digital forensics Archives - Page 8 of 15

The Opportunity In The Crisis: ICS Malware Digital Forensics And Incident Response

12th May 202030th May 2019

by Christa Miller, Forensic Focus Malware aimed at industrial control systems (ICS) is nothing new. Nearly 10 years have passed since Stuxnet first targeted the supervisory control and data acquisition (SCADA) systems and programmable logic controllers (PLCs) associated with centrifuges

Leveraging DKIM In Email Forensics

12th May 202027th May 2019

by Arman Gungor My last article was about using the Content-Length header field in email forensics. While the Content-Length header is very useful, it has a couple of major shortcomings: Most email messages do not have the Content-Length header field

How To Image To A Network Repository With Logicube’s Forensic Falcon-NEO

12th May 202023rd May 2019

Welcome to Logicube’s tutorial on the Falcon-NEO forensic imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, or using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In

Facebook’s Privacy Manifesto: What Does It Mean For Digital Forensic Investigations?

22nd February 202316th May 2019

by Christa Miller, Forensic Focus Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the

How To Image From A Network Repository Using Logicube’s Forensic Falcon-NEO

12th May 20209th May 2019

Welcome to Logicube’s tutorial on the Falcon-NEO Forensic Imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, and to image from a network location using iSCSI. Two 10GbE ports provide

Mobile Virtual Network Operators (MVNOs) In The US

12th May 202017th April 2019

by Patrick Siewart Increasingly, cellular records and their associated location information are being used in civil litigation, where previously they were considered to be a “law enforcement only” tool. But in the age when users carry at least one smartphone

Windows Registry Analysis 101

12th May 20205th April 2019

by Chirath De Alwis Computer forensics is the process of methodically examining computer media (hard disks, diskettes, tapes, etc.) for evidence [1]. When considering computer forensics, registry forensics plays a huge role because of the amount of the data that

Techno Security And Digital Forensics Conference CA 2019 – Recap

19th May 20204th April 2019

by Mattia Epifani The Techno Security and Forensics CA conference took place between 11th and 13th March at The Hilton Torrey Pines in La Jolla (San Diego). More than 200 attendees were present, coming from different fields like digital forensics,

Using The Content-Length Header Field In Email Forensics

12th May 202029th March 2019

by Arman Gungor As forensic examiners, we often have to analyze emails in isolation without the benefit of server metadata, neighbor messages, or data from other sources such as workstations. When authenticating an email in isolation, every detail counts—we review

Forensics Europe Expo London 2019 – Recap

19th May 202018th March 2019

by Jade James This article is a recap of some of the main highlights from the Forensics Europe Expo 2019, which took place in London, UK on the 5th and 6th of March. The Forensics Europe Expo has now run

Burnout in DFIR (And Beyond)

5th August 202415th March 2019

by Christa Miller, Forensic Focus Quite a lot has been written over recent weeks about burnout. Not only DFIR-specific posts, first from Richard Bejtlich and then, in follow-up from Eric Huber and Brett Shavers; but also news articles including: Why

How To Install And Use The Optional Thunderbolt I/O Card On Logicube’s Falcon-NEO

12th May 20207th March 2019

Welcome to Logicube’s tutorial on the optional Thunderbolt I/O card on the Forensic Falcon-NEO. In this session, we’ll show you how to install and use this card. The optional Thunderbolt I/O card connects directly to Falcon-NEO’s source or destination I/O

Email Forensics: Investigation Techniques

12th May 202015th February 2019

by Chirath De Alwis Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails

Forensic Examination Of Manipulated Email In Gmail

12th May 202029th January 2019

by Arman Gungor Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using

Dissecting Malicious Network Traffic To Identify Botnet Communication

12th May 20207th January 2019

by Swasti Bhushan Deb Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to

Scene Of The Crime: You’ve Found A Drone. What Do You Do?

12th May 202021st December 2018

by Lee Reiber, COO, Oxygen Forensics, Inc. The proliferation of recreational drones and their impact on digital incident response has dramatically increased during the last several years. In January 2018, Nextgov stated the U.S. Federal Aviation Administration (FAA) reported over