±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 34963
New Yesterday: 4 Visitors: 175

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Page 2

Atola Announces Taskforce 2018.12 With NVMe Support And Selective Imaging

Thursday, December 27, 2018 (08:25:53)
Atola Technology presents the 2018.12 firmware version for Atola TaskForce, which includes support of NVMe drives, selective imaging of sectors containing data, improved UI, etc.

Support of NVMe drives

NVMe is the latest and greatest technology in the world of storage devices. NVMe drives achieve unprecedented speeds, which has made them very popular storage elements for laptops and desktop, personal and corporate alike.
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (1255 reads)

Overcoming Apple Products for Digital Forensics

Monday, December 24, 2018 (15:07:17)

There are currently over one billion Apple products in consumer hands worldwide. Apple products often create unique challenges during data acquisition and digital investigations. Fortunately, OpenText™ EnCase™ Forensic and Tableau Forensic Hardware provide a broad range of Apple support to help you easily overcome these challenges.

In 2010, Apple began a new trend of developing proprietary connectors and form factors for their product drives. These custom drives require special adapters for investigators to image the drive contents in a forensically-sound, court-accepted manner. OpenText Tableau Hardware products have kept pace with the evolution of Apple drives. The Tableau Forensic PCIe Bridge was the first-ever portable write-blocker to allow forensic acquisition of PCIe solid-state-drives (SSD). Furthermore, the new Tableau PCIe Adapter empowers investigators to image Apple PCIe from mid-2013 – 2016 MacBook Pro, MacBook Air, and Mac Pro.

Scene Of The Crime: You’ve Found A Drone. What Do You Do?

Friday, December 21, 2018 (20:24:30)
by Lee Reiber, COO, Oxygen Forensics, Inc.

The proliferation of recreational drones and their impact on digital incident response has dramatically increased during the last several years. In January 2018, Nextgov stated the U.S. Federal Aviation Administration (FAA) reported over 1 million drone operators registered with the United States government. This number continues to grow each holiday season, when new unmanned aircraft systems (UAS) are introduced to market and users hit the streets armed with drones that can fly great distances, record crystal clear video, and carry a payload.

These systems are currently regulated by the FAA, and guidelines have been given to local law enforcement on how to handle drone incidents. However, these guidelines apply only to systems that have been registered in the United States. Those that have not been registered are currently allowed to fly and will continue to fly.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (848 reads)

MacQuisition From BlackBag

Friday, December 21, 2018 (16:28:17)

by Jade James

MacQuisition is a simple but effective tool used for imaging and data collection of iMacs, MacBooks, and Mac Pros & Minis. This tool is solely for the use with Macs, but although it is a niche product MacQuisition has many benefits.

The latest release of MacQuisition is 2018 R1.2, which is contained within a 120GB or 1TB dongle/drive. This in itself is extremely useful as it allows you to image directly to the dongle. It can also act as a collector and is ideal for data collection in situ. Booting into a dongle eliminates the need to dismantle the system to access drives, which could be problematic and could potentially result in the loss of data. The 120GB version comes with USB2.0 and USB C connector cables, allowing for use with the latest MacBook Pros and iMac Pros.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (746 reads)

BlackBag Releases APFS Source Code To The Sleuth Kit® Framework

Friday, December 21, 2018 (09:59:21)

In an effort to give back to the DFIR community, BlackBag has released its Apple File System (APFS) source code to The Sleuth Kit for examiners all over the world to use for free. Within the DFIR community, support for fundamental structures, like file systems, across tools is essential for examiners to complete their work. BlackBag Technologies has provided industry-leading support for Apple devices this past year by quickly releasing complete support for Apple’s latest file system (APFS), all of the encryption variations and APFS Snapshots. With macOS and iOS rapidly driving adoption rates of this new file system, we want to make sure examiners have access to the best and most complete support for APFS.

Passware Kit Forensic 2018 v2.1 From Passware

Thursday, December 20, 2018 (17:32:01)
by Jade James

Passware Kit Forensic is an easy to use tool which provides a ‘complete electronic discovery solution’, reporting on all password-protected items on a system and decrypting them.

Passware comes with many features, including: password recovery for 280+ file types including Microsoft Office documents, PDFs, ZIP files, QuickBooks, Filemaker, Lotus notes, Bitcoin Wallets, Apple iTunes Backups, Mac OS X Keychain and so on.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (852 reads)

Interview With Simon Crawley, Global Project Manager, MSAB

Wednesday, December 19, 2018 (19:02:58)
What is your background and how did you first come into contact with MSAB?

I was a Police Sergeant with the Met Police, deployed in Counter Terrorism Intelligence gathering, based at a major airport, with a Masters in Forensic Computing and CyberCrime Investigations. We first started looking into digital forensics in 2009. Due to the power used – Sch7 TACT 2000 - we could not afford any delay in getting the data out of any device Sch7 of TACT only allowed us to have the device for 9 hours (now only 6 hours), after which we had to return the device.

Read More
  • Posted by: scar
  • Topic: All
  • Score: 0 / 5
  • (884 reads)

Webinar: Cellebrite Advanced Services For The APAC Region

Wednesday, December 19, 2018 (16:52:40)
A new webinar, Cellebrite Advanced Services For The APAC Region, is available to view here.

Join the forum discussion here.
View the webinar on YouTube here.
Read a full transcript of the webinar here.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (924 reads)

Paliscope Webinar: Using The ICAC Package To Gather Evidence Online

Wednesday, December 19, 2018 (10:41:42)

Are you working with Internet Crimes Against Children? Join us for our webinar on January 9. We will talk about the functionality of the new ICAC Package and demo how to use the different integrated tools in Paliscope to search for more evidence online.

Digital Forensics News December 2018

Tuesday, December 18, 2018 (13:05:45)
The dates have been confirmed for PFIC 2019 - join Paraben in Utah from the 10th-13th September.

MSAB have released new versions of XRY (7.10), XAMN (4.1) and XEC (4.0).

Paliscope have integrated new tools for ICAC investigators, enabling them to search for data offline.

On the Hacking Exposed blog, Dave Cowen expands testing of the Syscache hive.

Oxygen Forensics have a new release: Oxygen Forensic JetEngine, which allows investigators to quickly parse volumes of data.

ADF's Digital Evidence Investigator is now compatible with Griffeye Analyze.

Brett Shavers has shared his thoughts on software preferences over on DFIR Training.

MediaClone have released the SuperImager Desktop NVMe and SATA Forensic Lab.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (893 reads)