±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 31950
New Yesterday: 9 Visitors: 144

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Oxygen Forensics Used To Teach Students In Capitol Technology University

Thursday, March 23, 2017 (11:28:24)
Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that its flagship product, Oxygen Forensic Detective, is being used by professors teaching digital forensic classes within the BS and MS cybersecurity degree programs at Capitol Technology University in Laurel, Maryland.

“Capitol Technology University’s use of our flagship product in its digital forensic classes is wonderful validation of the robustness of our product and the real-world experience that forensics students achieve by using Oxygen in the classroom,” said Lee Reiber, Oxygen Forensics COO. “We are very proud that Capitol included us in the digital forensic courses as they train the next generation of investigators focused on the new digital landscape.”

An excerpt from Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, the textbook used by Captiol Technology University for its mobile forensic curriculum, states:

MOBILedit Forensic Express 4.0 Features Physical Analysis, 64-Bits And More

Wednesday, March 22, 2017 (14:30:54)
MOBILedit Forensic Express enters a new era by adding physical extraction and analysis, and it is now a native 64-bit application providing more power and stability for processing huge data. Version 4.0 brings in total 359 improvements making MOBILedit Forensic Express a must-have comprehensive forensic tool for any lab.

Webinar: Methods For Parsing New Applications

Tuesday, March 21, 2017 (11:30:20)
Tuesday, March 28 at 1:00PM EST / 10:00AM PST / 5:00PM GMT
Wednesday, March 29 at 9:00AM EST / 6:00AM PST / 1:00PM GMT

Every day new mobile applications are launched and made available. Often these new apps contain chat functions or other storage that can be crucial evidence in a case. However, parsing and carving for the data from these apps isn’t always immediately available from commercial forensic tools. Join Jessica Hyde, Director of Forensics at Magnet Forensics to explore new methods for discovering and parsing data from these unsupported applications. Learn how to test, find, parse, and script to obtain forensic evidence in new applications using a physical forensic image.

Presenter: Jessica Hyde, Director of Forensics, Magnet Forensics

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (821 reads)

Passware Kit 2017 v2: Supports iOS 10.2, iOS Keychain And iCloud Photo Library

Monday, March 20, 2017 (17:05:58)
The new version of Passware Kit Forensic recovers passwords for iOS 10.2 iTunes backups, WPA/WPA2 WiFi connections. Instantly extracts passwords stored in iOS Keychain. Acquires images (including deleted ones) from iCloud Photo Library. Improves performance while running on multi-GPU systems or using Distributed Password Recovery.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1041 reads)

Phill Moore's Round-Up Of This Month In Forensics

Monday, March 20, 2017 (13:23:15)
James Habben at 4n6ir explores the SCCM database in two posts, and Mark Mckinnon wrote an Autopsy Plugin to extract the relevant data.

Didier Stevens shows how to extract password history from the ntds.dit file.

Roberto Rodriguez shows how to build a sysmon dashboard on top of ELK.

Darren Freestone has shared his thoughts on the recent SHA1 collision and its impact on digital forensics.

Paul Sanderson announced a book on SQLite Forensics.

Andrea Lazzarotto has a post on extracting data from damaged NTFS drives.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (949 reads)

Belkasoft Evidence Center 8.3 Is Out with New UX and 64-bit Edition

Thursday, March 16, 2017 (13:59:18)
Belkasoft rolls out a major usability and performance update to Belkasoft Evidence Center 2017. The new release features brand new layout to simplify common tasks and speed up the routine, and comes with a 64-bit edition that significantly boosts performance and reliability when working on large cases.

Sign up to a free webinar on what's new in BEC 2017 v.8.3

Forensic Focus Forum Round-Up

Wednesday, March 15, 2017 (10:20:09)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Do you have any recommendations for image enhancement? Add your suggestions on the forum.

Forum members discuss deleted files and allocated space in EnCase.

Which job category do you put down on your car insurance forms?

Forum members help a student with questions about recovering data from a virtual machine.

Can you recommend a hex viewer that works on Mac?

Forum members discuss decompressing hyberfil.sys.

What might make the last printed date appear to be before the metadata creation date of a Word document? Chime in on the forum.

Forum members discuss how to work out which machines a specific USB device has been connected to.

Forum members give advice about how to see if an external drive with Bitlocker has been mounted on a machine.

Is it possible to truly delete a file, and if so, how? Add your thoughts on the forum.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (761 reads)

Interview With Devon Ackerman, Senior Director, Kroll

Tuesday, March 14, 2017 (11:34:32)
Devon, tell us a bit about yourself. What's your background, and what's your current role?

My name is Devon Ackerman, and I am currently a Senior Director in Kroll’s Cyber Security and Investigations practice. In this role, I have leadership over an Incident Response team as well as client engagement responsibilities and hands-on investigations.

Prior to Kroll, I served as a Supervisory Special Agent and Senior Digital Forensic Examiner for the FBI. I began my career with the FBI back in 2006 and in 2008 entered the Academy to complete training as an FBI Special Agent. After graduation from the FBI Academy, I was assigned to North Carolina, or more specifically, the “Charlotte Division” of the FBI. I was initially assigned national security investigations and related matters that shared a cyber nexus, later gaining experience in cyber and DFIR matters across the board, to include traditional criminal matters.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (603 reads)

Unscrambling Pixels: Forensic Science Is Not Forensic Fiction

Monday, March 06, 2017 (13:54:45)
by Martino Jerian, CEO and Founder, Amped Software

In every branch of forensic science, we have to fight with the falsehoods introduced by the popular series à la CSI (hence the properly called CSI effect), but probably this belief is the strongest in the field of forensic image and video analysis. From endless zooming from satellite imagery, to enhancing the reflection of a reflection of a reflection, to identifying faces or fingerprints at an unbelievable pace, we very often have to explain, even to “the experts”, what is science and what is fiction.

This is complicated also by the fact that sometimes we are able to extract information from images and videos where at a first glance there is absolutely nothing visible. However, very often we can’t do anything to improve images that to that average person, don’t look that bad.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (894 reads)

Magnet AXIOM Now Supports Signal Forensics

Monday, March 06, 2017 (12:08:08)
Encrypted chat apps can be some of the hardest nuts to crack — especially when someone is trying to cover their tracks in advance — but they can also be vitally important to an investigation.

Signal is a popular chat app with an emphasis on privacy. It uses encryption on in-transit data, and Magnet AXIOM now parses and carves for chat and comment data in the Signal app for Android smartphones.

In cases where the user doesn’t set a password, application data can often be recovered and decrypted. Even if decryption is not possible, group and user information, and information about messages can still be recovered, although the actual message and attachment content won’t be available.