A round-up of this week’s digital forensics news and views:
Importing NSRL V3 hashsets into legacy tools
NSRLConvert can change the new SQLite NSRL hashsets into a plain list of MD5 hashes. The program is available here and can be used with the following syntax: NSRLConvert.exe {databasename} {outputfile}…
Intro to forensics in the cloud: A container was compromised. What’s next?
Forensics in cyber security is the process of extracting and recovering data after an attack has occurred in order to fully assess it…
Microsoft turns to court order to take down ransomware hacking tool that targeted hospitals
Microsoft and a group of cybersecurity firms received help from the courts with the massive takedown Thursday of a notorious hacking tool that had been co-opted by cybercriminals to target hospitals and healthcare systems…
Investigating the Privacy and Security of the SimpliSafe Security System on Android and iOS
While home security and smart home devices provide convenience and ease of mind for users, their associated data are also increasingly used as forensic evidence in criminal cases…
“48 Hours” obtains never-before-seen footage of the mysterious killer known as the “Hat Man”
Once upon a time, Kassanndra’s disappearance may have turned into a cold case, but these days digital breadcrumbs are ubiquitous…
The Role of Artificial Intelligence in Ephemeral Messaging
In recent months, U.S. regulators and enforcement authorities alike have signaled through enforcement actions and pronouncements that they are paying closer attention to companies’ oversight practices regarding employees’ permitted use of third-party messaging applications, including ephemeral messaging…
Getting SMART(er) with Information
After creating a forensic image of the drive, I may be able to check the SMART attributes of the NVMe SSD with a Linux OS via smartmontools. Will this work? What changes will be made…
Identification, acquisition, and examination of iSCSI LUNs and VMFS datastores
I was recently presented with a situation where I needed to access data stored directly on an iSCSI LUN, and needed to assess the capability of forensic tools to identify and acquire data stored in this location…
Read More (Digital Forensics & Incident Response)
What Are Deepfakes? Here’s How You Can Spot Them
A trickle of AI-fueled misinformation has turned into a powerful stream over the past year, with fake photos and videos—from Donald Trump’s and Vladimir Putin’s “arrest” to the Pope’s “gangsta” outfit—highlighting the scope of the problem…
Expert: Mining cellphone data in Lehrkamp case time consuming
A digital forensic investigations expert says mining data from cellphones in some cases can take months and that there are several variables that can impact how long the evidence-gathering process takes…