±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36232
New Yesterday: 4 Visitors: 152

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Latest Forum Posts

 
 Topics   Replies   Author   Views   Last Post 
  Does iphone log photo last accessed times? 1 Zenutna 328   Thu Nov 21, 2019 10:25 am 
msbettyhunt
  Convert .AD1 image to DD raw image 9 grizzlydigital 1261   Thu Nov 21, 2019 5:06 am 
grizzlydigital
  Image of MacBook Pro 3 roncufley 641   Wed Nov 20, 2019 8:58 pm 
roncufley
  How can I find out dates of auto-logins set/disabled on Mac? 3 samsacksons 574   Wed Nov 20, 2019 7:07 pm 
dandaman_24
  CP case - Emule - interpretation of dates from known.met 3 jfranck 518   Wed Nov 20, 2019 5:37 pm 
Rich2005

What's Happening In Forensics - Nov 20, 2019

Wednesday, November 20, 2019 (21:31:54)
Oleg Afonin talks about the forensic analysis of Synology NAS devices.

Alexis Brignoni shares a realm database storage primer for digital forensic examiners.

Amped show how to resize images with Amped Replay.

Passware announce a new partnership with BlackBag.

OpenText announce their Heroes at the conclusion of the Enfuse conference.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (375 reads)

How To Use Magnet AXIOM In Mac USB Investigations

Wednesday, November 20, 2019 (20:07:38)
Hey everyone, Trey Amick from Magnet Forensics here. Today we’re talking about Mac USB investigations, and what happens when we’ve been alerted that a USB has been inserted into an end point.

Different organisations handle USB policies differently. Some have alerting mechanisms in place for when USBs are detected, while others may encrypt the drive when it’s inserted into the end point. Other organisations may block the external drive from being mounted altogether, or may only allow specific external drives to be used by employees. Lastly, we have some organisations that tell staff it’s against policy to use USBs, but don’t take any additional steps to further protect the end point.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (274 reads)

Can Your Investigation Interpret Emoji?

Wednesday, November 20, 2019 (19:27:10)
by Christa Miller, Forensic Focus

Emoji are everywhere — including in your evidence. Used across private-messaging apps and email, social media, and even in passwords and account names, emoji are pictographic representations of objects, moods, and words. They’re a convenient shortcut for users who want to convey tone and emotion in digital communication without using a lot of words.

Preston Farley, a Special Investigator with the Federal Aviation Administration (FAA), believes “emoji will emerge as a prominent form of communication sooner rather than later,” and that there are potential ramifications for digital forensics examiners and investigators when it comes to analyzing and testifying about emoji.

Presenting at the Techno Security and Digital Investigations conference in Myrtle Beach in June 2019, Farley explained that emoji present two distinct challenges.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (261 reads)

Viber Messenger Extraction In Oxygen Forensic Detective

Wednesday, November 20, 2019 (17:45:13)
Viber is a cross-platform voice over IP and instant messaging software operated by Rakuten. The software app is provided as freeware for Android, Apple iOS, Microsoft Windows, macOS and Linux platforms. Initially the messenger was developed in 2010 by the Israel-based Viber Media, which was then bought by Rakuten in 2014. According to Statista, there were over 1.1 billion registered users as of March 2019.

Viber’s official website states the app offers end-to-end encryption and the encryption keys only exist on user’s devices. Additionally, they state no data is stored on the Viber server and that messages are only temporarily stored when they cannot be delivered to the mobile device.

French Agency Uses Chip-Off Technique To Solve A Critical Case

Wednesday, November 20, 2019 (17:42:57)
By: Christophe Gabay, MSAB Area Sales Manager

Recovering data from mobile devices continues to bring new challenges to investigators, and using “chip-off” and Joint Test Action Group (JTAG) methods have become topics of growing interest in the law enforcement community.

When a mobile device is damaged or locked, the chip-off and JTAG methods are among the best alternative solutions for examiners looking to gain access to the memory.

JTAG is an advanced level data acquisition method which involves connecting to a device’s Test Access Ports (TAPs) and instructing the processor to transfer the raw data stored on connected memory chips. When supported, JTAG-ing is an extremely effective technique that can let examiners extract a full physical image from devices that aren’t supported with standard methods.

What's Happening In Forensics - Nov 19, 2019

Tuesday, November 19, 2019 (13:03:35)
NirSoft release a new tool, MobileFileSearch, allowing users to search files on a mobile device attached to their computer.

Arman Gungor shares some updates to Forensic Email Collector.

DFRWS has a brand new website - take a look and register for the 2020 events!
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (878 reads)

Walkthrough: XRY Photon Manual

Tuesday, November 19, 2019 (12:47:23)
XRY Photon is a solution designed for recovering smartphone app data that’s inaccessible through normal extraction techniques. Now the power of XRY Photon has been expanded to cover hundreds of additional apps, with a new manual option.

Before using XRY Photon, always check the XRY device manual first, to see if an app is supported, because that’s always the fastest route.

In this demonstration, we’ll show you how our new manual option works by extracting the conversation from the Instagram app.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (374 reads)

How To Use Griffeye Brain – Artificial Intelligence

Tuesday, November 19, 2019 (12:46:43)

The Griffeye Brain in Analyze DI Pro version 19.2 brings the power of machine learning and artificial intelligence to help you quickly locate and identify child sex abuse material within your investigations.

In addition, the Griffeye Brain now has improved object detection, allowing for multiple objects to be located within the same image. In this video, we’re going to discuss how to use the newly updated Griffeye Brain plugins with your investigation, to maximise efficiency and decrease time spent searching for relevant files.

The Griffeye Brain can now harness the power of your graphics card or GPU to analyze your case for CSA and objects roughly five times faster than running it on a CPU.

Read More

  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (337 reads)

Join Magnet Forensics In Nashville On May 11-13 For Magnet User Summit 2020

Tuesday, November 19, 2019 (12:33:25)
Magnet User Summit is coming back to the Sheraton Grand Nashville Downtown in Nashville on May 11-13 — join us to learn the latest trends and best practices in digital forensics and digital evidence.

Register today and save with early bird rates!

In addition to having the chance to network with your peers, we’re bringing lectures and industry speakers to MUS 2020. You’ll get a good look at the exciting trends and best practices in the digital forensics industry as a whole.

And with our hands-on labs, you’ll have a chance to use Magnet AXIOM and Magnet AXIOM Cyber on real case files to learn how you can maximize its use in your investigations.

BlackBag Partners With Passware To Provide Full Disk Decryption In New Release

Tuesday, November 19, 2019 (12:27:26)

BlackBag Technologies announces a new partnership with the leader in encrypted electronic evidence discovery and decryption, Passware.

BlackBag Technologies announced a partnership with Passware ahead of the upcoming release of BlackLight. BlackLight quickly analyzes computer volumes and mobile devices to shed light on user actions. With easy searching, filtering and sifting through large data sets, it’s simply the best option available for smart, comprehensive analysis.