Digital Forensics Round-Up, September 18 2024

A round-up of this week’s digital forensics news and views:


Why DFIR Investigative Thinking is Critical—and Why It’s So Hard to Teach

Brett Shavers emphasizes the importance of a critical investigative mindset in digital forensics and incident response (DFIR). He argues that while technical skills and certifications are widely taught, the ability to think critically and discern crucial evidence is often neglected. Brett highlights the difficulty in teaching this mindset, pointing to the lack of real-world exposure in traditional education and the limitations of on-the-job training, while offering his own book and teachings to bridge this gap for aspiring investigators.

Read More (Brett’s Ramblings)


Josh Hickman announces public availability of iOS 16, Android 14, and iOS 17 images

Binary Hick has released public images of iOS 16, Android 14, and iOS 17, hosted by Digital Corpora, for use in training, research, and testing. The iOS 17 image is an upgrade from iOS 16, with no Reader versions or non-Cellebrite formats available for iOS. Each image is packaged as a tar.gz file, with documentation and hash information provided.

Read More (Binary Hick)


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.



Free Webinar: Adventures in OSINT: The Fine Art of Extreme Open Source Intelligence 2024-06-20

Claudia Tietze speaks about the transformative power of open source intelligence (OSINT) through real-world case studies, showcasing how everyday online sources can yield crucial intelligence that even nation-states might miss. The webinar explores OSINT’s role across the Open, Deep, and Dark Web, as well as social media’s impact on intelligence gathering, with key takeaways on its growing importance in the digital age.

Read More (Vimeo)


AWS Cloud Trail Downloader V2!

David Cowen, after a busy two years at Charles River Associates, revives his blog with a major update to the AWS CloudTrail log download script he originally developed for FOR509. The updated script introduces features like auto-resume, cross-platform support, AWS CLI profiles, and improved error handling, making it more efficient for managing large-scale, multi-region CloudTrail logs. This enhanced version simplifies downloading logs, providing better progress tracking and ensuring seamless operation even after interruptions.

Read More (HECF Blog)


From Automation To Exploitation: The Growing Misuse Of Selenium Grid For Cryptomining & Proxyjacking

Cado Security has uncovered two campaigns targeting misconfigured Selenium Grid instances, deploying a sophisticated cryptominer called “perfcc.” These campaigns exploit the lack of authentication in Selenium Grid, enabling attackers to inject malicious scripts that include cryptomining and proxyjacking payloads. Cado Security’s honeypot setup helped identify the attacks, emphasizing the need for organizations using Selenium Grid to configure authentication properly to prevent such exploitation.

Read More (Forensic Focus)


University of Liverpool research highlights officers’ lack of training and understanding around digitally enabled coercive control

Research from the University of Liverpool, in collaboration with three English police forces and the College of Policing, reveals that unmanageable workloads, insufficient training, and a lack of understanding of digitally enabled coercive control are hindering investigations and victim protection. The study emphasizes the need for better digital training and resource allocation as technology increasingly plays a role in domestic abuse cases.

Read More (Policing Insight, LinkedIn)


Hybrid optimization algorithm helps detect hidden messages in digital images

Research published in the International Journal of Computational Science and Engineering presents a new approach to detecting hidden messages in digital images, advancing the field of steganalysis. Researchers from The NorthCap University in India have developed a hybrid optimization algorithm, DEHHPSO, which improves detection accuracy and reduces computational demands by over 94%, significantly enhancing the ability of law enforcement and security teams to identify covert communications embedded in images.

Read More (Tech Xplore)


Crackdown on intimate image abuse as government strengthens online safety laws

The UK government has strengthened online safety laws, making the sharing of intimate images without consent a “priority offence” under the Online Safety Act, requiring social media companies to proactively remove such content or face fines of up to 10% of their global revenue.

Read More (Gov UK)

Leave a Comment