±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 2 Overall: 31768
New Yesterday: 12 Visitors: 111

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News   Forums   Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Latest Forum Posts

 
 Topics   Replies   Author   Views   Last Post 
  Assitance with EnCase Servlet Deployment 0 bntrotter 58   Tue Feb 21, 2017 9:31 pm 
bntrotter
  INDEX DATA 3 yungas 274   Tue Feb 21, 2017 8:56 pm 
Thomas
  Best Advice for Beginners 5 muffhugger 994   Tue Feb 21, 2017 8:30 pm 
Thomas
  Recoverability of data from virtual machine - advice needed 2 StudentofLife 159   Tue Feb 21, 2017 8:21 pm 
athulin
  Jailbroken iPhone 2 SamBrown 510   Tue Feb 21, 2017 7:29 pm 
jjh2320

Oxygen Forensic Detective v. 9.2 Extracts And Parses WebKit Data Now

Tuesday, February 21, 2017 (11:47:45)
Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that its flagship product, Oxygen Forensic Detective 9.2, now features the ability to extract WebKit data from iOS and Android devices, saving critical time in accessing webmail and the content of visited pages.

Most criminals make their plans via the internet and those plans can leave many traces on mobile devices through the content on apps. By accessing WebKit data with Oxygen Forensic Detective 9.2, users can find all traces of data on a device that tie together and present them as evidence to authorities. This faster accessibility to critical data can make a huge difference in solving crimes when time is so important.

Forensic Focus Forum Round-Up

Tuesday, February 21, 2017 (10:04:57)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Forum members discuss how to track employees’ phones.

What kind of insurance do you have for forensic consulting?

How would you go about acquiring an iPhone remotely?

TinyBrain shares a presentation about quantum cryptography.

At what point in an investigation do you involve law enforcement? Add your thoughts in the forum.

How would you determine whether a Windows machine was running a keylogger? Chime in on the forum.

Do you have any tips for examining a TomTom XXL?

Forum members discuss Linux RAID reconstruction.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (369 reads)

Nuix Web Review & Analytics

Monday, February 20, 2017 (10:00:27)
by Scar de Courcier, Forensic Focus

Background

Nuix Web Review & Analytics (WRA) was created to enable analysts and non-technical investigators to collaborate on investigations.

The tool allows a senior investigator or case supervisor to allocate and assign data to individuals within a case. They can then log into the web interface to look through data, which will help them to assist technical investigators.

Once they have been set up, analysts can then start investingating and analysing elements of the case, even if they do not have any techncial knowledge. Quite often, the case officer will be the person who knows the case best, but they are also often the ones who have not been trained to run a given forensic product – with Nuix WRA, the idea is to enable them to use the Nuix suite of products alongside WRA by providing a non-tehcnical inferface with which they can interact.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (361 reads)

Deep Dive On Portable Case Part One

Friday, February 17, 2017 (10:08:53)
One of the most important parts of the forensic process is reporting and collaborating on findings. Magnet Forensics has built Portable Case, a feature of Magnet AXIOM and Magnet IEF to help foster that collaboration and make it more integrated, and thus less painful.

Our Director of Forensics, Jessica Hyde, and our Forensic Consultant, Jamie McQuaid are taking an in-depth look at Portable Case to help our customers understand all the benefits and features.

In part one, Jessica gives an overview of Portable Case and its benefits.

Asking A VPS To Image Itself

Wednesday, February 15, 2017 (11:19:58)
by Chris Cohen

There is a Linux Virtual Private Server (VPS) that you have been tasked to collect using a forensically sound method while ensuring confidentiality, integrity and availability. You have the password for a user who has ssh access to a shell account on that VPS and the user is in the super user group. You do not have access to the VPS control panel, and the VPS is located in a country which does not respect any legal notices from the country you are in. You need to log into the VPS via ssh and ask it to image itself.

To ensure forensic soundness we must keep any changes we make to the VPS to a minimum, to this end we will not be installing additional software. This means we will be limited to using only the default installed applications and that we will have to transmit the forensic image across the internet as it is being created. (1) To receive the image we require a Linux collection system we control with a public IP address and enough disk space for the image.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (539 reads)

Bridging The Gap Between Mobile And Computer Forensics (Webinar)

Friday, February 10, 2017 (17:44:38)
In this webinar, we will look at the trends and challenges in acquiring and analysis mobile devices. We will also discuss the techniques and workflows for optimising investigations that include mobile devices, computers, and cloud-based evidence.
Register now!

Registration For The Magnet User Summit // 2017 Series Is Now Open

Friday, February 10, 2017 (14:20:28)
You can now register for the Magnet User Summit 2017 Series.

In May, the team is heading to London and Las Vegas to bring our customers all the latest news, product features, hands-on learning, and our take on industry issues.

Interview With Victor Limongelli, Chairman & Chief Executive Officer, AccessData

Wednesday, February 08, 2017 (18:47:21)
Congratulations on being named CEO of AccessData. You previously served as President and CEO of Guidance. Why AccessData? Why now?

I’ve been in the industry since 2003, I’ve known – and competed against – AccessData for many years, and I long viewed FTK as one of the key products in forensics. After becoming Chairman in 2015, I had an opportunity to see the company up close, and when I was asked to take over as CEO I was very comfortable in the strength of the product set, the dedication of the employees worldwide, and the opportunity to grow the business. In particular, the AD Lab product struck me as the future of forensics, enabling scalability and collaboration that is not possible with the traditional, stand-alone forensics approach. That is a big focus of AccessData in 2017.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1015 reads)

Google's new AI system unscrambles pixelated faces

Wednesday, February 08, 2017 (12:26:12)
Google’s neural networks have achieved the dream of CSI viewers everywhere: the company has revealed a new AI system capable of “enhancing” an eight-pixel square image, increasing the resolution 16-fold and effectively restoring lost data.

The neural network could be used to increase the resolution of blurred or pixelated faces, in a way previously thought impossible; a similar system was demonstrated for enhancing images of bedrooms, again creating a 32x32 pixel image from an 8x8 one.

More (Guardian)
  • Posted by: jamie
  • Topic: News
  • Score: 0 / 5
  • (1488 reads)

Samsung sBrowser – Android Forensics: A Look Into The Cache Files

Monday, February 06, 2017 (19:49:53)
by Robert Craig and Michael Lambert

Samsung devices are a large portion of the Android OS market. Samsung has its own Internet Browser, “sbrowser”, installed onto their devices. All web browsers leave artifacts from user activity. The “sbrowser” cache files were similar to other browsers. An embedded source URL gave insight where the cached image came from. Looking at Internet History, cookies, and the cache file itself, an investigator can gain insight where the cached image came from and the likely web page it came from.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1821 reads)