Christa: Welcome back to the Forensic Focus Podcast. I’m Christa Miller here with my co-host, Si Biles, and this week we’re with Steve Slater, Head of Digital Forensics at Devon and Cornwall Police in the United Kingdom to talk … Read more
evidence acquisition
I Can Login Without Your Password: Data Acquisition From Web-Based Server Using Credential Attack
Hi, I’m Jaehyeok Han from South Korea. I’m going to talk about data acquisition from web based service, without password, and I used credential attack. Before presentation, I’d like to appreciate this opportunity to show our study, following contents I’ve … Read more
ICDF2C 2018 – Recap
This article is a recap of some of the main highlights from the ICDF2C conference 2018, which took place in New Orleans, LA, USA from the 10th-12th September.
The program began on Monday 10th September with the usual welcome registration. … Read more
Walkthrough: Oxygen Forensic Detective Latest Features
Within Oxygen, you’re able to not only connect one device, but several devices, and image them simultaneously. Oxygen’s extractor runs independently of Oxygen Detective, and that’s what allows you to run several different extractions at the same time, and there … Read more
Word Forensic Analysis And Compound File Binary Format
by Arman Gungor
Microsoft Word forensic analysis is something digital forensic investigators do quite often for document authentication. Because of the great popularity of Microsoft Office, many important business documents such as contracts and memoranda are created using Word. When … Read more
SSD and eMMC Forensics 2016 – Part 2
What Has Changed in 2016 in the Way SSD Drives Self-Destruct Evidence. Demystifying eMMC, M.2, NVMe, and PCI-E.
by Yuri Gubanov, Oleg Afonin
© Belkasoft Research 2016
In the first part of this article, we reviewed different kinds of … Read more
SSD and eMMC Forensics 2016
What Has Changed in 2016 in the Way SSD Drives Self-Destruct Evidence. Demystifying eMMC, M.2, NVMe, and PCI-E.
by Yuri Gubanov, Oleg Afonin
© Belkasoft Research 2016
This publication continues the series started with an article on SSD forensics we … Read more
The Future of Mobile Forensics: November 2015 Follow-Up
by Oleg Afonin, Danil Nikolaev, Yuri Gubanov
Mobile forensics is a moving target. In our recent article, “The Future of Mobile Forensics”, we described acquisition techniques that used to be state-of-the art back then. Weeks later, some things had changed … Read more
Acquiring Windows PCs
by Oleg Afonin, Danil Nikolaev and Yuri Gubanov
In our previous article, we talked about acquiring tablets running Windows 8 and 8.1. In this publication, we will talk about the acquisition of Windows computers – desktops and laptops. This class … Read more
Bitcoin Forensics Part II: The Secret Web Strikes Back
In last week’s post, we talked about Bitcoin, Tor and some of the hidden websites only accessible via Tor, such as Silk Road, which was shut down by the FBI on October 1st.
Well, just over a month … Read more
Bitcoin Forensics – A Journey into the Dark Web
There has been a lot of buzz around Tor, Bitcoin, and the so-called “dark web” (or “deep web”) since the FBI shut down the underground website “Silk Road” on Oct 1st.
As many of you already know, Tor is a … Read more
Analysis Of iOS Notes App
As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad Mini, and if they could … Read more
Forensic Imaging of Hard Disk Drives- What we thought we knew
By Todd G. Shipley and Bryan Door
(A complete copy of this white paper and its figures and diagrams can be found at www.nfdrtc.net).
WHAT WE HAVE BEEN TAUGHT
Imaging of hard drives has been the main stay of … Read more
Flash drives and acquisition
First published June 2010
by Dominik Weber, Senior Software Architect for Guidance Software, Inc.
“Take a look at this”. It started simply with that.A co-worker was looking into some strange issue with an acquisition of a flash drive. It seemed
… Read more