A round-up of this week’s digital forensics news and views:
House of Lords Committee Concerned Over Digital Forensics Backlog
Lords’ science committee warns UK digital forensics is at breaking point, with 20,000+ devices backlogged and cases collapsing over missing or damaged evidence. Ministers cite poor coordination and oversight; meanwhile AI and deepfakes erode confidence in evidence, spurring calls for a centralised forensics function to set standards and approve tools.
Read more (computerweekly.com)
Drone Forensics: Extracting What Flight Logs Leave Behind
Drone incidents are spreading across contraband drops, corporate espionage, and battlefield attribution. Mat Fuchs highlights where drone evidence resides, which extraction tools work, and when chip-off may be needed. Guidance covers everything from seized DJI units to crashed FPV builds lacking serial numbers.
Endpoint Inspector Targets Live, Remote Collections With Managed-IT Caveats
A Forensic Focus review examines Cellebrite Endpoint Inspector for remote, live data collection without disrupting users. SaaS hosting and an installed agent support Windows, macOS, and Linux, with collections ranging from targeted artifacts to memory capture and full-disk imaging. Testing reveals cloud storage works best, while local saves and collection restarts can be frustrating.
A Deepfake Can Ruin You Before Breakfast
Forensics expert Hany Farid says generative AI makes deepfakes cheap, scalable, and faster than fact-checks, fueling scams and nonconsensual imagery. He calls hash matching and takedowns insufficient, pushing liability and upstream pressure on hosts, app stores, and payment systems, while his firm GetReal focuses on Zoom and Teams call forensics.
Read more (scientificamerican.com)
Fuji 1.2.0 Adds Recovery-Mode Cartridge For macOS Live Acquisition
Fuji 1.2.0 updates the open-source macOS live logical acquisition tool with a USB “Cartridge” workflow for Apple Silicon and Intel Macs. Recovery mode now copies Fuji into a RAM disk, letting investigators remove and reuse the drive during acquisition. Sysdiagnose output adds more logs and JSONL for Timesketch compatibility.
Building A Repeatable Review Process For Cold-Case Digital Evidence
Agencies often store digital evidence for years, yet few have a repeatable process to re-examine it for cold cases. A structured review framework can add checkpoints, track access gaps, and prioritize re-analysis with modern tools. Clear policies and trained analysts help turn shelved data into actionable leads.
Magnet Virtual Summit 2026 Opens Registration For February
Magnet Virtual Summit 2026 runs February 23–26 with expert-led sessions on AI, mobile, cloud, and incident response. Attendees can expect keynotes, a CTF, live Q&As, and updates on Magnet Forensics products, including Magnet One.
LNK Payload Obfuscation Techniques And Lnk-It-Up Tool
Wietze Beukema highlights LNK payload obfuscation techniques and introduces lnk-it-up for generating and detecting LNK-based payloads. DFIR teams can use it to improve detection engineering and speed triage of suspicious Windows shortcut files.
Nancy Guthrie Case: Experts Urge Cell-Tower Data Review
Digital forensics expert Heather Barnhart urges investigators to examine cell tower data from the night Nancy Guthrie disappeared, describing it as a potential breakthrough in the suspected kidnapping. Authorities continue reviewing security footage and thousands of tips as a $6 million Bitcoin ransom demand remains unverified.
