A round-up of this week’s digital forensics news and views:
Artificial Intelligence in Digital Forensics: a force for good or bad?
Over the past year, Artificial Intelligence (AI) has dominated headlines as the technology rapidly evolves. It’s undeniable that AI will eventually impact the legal system and, in the context of digital forensics casework, the question arises: is AI a force for good or bad…?
Read More (Keith Borer Consultants)
International effort to disrupt cybercrime moves into operational phase
The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference…
Shortage of trained police holding back cybercrime detection
Just one in 10 cases of online crime leads to the identification of a suspect, a report by the Dutch government’s data research bureau WODC has found…
Deserializing NSKey Archives
Serialization holds a crucial role in software development, particularly within the macOS/iOS environment, where NSKeyedArchiver is widely employed to convert Property Lists (PLists) (or data classes) into machine-readable formats…
BBC2 Forensics: the Real CSI reveals how Coventry mum’s murder was solved
The painstaking job police undertook to solve the murder of a Coventry mum has been spelt out in detail on a BBC forensics programme…
Amped Replay – A Case Study Of The Organisational Rollout Within Avon & Somerset Police
Amped Replay: ‘the video player for cops’, ‘the CCTV viewer that just works’, ‘VLC on steroids’. This case study, explained by David Spreadborough, Forensic Analyst at Amped Software, shows the power behind the software and looks at how that power has been harnessed by a UK Police Service…
NTFS Artifacts Analysis
The New Technology File System (NTFS) is a file system developed and introduced by Microsoft in 1995. It was produced to overcome some limitations and offer new features…
Iran Tried To Buy Malware From Russian Cybercrime Forums
Iran has tried to purchase wiper malware from Russian underground forums that can help hackers irreversibly remove computer data…
Read More (Iran International Newsroom)
British Library hailed by UK cyber agency for its response to ransomware attack
The interim head of Britain’s National Cyber Security Centre (NCSC) said the British Library “should be applauded” for refusing to pay an extortion fee to the criminals behind a ransomware attack last year…
Evidence of Program Existence – Amcache
A fairly newer artifact, but extremely valuable and important, is the “Amcache” hive. Much like “Shimcache”, the Amcache hive can be used to prove that a file had presence or existed on a system…
Disrupting a Grandoreiro malware operation
In January this year, Brazilian authorities announced the arrest of five administrators behind a Grandoreiro banking trojan operation…
Microsoft Office Alerts (“OAlerts”)
Did you delete an email message in your Outlook Inbox and then empty the Deleted Items folder? Are you adamant an email was in your Inbox and now it is gone, and nothing exists in the Deleted Items folder…?