14th August 2025

Enterprise Turns To AI For Speed And Accuracy In DFIR
Hero Image

Magnet Forensics explores how AI is revolutionizing speed and accuracy in DFIR....

Read More
Breaking Digital Barriers: Galaxy S25 & Z Flip Fully Supported

Breaking Digital Barriers: Galaxy S25 & Z Flip Fully Supported

14th August 2025

Gain full filesystem access to the latest Samsung Galaxy devices with MD-NEXT....read more

Digital Forensics Round-Up, August 13 2025

Digital Forensics Round-Up, August 13 2025

13th August 2025

Read the latest DFIR news – evidence of Kohberger’s detailed murder preparations, an alarming rise in child sextortion cases, Brian Carrier’s new mini-course on automation and AI in forensics, and more....read more

Well-Being In Digital Forensics And Policing: Insights From Hannah Bailey

Well-Being In Digital Forensics And Policing: Insights From Hannah Bailey

12th August 2025

Hannah Bailey shares her journey from frontline policing to founding Blue Light Wellbeing, explaining why culturally-aware mental health support is crucial for DFIs and frontline workers....read more

Analysis of hidden data in the NTFS file system

First published January 2006 Cheong Kai Wee Edith Cowan University ckw214@yahoo.com Abstract Criminals with sensitive information such as crime records tend to hide/encrypt this information so that even if their computers are collected by police department, there is no evidence

Analyzing Exchange and mbox e-mail files using Free and Open Source Software

First published December 2005 Mike Harrington, CFCE EnCE linuxchimp@gmail.com Innovative Digital Forensic Solutions, L.L.C. Mark Lachniet, CISA CISSP mlachniet@analysts.com Analysts International Table of Contents 1.Document Overview 2.LIBPST/LIBDBX 3.Locating Exchange .dbx/.pst Files 3.2 Locating files in the filesystem 3.2.1 Deleted Files

Real-Time Steganalysis

First published October 2005 A Key Component of a Comprehensive Insider Threat Solution James E. Wingate, CISSP-ISSEP, CISM, IAM Director, Steganography Analysis & Research Center (SARC) and Vice President for West Virginia Operations Backbone Security.Com and Chad W. Davis, CCE

Digital forensics of the physical memory

First published September 2005 Mariusz Burdach Mariusz.Burdach@seccure.net Warsaw, March 2005 last update: July 11, 2005 Abstract This paper presents methods by which physical memory from a compromised machine can be analyzed. Through this methods, it is possible to extract useful

The Enhanced Digital Investigation Process Model

First published September 2005 Venansius Baryamureeba and Florence Tushabe barya@ics.mak.ac.ug, tushabe@ics.mak.ac.ug Institute of Computer Science, Makerere University P.O.Box 7062, Kampala Uganda www.makerere.ac.ug/ics May 27, 2004 Abstract Computer crimes are on the rise and unfortunately less than two percent of the

An Analytical Approach to Steganalysis

First published August 2005 by James E. Wingate, CISSP-ISSEP, CISM, IAM Director, Steganography Analysis & Research Center www.sarc-wv.com Chad W. Davis Computer Security Engineer Backbone Security.Com www.backbonesecurity.com Introduction Rapidly evolving computer and networking technology coupled with a dramatic expansion in

Smart Anti-Forensics

First published June 2005 by Steven McLeod steven mcleod@ozemail com au May 2005 EXECUTIVE SUMMARY This paper highlights an oversight in the current industry best practice procedure for forensically duplicating a hard disk. A discussion is provided which demonstrates that

Phone hacking: Police probe suspected deletion of emails by NI executive

Police are investigating evidence that a News International executive may have deleted millions of emails from an internal archive, in an apparent attempt to obstruct Scotland Yard’s inquiry into the phone-hacking scandal. The archive is believed to have reached back

Data: The Basics of Computer Forensics

First published June 2005 by Edward Pscheidt www.edwardpscheidt.com Everything is created on a computer. To be more precise, almost everything that is the subject of litigation was created on a computer. Be they letters, blueprints or company books, the vast

An Investigation Into Computer Forensic Tools

First published June 2005 K.K. Arthur & H.S. Venter Information and Computer Security Architectures (ICSA) Research Group Department of Computer Science University of Pretoria Pretoria This material is based upon work supported by Telkom, IST and the NRF through THRIP.

Developing A Framework For Evaluating Computer Forensic Tools

First published May 2005 by Colin Armstrong Curtin University of Technology School of Information Systems WA Australia Abstract Forensic science is the application of science to those criminal and civil laws that are enforced by police agencies in a criminal

The Forensic Chain of Evidence Model

First published May 2005 Improving the Process of Evidence Collection in Incident Handling Procedures by Atif Ahmad Department of Information Systems, University of Melbourne, Parkville, VIC 3010, Australia Abstract This paper suggests that administrators form a new way of conceptualizing

The Essentials Of Computer Discovery

First published May 2005 by Joan E. Feldman, President Computer Forensics Inc. www.forensics.com I. INTRODUCTION Chances are good that the date you scheduled, the letter you wrote, and the inter-office message you just read have all been recorded on magnetic

Description of the FAT fsstat Output

First published May 2005 by Brian Carrier reproduced with permission from The Sleuth Kit Informer, Issue 18 Overview The output of many TSK tools is relatively easy to understand because each tool has a specific focus. For example, the outut

SpyCloud: Intel Agencies Look to Keep Secrets in the Ether

Dropbox for files, Google for mail, iCloud for well, everything. Average citizens have all kinds of options for storing their information in the cloud. Now, spies want in. Soon, our nation’s secrets may take on a slightly more nebulous form.

Interview with Scott Burkeman, Warner Scott Recruitment

"The market has been up and down in recent years, which has been characterised by the state of the wider economy. With the government cuts in public spending, there has been much uncertainty within the public sector, which has resulted