±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 34614
New Yesterday: 3 Visitors: 217

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Digital Forensics, Computer Forensics, eDiscovery

Interview With Sheldon Feinland, VP Of Sales, BlackBag

Friday, October 19, 2018 (11:23:16)
Sheldon, you're VP of Sales at BlackBag. Tell us about your role: what does a day in your life look like?

At BlackBag, I am responsible for the revenue of the entire company. I plan and work with several other team members on the go to market strategy. This includes figuring out exactly who are we selling to, what we can sell them to help meet their needs, where the customer is, and how are we going to approach the marketplace.

A typical day involves working with current and prospective customers on solving their needs with our solutions. I speak to customers to understand how they are using our solutions and what they would like to see in future releases. Partners (resellers, consultants, and other software companies) play a major role in our strategy, so during the day I am usually talking to many of them.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (35 reads)

Executing Windows Command Line Investigations

Thursday, October 18, 2018 (12:46:32)
by Chet Hosmer, Joshua Bartolomie and Rosanne Pelli

Reviewed by Scar de Courcier, Forensic Focus


Ensuring the integrity of evidence is one of the most important parts of the digital forensic investigation process, and yet according to some reports it is one of the most frequently overlooked in courses on the subject.

The title of Hosmer, Bartolomie & Pelli's book is Executing Windows Command Line Investigations While Ensuring Evidentiary Integrity, and as far as I can tell it is the only book that gives a step-by-step guide to the Windows command line for DFIR practitioners.

Sensibly, the book begins with a discussion of the impact of Windows command line investigations. Not only does this set the scene for why the book's subject is important, it also helps investigators to understand some of the situations in which command line investigations might be necessary and some of the vulnerabilities they might come across.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (309 reads)

Register For Webinar: Overcoming Email Preservation Challenges

Thursday, October 18, 2018 (11:18:49)
Email evidence often plays a pivotal role in digital forensics investigations and eDiscovery. When preserving emails from the cloud, forensics experts have to consider issues such as multi-factor authentication, running-in-place searches on the server before the acquisition, handling server errors and throttling, privacy issues, and time constraints.

In this webinar, we will discuss how to overcome such challenges with the right tools and workflow. You will also be able to join the conversation and ask questions live!

Join Arman Gungor for a 60-minute webinar where you'll learn:

- How to acquire emails from mailboxes without having to learn the custodian's password.
- How law enforcement agencies can preserve emails from suspects' mailboxes using existing browser login sessions.
- What you can do to complete an acquisition successfully if the process gets interrupted due to network errors or server throttling.
- How you can run comprehensive, in-place searches on Gmail, Exchange, and IMAP servers before the acquisition.
- How to document your process effectively during a forensic email collection.

Presenter: Arman Gungor, Metaspike

Thursday, October 25, 2018 at 11 AM (PDT)

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (229 reads)

Requirements In Digital Forensics Method Definition: Observations From A Study

Wednesday, October 17, 2018 (13:39:34)
by Angus M. Marshall & Richard Paige

During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements in the methods and a reluctance or inability to disclose requirements on the part of tool producers. This leads to a break in evidence of correctness for both tools and methods, resulting in incomplete validation. They compare the digital forensics situation with other ISO 17025 accredited organisations, both forensic and non-forensic, and propose a means to close the gap and improve validation. They also review existing projects which may assist with their proposed solution.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (378 reads)

Review Of Data Pilot 10 From Susteen

Tuesday, October 16, 2018 (12:49:23)
by Scar de Courcier

Susteen’s Data Pilot 10 aims to make it easier for digital forensic examiners to acquire evidence from mobile devices in the field and analyse it back in the lab. In this review we will take a look at some of the Data Pilot’s key features and how it functions in a field environment.

The first thing that strikes you about this device upon removing it from the box is how rugged it is. It has a rubberised exterior that looks like it could deal with some fairly rough handling, and it has covers on all ports for protection. There is also dust and water resistance built in, and it's IP66 certified for water resistance and milspec.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (350 reads)

5 Ways Size Makes A Difference In Forensics

Tuesday, October 16, 2018 (11:12:26)
Forensics is frustrating, like most situations, when you lack the right tools.

Work in the field tests and proves theories discussed in an office. In theory, forensic solutions are needed, but they can’t come in a package the size of a house or at the cost of a new car.

Agents in field, need to have a forensic solution that’s not too big. It needs to fit in the palm of your hand. Who has the space to carry it in a suitcase or lug a desktop computer around.

In short, then, here’s our Top 5 Ways Size Makes a Difference

1. Size Matters
2. Tough and Rugged
3. It’s currently missing from your toolkit
4. Mobile Forensic Solutions Can Now Be in The Field
5. Give the Lab Guys Better Sourced Field Evidence

Data Pilot 10 Field Acquisition Device

Techno Security TX 2018 – Recap

Monday, October 15, 2018 (17:57:54)
This article is a recap of some of the main highlights from Techno Security TX 2018, which took place in San Antonio, Texas from the 17th-19th September.

The conference had four tracks: forensics; information security; audit / risk management; and investigations, along with sponsor demos. Forensic Focus attended the forensics and investigations tracks during the event.

Magnet Forensics’ Jessica Hyde opened the conference with a discussion on the proliferation of devices. With 20 billion connected devices projected to be online by 2020, this is a growing concern in the industry. And considering that the results of our latest survey show that data triage is one of the biggest challenges investigators face, it’s certainly a topic that requires attention. Hyde also mentioned the importance of verification and validation in the industry.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (415 reads)

Enhanced WhatsApp Support And Much More Available In Magnet AXIOM 2.6

Monday, October 15, 2018 (08:49:11)
Magnet AXIOM 2.6 is bringing big updates to Magnet AXIOM Cloud with WhatsApp backups, iCloud and Cloud Administrator account support. Together with improvements to Magnet.AI and to overall performance, AXIOM 2.6 demonstrates our commitment to being the gold standard for usability.

Try it for yourself now! If you’re a customer, download AXIOM 2.6 right now either in-app or in the Customer Portal. If you want to try AXIOM 2.6 for yourself, request a trial today.

Findings From The Forensic Focus 2018 Survey

Friday, October 12, 2018 (12:25:12)
Earlier this year, Forensic Focus conducted a survey of its members to find out a bit more about them, their roles in the industry, and common challenges facing digital forensic practitioners today. Below is a brief run-down of the results.

First of all, some demographic details. The majority of our members are situated in either the USA (36%) or the UK (22%). Other countries represented include Australia, Belarus, Belgium, France, India and Poland. 89% of respondents were male, and 11% female.

Law enforcement was the most popular sector, with 39% of respondents; slightly behind it at 35% were people working in the corporate sector. Among those who answered ‘Other’ were retired people, consultants, and individual freelancers. The vast majority stated their position as ‘Analyst’, with ‘Technician’, ‘Director’ and ‘Manager’ closely behind.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (640 reads)

Oxygen Forensics Enhances Cloud And Decryption Capabilities

Friday, October 12, 2018 (11:11:28)
Oxygen Forensics has released the latest version of its flagship product, Oxygen Forensic® Detective. The new set of features builds on 18 years of digital forensics capabilities to support the growing needs of investigators with expanded support for smartphones in addition to new tools to examine connected home devices, smartwatches, and encrypted cloud data when involved in criminal activity.

“Increasingly, the ‘eyes and ears’ of our personal digital networks – smartwatches, connected home devices, and other technologies that respond to our voices or movements – are the most reliable witnesses to a crime,” explained Lee Reiber, COO of Oxygen Forensics. “With this new version of Detective, we aim to empower investigators in solving their toughest cases using the most detailed data available by overcoming roadblocks and collecting more data from the central nervous system of these networks, the cloud.”