Digital Forensics Round-Up, April 13 2023

A round-up of this week’s digital forensics news and views:


Importing NSRL V3 hashsets into legacy tools

NSRLConvert can change the new SQLite NSRL hashsets into a plain list of MD5 hashes. The program is available here and can be used with the following syntax: NSRLConvert.exe {databasename} {outputfile}…

Read More (Ask Clees)


Intro to forensics in the cloud: A container was compromised. What’s next?

Forensics in cyber security is the process of extracting and recovering data after an attack has occurred in order to fully assess it…

Read More (Wiz)


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.


Microsoft turns to court order to take down ransomware hacking tool that targeted hospitals

Microsoft and a group of cybersecurity firms received help from the courts with the massive takedown Thursday of a notorious hacking tool that had been co-opted by cybercriminals to target hospitals and healthcare systems…

Read More (CBS News)


Investigating the Privacy and Security of the SimpliSafe Security System on Android and iOS

While home security and smart home devices provide convenience and ease of mind for users, their associated data are also increasingly used as forensic evidence in criminal cases…

Read More (MDPI)


“48 Hours” obtains never-before-seen footage of the mysterious killer known as the “Hat Man”

Once upon a time, Kassanndra’s disappearance may have turned into a cold case, but these days digital breadcrumbs are ubiquitous…

Read More (CBS News)


The Role of Artificial Intelligence in Ephemeral Messaging

In recent months, U.S. regulators and enforcement authorities alike have signaled through enforcement actions and pronouncements that they are paying closer attention to companies’ oversight practices regarding employees’ permitted use of third-party messaging applications, including ephemeral messaging…

Read More (JDSupra)


Getting SMART(er) with Information

After creating a forensic image of the drive, I may be able to check the SMART attributes of the NVMe SSD with a Linux OS via smartmontools. Will this work? What changes will be made…

Read More (Mr. Eerie)


Identification, acquisition, and examination of iSCSI LUNs and VMFS datastores

I was recently presented with a situation where I needed to access data stored directly on an iSCSI LUN, and needed to assess the capability of forensic tools to identify and acquire data stored in this location…

Read More (Digital Forensics & Incident Response)


What Are Deepfakes? Here’s How You Can Spot Them

A trickle of AI-fueled misinformation has turned into a powerful stream over the past year, with fake photos and videos—from Donald Trump’s and Vladimir Putin’s “arrest” to the Pope’s “gangsta” outfit—highlighting the scope of the problem…

Read More (Newsweek)


Expert: Mining cellphone data in Lehrkamp case time consuming

A digital forensic investigations expert says mining data from cellphones in some cases can take months and that there are several variables that can impact how long the evidence-gathering process takes…

Read More (Yahoo!life)

Leave a Comment

Latest Videos

Digital Forensics News Round Up, February 28 2024 #digitalforensics #dfir

Forensic Focus 29th February 2024 4:58 pm

Digital Forensics News Round-Up, February 21 2024 #digitalforensics #dfir

Forensic Focus 21st February 2024 6:19 pm

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. 

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director 
43:45 – Privacy of user data

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts.

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director
43:45 – Privacy of user data

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_ifoHVkjJtRc

How MSAB Is Managing The Digital Forensics Challenges Of Frontline Policing

Forensic Focus 21st February 2024 3:07 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles