally would, especially if the cloud account was shared by both parties, but there were questions around exactly what could be gathered from the cloud without compromising investigative integrity.

John Wilson from Discovery Squared presented an interesting talk about investigations involving Bitcoin and other cryptocurrencies. While these are in theory anonymous, it can sometimes be possible to trace a trail and end up with more information than you might have expected.

Abdul Hassan from the International Counter Terrorism Forensics Foundation opened the day on Tursday with an Early Riser Session about counter terror forensics. International law was a big point for consideration in this session: terrorists know where INTERPOL faces restrictions and they deliberately locate their servers in these territories in an attempt to foil investigations.

Magnet Forensics’ Jessica Hyde then ran an invigorating session about using operating systems, memory and other artifacts to piece together elements of an investigation. There will be a webinar on the subject later this month – watch this space!

After lunch, retired SSA FBI Bob Osgood talked attendees through the investigation into Robert Hanssen, an FBI agent who was also working as a Russian spy. Digital forensics were instrumental in his arrest and eventual conviction: the final nail in the coffin was his PDA, which contained notes in which he’d written the locations of the drop-offs for the Russians.

The final day of the conference began with Amber Schroader from Paraben demonstrating some of the key challenges in smartphone investigation, and how they can be eased with comprehensive investigative procedures and intelligent outsourcing. Wednesday ended with a fascinating session about how deep learning techniques can be used to detect indecent images and videos of children, and some attendees dispersed while others stayed on for the training sessions which were taking place on Thursday.

The next Techno Security & Forensic Investigation conference will take place in Texas in September – register here.

2 thoughts on “Techno Security Myrtle Beach 2018 – Recap”

  1. Brilliant Pie Chart by the way. I love the way that “Encryption” and “New Applications / Artifacts” not only have the same colour but are next to each other in the Pie. It makes the results really clear. Well done on checking your work before posting it.

Leave a Comment

Latest Videos

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices.

Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity.

Show Notes:

100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/

Domestika - https://www.domestika.org/en

MIT OpenCourseWare - https://www.youtube.com/@mitocw 

MasterClass - https://www.masterclass.com/

Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html

Flipper Discord - https://discord.com/invite/flipper

Flipper Zero - https://flipperzero.one/

This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/

Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard

Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/

Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069

GoldenEra - https://www.imdb.com/title/tt11753760/

Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam

High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series)

Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/

The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders

Logical fallacies - https://yourlogicalfallacyis.com/

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices.

Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity.

Show Notes:

100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/

Domestika - https://www.domestika.org/en

MIT OpenCourseWare - https://www.youtube.com/@mitocw

MasterClass - https://www.masterclass.com/

Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html

Flipper Discord - https://discord.com/invite/flipper

Flipper Zero - https://flipperzero.one/

This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/

Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard

Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/

Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069

GoldenEra - https://www.imdb.com/title/tt11753760/

Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam

High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series)

Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/

The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders

Logical fallacies - https://yourlogicalfallacyis.com/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_5f72B6DD5wk

Programming Languages, Flipper And Gaming

Forensic Focus 24th May 2023 11:43 am

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian. 

Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git. 

He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git. 

Show Notes:

Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/

GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/

Conpago - https://www.conpago.com.au/

Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security-threats-from-the-twitch-leak/

Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsayegh/2023/03/15/teenagers-leveraging-insider-threats-lapsus-hacker-group

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology-60864283

Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-dynamic-secrets

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-code-crappy-copilot/

trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/trufflehog

gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks

Git (Wikipedia) - https://en.wikipedia.org/wiki/Git

awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian.

Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git.

He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git.

Show Notes:

Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/

GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/

Conpago - https://www.conpago.com.au/

Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security-threats-from-the-twitch-leak/

Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsayegh/2023/03/15/teenagers-leveraging-insider-threats-lapsus-hacker-group

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology-60864283

Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-dynamic-secrets

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-code-crappy-copilot/

trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/trufflehog

gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks

Git (Wikipedia) - https://en.wikipedia.org/wiki/Git

awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_BX15Z_xF8mA

Preventing Data Leaks With Git Guardian

Forensic Focus 3rd May 2023 11:07 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...