±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35390
New Yesterday: 2 Visitors: 107

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Belkasoft Evidence Center 9.5 Aims To Help In Corporate Investigations

Thursday, April 18, 2019 (17:34:27)
Belkasoft releases a major update to Belkasoft Evidence Center, the company’s flagship digital forensic solution. The new release adds a number of features to help IT security staff analyze incidents and perform remote investigations, investigate hacking attempts and analyze evidence across case boundaries. With this update, Belkasoft Evidence Center aims to help companies investigate incidents occurred on their corporate network or corporate mobile devices.

More details: https://belkasoft.com/bec95-press-release

Magnet Forensics Releases New Free Tool: MAGNET App Simulator

Thursday, April 18, 2019 (16:29:41)
Magnet Forensics is excited to share a new free tool with the digital forensics community, the MAGNET App Simulator.

The MAGNET App Simulator gives visualization to Android applications found during your investigation. Allowing for the examiner to load application data from Android devices in your case into a virtual environment, the MAGNET App Simulator enables you to view and interact with the data as the user would have seen it on their own device.

Download the MAGNET App Simulator for free here.

Obtaining Critical Real-Time Evidence From The Cloud

Thursday, April 18, 2019 (14:07:23)
Vladimir Katalov presents his research at DFRWS EU 2018.

There is quite a lot of information on the smartphone, that’s probably the most available source now for all the data, including the private data, business data, a lot of [passwords], documents, mails, and everything else. And we have to find a way how to get that effectively and fast.

There are several methods acquiring the data from the smartphones. There are some that work well on a lowest level, through JTAG or chip-off, when I just read the memory from the device. That method, unfortunately, doesn’t work for most modern devices, because all the data is encrypted there or there is simply no debug port or there is a full-disk encryption there.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1010 reads)

Introducing Mobile Device Investigator

Wednesday, April 17, 2019 (15:08:32)
With an ever increasing number of adults owning a smartphone, it is no wonder that more and more crimes now commonly require mobile device evidence collection and analysis.

Mobile Device Investigator™, is a new digital investigation tool built from the ground up to leverage ADF Solutions’ powerful digital forensic investigation platform. Mobile Device Investigator (MDI) enables anyone to quickly conduct iOS and Android investigations on-scene or in the lab. Whether you are handling Child Exploitation cases, fraud, terrorism or performing any type of investigation, Mobile Device Investigator is the new powerful tool you’ll want in your toolkit. Join Rich Frawley, a Digital Forensic and Training Specialist, to see how MDI empowers the investigators to:

+ Collect - quickly determine smartphone evidence that is relevant to your case
+ Analyze - visualize and save case specific items of evidentiary value
+ Report - create prosecutorial ready reports to back up your decisions

JOIN THE WEBINAR: Tuesday, April 23, 2019

https://www.adfsolutions.com/intro-to-mobile-device-investigator

Forensic Focus Forum Round-Up

Wednesday, April 17, 2019 (12:44:15)
Welcome to this month’s round-up of recent posts to the Forensic Focus forums.

Forum members discuss how to image a server with RAID 5.

Can you recommend some good website capture applications?

How would you image a Dell 5290 2 in 1 tablet? Share your thoughts on the forum.

Athulin gives an in-depth explanation of how to find out whether an individual is using a remote access tool.

Forum members discuss the examination of Vuze config files.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1626 reads)

New Mobile Device Investigator™ From ADF Solutions For iOS/Android Smartphones

Wednesday, April 17, 2019 (11:41:21)
ADF Solutions’ new mobile forensic software launches!

The Mobile Device Investigator™ software tool is user-friendly and requires minimal training since it is designed to be operated by front line police, sheriffs, field agents, and investigators. Users can connect a suspect device via USB port to quickly collect evidence and perform a fast logical acquisition of up to 4GB of data per minute. Qualified professionals can request a free trial of Mobile Device Investigator™ at www.tryadf.com.

Mobile Virtual Network Operators (MVNOs) In The US

Wednesday, April 17, 2019 (10:02:18)
by Patrick Siewart

Increasingly, cellular records and their associated location information are being used in civil litigation, where previously they were considered to be a “law enforcement only” tool. But in the age when users carry at least one smartphone with them at all times, the location data with regard to calls / texts / data usage can be crucial evidence in certain cases. These include insurance fraud investigations, domestic / custody / cohabitation matters and personal injury cases.

As we’ve detailed in previous articles, there are five main US-based cellular carriers: Verizon Wireless, AT&T, Sprint, T-Mobile & U.S. Cellular. But what about those not on the list of five? What about Boost or Straight Talk or Virgin Mobile or Cricket or Tracfone or… the list goes on and on. Well, these carriers are all what are known as mobile virtual network operators or MVNOs.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (299 reads)

Oxygen Forensics Announces New Director Of Training Hire

Tuesday, April 16, 2019 (15:14:47)
Oxygen Forensics has announced the hire of digital forensics expert, Keith Lockhart as its Director of Training.

Lockhart previously served as Vice President of Strategic Programs for AccessData Group for 15 years, leading digital forensics training solutions for Local, State, Federal and International Law Enforcement agencies as well as worldwide corporate entities and law-firms involved in the prevention, investigation, and prosecution of high-technology crime.

Now Released: XRY 7.12, XAMN 4.2 And XEC Director 5.0

Monday, April 15, 2019 (14:28:13)
Today, MSAB released new versions of our product suites – XRY, XAMN and XEC – with many significant new and improved capabilities to help investigators, examiners and other users work faster, smarter and more efficiently.

Among the highlights are faster Android extractions and significantly improved Android and iOS app support in XRY, plus a time-saving intelligent free text search function, many user experience improvements and a new export wizard in XAMN. The new version of XEC Director gives supervisors the ability to collect more granular information on user levels for improved management and efficiency.

XRY 7.12 adds support for 342 mobile devices and apps, bringing the total number of supported devices and app profiles to 27,118.

This summarizes additional highlights in each product.

Building Stack Traces From Memory Dump Of Windows x64

Monday, April 15, 2019 (12:10:48)
Yuto Otsuki discusses his research at DFRWS EU 2018.

Yuto: Thank you, chairperson. I am Yuto Otsuki, a researcher at NTT Secure Platform Laboratories in Japan.

Today, I’d like to talk about building stack traces from memory dump of Windows x64. Now, as you know, malware is widely used for various cyberattacks. To fight against such attacks, forensic analysis is a conventional approach. And stack traces play an important role in memory forensics, as well as program debugging. Stack traces become a clue to uncover what malware has actually done on the host. However, unfortunately, traditional techniques don’t work for memory dump of Windows x64 environment.

We propose a new method for building stack traces from such memory dump. I’ll start talking from background.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (2844 reads)