Crypto Crime – No Such Thing?
Nick Furneaux discusses covert tools, memory forensics, and crypto investigations on the Forensic Focus podcast.
memory forensics
Robert Jan Mora, Principal Threat Investigator, Volexity
FF: Tell us about your background and how you ended up as a Principal Threat Investigator at Volexity?
That is an exciting story to tell, I guess. My background is that I started my career in law enforcement in the
The Trojan solved the Bhima Koregaon case!
By RJM
How proper file, malware, and memory forensics techniques were able to catch the ModifiedElephant threat actor planting incriminating evidence on defendants’ computers in India.
Disclaimer: The views, methods, and opinions expressed at Anchored Narratives are the author’s and
The Wisdom of the Heap: Mesh It up by Weaving Data Structures
In this short presentation, Trufflepig Forensics’ Aaron Hartel and Christian Müller present some early stage research about the volatility of data in memory as data structures change version to version.
Session Chair: We’re now going over to memory forensics and
Memory Forensic Analysis of a Programmable Logic Controller in Industrial Control Systems
Winner of the Best Student Paper Award at DFRWS-EU 2022! Muhammad Haris Rais describes a step-wise approach to analyze the memory of specific PLCs, and subsequently find a generic framework applicable to all PLCs. By following a methodology that focused
PEM: Remote Forensic Acquisition of PLC Memory in Industrial Control Systems
Winner of the Best Paper Award at DFRWS-EU 2022, Nauman Zubair proposes a new memory acquisition framework to remotely acquire a programmable logic controller (PLC)’s volatile memory while the PLC is controlling a physical process.
Session Chair: Welcome Nauman, happy
Defining Atomicity (and Integrity) for Snapshots of Storage in Forensic Computing
In this video from DFRWS-EU 2022, Jenny Ottmann revisits the discussion on quality criteria for “forensically sound” acquisition of such storage and proposes a new way to capture the intent to acquire an instantaneous snapshot from a single target system;
Extraction and Analysis of Retrievable Memory Artifacts From Windows Telegram Desktop Application
In this video from DFRWS-EU 2022, Pedro Fernandez-Alvarez describes research focused on the Telegram Desktop client, in particular the client process contents in a Windows system’s RAM.
Session Chair: We are now in the topic of memory forensics, and we
Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies
The company will continue the development of Comae’s memory analysis platform and seek to incorporate its capabilities into existing solutions
Magnet Forensics announced the acquisition of the strategic IP assets of Comae Technologies, a cybersecurity firm that specializes in incident
DFRWS-EU 2022: The Future of Digital Forensics Is Now
Moving digital forensics forward in terms of methods and frameworks, as well as organizational and cross-cultural collaboration, was an overarching theme of this year’s European Union edition of the Digital Forensics Research Workshop (DFRWS).
After 40 years, mainstays like file
Leveraging Intel DCI for Memory Forensics
Hello, and welcome to my DFRWS US 2021 talk about leveraging Intel DCI for memory forensics. My name is Tobias Latzo and I’m in the security research group of the Friedrich-Alexander University Erlangen-Nürnberg in Germany, which is led by Felix
JTAG-Based Memory Acquisition Framework
Hello everyone. My name is Muhammad Haris Rais. I am a PhD student at SAFE lab – Security And Forensics Engineering lab at Virginia Commonwealth University. The lab is led by Dr. Irfan Ahmed and is mostly focused around industrial
Is More Efficient, Accessible Memory Forensics Possible?
Christa: Memory forensics is a mainstay of incident response. Its relevance and necessity only growing with time, as encryption technology has become more integrated, especially in consumer devices. Yet memory forensics is neither intuitive nor simple.
Looking to change that
Seance: Forensic Divination
Hi everybody, my name is Ryan Maggio. I am a recent graduate from the Louisiana State University and today I’m going to be presenting a project called Seance that was worked on by myself, Andrew Case, Aisha Ali-Gombe and Golden
Duck Hunt: Memory Forensics of USB Attack Platforms
Matthew: Welcome to our presentation. I’m Matthew Piscitelli.
Tyler: And I’m Tyler Thomas.
Matthew: And we performed memory forensics on USB attack platforms. This work was supported by National Science Foundation Grant number 1921813. We looked at two USB attack
Research Roundup: New Tools And Techniques And Ensuring Their Quality
The month of May saw a robust, diverse set of academic papers published. Tools and techniques are as present as ever — focusing that month on Windows 10 and mobile malware — but so are discussions about how to ensure
