±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35535
New Yesterday: 0 Visitors: 118

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Review Of Griffeye Analyze DI Pro

Friday, May 24, 2019 (12:15:00)
by Jade James

Griffeye Analyze DI Pro is used by law enforcement agencies and other national security and defence organisations for all sorts of investigations involving large volumes of media files. Although it is perhaps most well known for its application to child exploitation cases, Analyze DI Pro is not designed specifically for use in such investigations.

This tool has a wide variety of add-on functionality, meaning investigators are able to work smarter and faster with automated processes that will categorise and filter out non-pertinent material. Analyze DI Pro is designed for individual investigators, with integrated tools for sorting and efficiently analysing large volumes of media files. In a nutshell, Analyze DI Pro parses images and videos intuitively to return the best results for the user.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (476 reads)

How To Image To A Network Repository With Logicube’s Forensic Falcon-NEO

Thursday, May 23, 2019 (14:58:38)
Welcome to Logicube’s tutorial on the Falcon-NEO forensic imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, or using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In this episode we’ll show you how to image from a physical drive connected to the Falcon-NEO, to a network repository, using CIFS protocol. Make sure you have full permissions to the shared resource before attempting to create a network repository on the Falcon-NEO. We strongly suggest that you contact your network administrator to ensure proper permissions have been set up.

We have set up a directory on a computer that is connected to the same network as the Falcon-NEO. By right clicking on the directory and checking the share properties, we can verify that we have full permissions to this share. We’ll now create and mount the repository on the Falcon-NEO.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (465 reads)

Atola TaskForce v 2019.4: Imaging To Files On Target Device And Other Features

Thursday, May 23, 2019 (09:16:36)
In the year since Atola launched its new flagship product, Atola TaskForce, the product saw three major firmware updates. The latest, 2019.4 version of TaskForce firmware contains a number of features to assist our users with evidence acquisition.

First and foremost, this release introduces imaging to a file on a target device. This popular functionality allows putting a target device in Storage mode to serve as a destination for multiple image files sequentially created on the drive.

In TaskForce, the Storage mode is activated when selecting a target, and the mode will remain active while the drive remains attached to the powered on TaskForce. When a drive is put in Storage mode for the first time, it is formatted to exFAT with large cluster size (32 MB) to ensure the fastest possible imaging.
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (711 reads)

Interview With Blake Sawyer, Amped Software

Monday, May 20, 2019 (12:54:08)
Congratulations on your new role! Tell us more about your law enforcement career. How did you get into digital forensics?

Thanks so much! I am excited about the opportunity to come and work for Amped Software. I got into digital forensics in a kind of roundabout way. I earned a Computer Science degree in college and went to work for Apple. After several years of support and QA, I got involved in Audio and Video Production. That led me, eventually into working for the Plano Police Department in Plano, TX, USA in 2014.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2065 reads)

Digital Forensics News May 2019

Monday, May 20, 2019 (08:01:43)
This year's Digital Forensics Challenge from the Korean Institute of Information Security & Cryptology (KIISC) has been announced.

BlackBag's latest version of MacQuisition can now decrypt physical images of the latest Mac systems utilizing the Apple T2 chip.

Magnet AXIOM 3.1 is now available to download - it includes GrayKey integration and a new SQLite viewer.

BlackBag and Traversed have partnered up to provide examiners and investigators access to forensic services that can assist with unique cases and circumstances that require additional expertise.

Susteen's Data Pilot 10 has been updated, providing up to 50% reduction in processing time.

Cyber Sleuth Labs, an initiative to help young people get into the industry, have released a video to demonstrate what they do.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2490 reads)

Griffeye 101: Analyze DI Pro Intro Course

Friday, May 17, 2019 (14:29:55)
Date: May 28, 2019
Time: 3 pm CEST (9 am EDT)
Registration: Click here

In this webinar, you will learn how Griffeye Analyze DI Pro can help you speed through cases involving massive amounts of pictures and videos.

Facebook’s Privacy Manifesto: What Does It Mean For Digital Forensics?

Thursday, May 16, 2019 (15:38:41)
by Christa Miller, Forensic Focus

Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the News Feed era.”

Zuckerberg’s opening statement draws a distinction between the “digital equivalent of a town square” which Facebook and Instagram have helped to build over the past 15 years, and the “digital equivalent of the living room” in which more users prefer to spend time together. Most child exploitation domain experts would be quick to point out, however, that child abuse is far more pervasive in living rooms and other private spaces than it is in town squares.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (509 reads)

Is Signal Secure Enough?

Thursday, May 16, 2019 (15:36:51)
In today’s world everyone is using messenger applications. Many users prefer using messengers that have strong encryption built-in for obvious reasons from confidentiality to hiding data from investigators. One such app used by messengers due to the confidentiality and privacy they provide. Signal is one of these messengers and has been labeled one of the most widely used, next to Telegram, used by people living in regions known for corruption.

MSAB Gets Key Role In EU-funded FORMOBILE Consortium On Mobile Forensics

Thursday, May 16, 2019 (12:33:09)
May 15, 2019 – MSAB announced today that it has been selected to support the research and development efforts of the FORMOBILE Consortium, which is made up of 19 law enforcement, government, academic, and private sector organizations from across Europe. It is led by the Mittweida University of Applied Sciences. The goal of FORMOBILE is to establish a complete, end to end forensic investigation chain to support law enforcement agencies’ access to mobile device data.

Three primary objectives are being pursued:

1. Develop new tools and technologies to acquire previously unavailable mobile data, unlock mobile devices, and enable the decoding and analysis of mobile data.

2. Develop a new mobile forensics standard based on requirements defined by law enforcement

3. Develop training for the new standard and tools, to ensure consistency and high quality in investigations and mobile forensic analysis.

Forensic Focus Forum Round-Up

Thursday, May 16, 2019 (11:35:03)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Can you recommend a script for filling up NVMe storage drives with random data?

How do you find the date and time stamps of encrypted volumes mounted in Windows operating systems?

When you seize a computer, do you always check the BIOS time? Share your thoughts on the forum.

What tools would you recommend to acquire an image from a Macbook Pro?

Forum members discuss running digital forensic investigations on Windows and Ubuntu servers.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (4170 reads)