±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 36107
New Yesterday: 8 Visitors: 115

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Digital Forensics, Computer Forensics, eDiscovery

How To Boot Scan A Mac With APFS And FileVault 2

Thursday, October 17, 2019 (09:43:43)
Hi, I’m Rich Frawley and I’m the Digital Forensic Specialist with ADF Solutions. Today we are going to conduct a boot scan of a MacBook Air that has APFS and FileVault 2 enabled.

At this point you have decided on a search profile or profiles to use and and prepared your collection key.

When conducting a boot scan, Digital Evidence Investigator is forensically sound. This means that no changes are made to the target media.

Prior to conducting a boot scan, establish how many USB ports are available and determine if the four-port USB hub is required. Two ports are required in order to complete a scan: one for the collection key and one for the authentication key. Once the scan has started, the authentication key can be removed.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (187 reads)

What's Happening In Forensics - Oct 16, 2019

Wednesday, October 16, 2019 (14:01:51)
Haroen Bashir of Fox-IT shows how to use machine learning to detect random filenames.

The Eclectic Light Company looks inside MacOS Catalina's unified log.

John Patzakis talks about why incident reporting requirements under GDPR and CCPA require strict protocols when dealing with breaches.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (407 reads)

What's Happening In Forensics - Oct 15, 2019

Tuesday, October 15, 2019 (15:20:18)
A new utility can now export event logs into different formats.

Amped show how to get a better visual inspection of image evidence.

US Attorney General William Barr has urged Facebook not to introduce encryption to its Messenger service, since this will impede digital forensic investigations.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (499 reads)

The Mueller Report Part 2 – What It Feels Like To Be Targeted By A Nation State

Tuesday, October 15, 2019 (15:09:36)
by Stephen Stewart, CTO, Nuix

Preface: This still isn’t about politics. It’s all about the data discussed in Part 1 of this blog series.


In Volume 1 Section III. Russian Hacking and Dumping Operations, the Mueller Report provides frightening detail about what it means to be targeted by a Nation State. The prevailing sentiment is that if you are targeted by a Nation State, it will eventually get in.

For those in the security industry, this is old news. What is interesting about the Mueller Report is that the details are included in a document that will be read by millions of ordinary people, not just security professionals.

“In total the GRU stole hundreds of thousands of documents from the compromised email accounts and networks.”

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (415 reads)

Webinar: Get The Most Out Of Your Digital Media Investigations

Tuesday, October 15, 2019 (14:40:06)

Training experts’ tips & tricks webinar (find out more about the speakers here)

Date: October 23, 2019
Time: 3 pm CEST (9 am EDT)
Registration: Click here

In this webinar, Griffeye’s training experts will walk you through a session packed with their best tips and tricks to help you make the most of Griffeye Analyze DI Pro and streamline your workflow.

What's Happening In Forensics - Oct 14, 2019

Monday, October 14, 2019 (18:01:29)
Igor Mikhailov shares his thoughts on the best digital forensic tools.

Atola give a demo of their TaskForce tool.

Sarah Edwards and Heather Mahalik share a presentation about auto forensics.

Matt Edmondson takes a quick look at MDXFIND.

The US Department of Defense is zeroing in on tech that's being used in domestic abuse cases.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (496 reads)

What Changes Do We Need To See In eDiscovery? Part II

Monday, October 14, 2019 (08:59:32)
by Harold Burt-Gerrans

Let’s continue from where we left off last time, discussing standardization. If you missed it, Part 1 was all about establishing standards. Now a bit about following standards. This will sound funny to those who know what a rebel I tend to be! Watch out, I’m about to rant…

When there are established standards, they should be followed. I’m mentioning this as a particular issue has caused some grief on a couple of recent occasions and I’ve discovered that a few industry-leading processing software applications have adopted this particular deviation from the standard. For reference supporting my arguments, I’m using the Library of Congress.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (574 reads)

A New Opening For Accessing iPhone Data

Friday, October 11, 2019 (12:24:38)
By: Joel Bollö, CEO of MSAB

The mobile forensic market is constantly changing, and changing rapidly. The latest example of that occurred very recently with the publication of a new exploit for the iPhone, the “checkm8” bootrom exploit.

The announcement of this exploit does not translate to having “instant access” to iPhones, but as a result, MSAB is confident that we will soon be able to offer our customers in law enforcement, intelligence, defense and other sectors new unrestricted capabilities to access iPhone data.

DFRWS Submission Deadline Extended To Sunday October 13th

Thursday, October 10, 2019 (15:03:51)
If you have been planning to submit a paper to DFRWS EU 2020, the submission deadline has been extended to this Sunday, October 13th.

The event will be held on 25-27th March 2020 in Oxford, UK. Papers are welcomed on a wide range of topics within digital forensics, including IoT and cloud forensics; drone analysis; case management; and triage.

Submit your proposals here: http://www.dfrws.org/node/842#proposals
  • Posted by: scar
  • Topic: All
  • Score: 0 / 5
  • (406 reads)

Register For Webinar: How To Identify Suspects Through Digital Evidence

Thursday, October 10, 2019 (12:32:58)

Getting the most out of your evidence is an issue all digital examiners face. As forensic practices and tools evolve, it is crucial to continuously update how you process and examine a multitude of evidence items from MacOS, iOS, Android, and Windows to identify the suspect.