±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35535
New Yesterday: 1 Visitors: 122

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Page 2

Webinar 101: A Crash Course In Successful Online Investigations

Thursday, May 16, 2019 (09:19:16)
Date: 2019-05-23
Time: 3 pm CEST (9 am EDT)
Speaker: Lovisa Högberg, Head of Business Development at Paliscope
Registration: Click here

Digital Forensics Challenge 2019

Monday, May 13, 2019 (09:05:59)
A new digital forensics challenge hosted by the Korean Institute of Information Security & Cryptology (KIISC), the Digital Forensics Challenge 2019 aims to expand knowledge of computer forensics and contribute to the field.

The challenge has two main categories: a Digital Forensics Challenge and a Tech Contest. Participants can take part in one or both competitions.

In the Digital Forensics Challenge, an answer sheet for each problem should be submitted with your detailed write-ups. There are five subcategories in this challenge: Anti-Forensics, Incident response, Mobile & Internet of Things, Artifact and MISC.

Each category contains five problems that are equivalent to 100, 200, 300, 400, or 500 score.

• 100-point problem: Problems that can be solved using known theories and tools
• 200-point problem: The theory is not as widely known as the 100 point problem, but it can be solved easily by knowing the principle
• 300-point problem: Problems requiring analysis know-how as they may be time consuming with known tools
• 400-point problem: Problems requiring new tool implementation. The solution is known to some extent, but it can not be solved by existing tools alone
• 500-point problem: Problems with an unknown solution
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (6702 reads)

Register For Webinar: Mobile Device Investigator For Android And iOS

Friday, May 10, 2019 (14:35:55)

Join Digital Forensic Specialist and Trainer, Rich Frawley to learn about Mobile Device Investigator™ for Android and iOS.

Register here: https://www.adfsolutions.com/mobile-device-investigator-android-ios

BlackBag's MacQuisition 2019 R1: Decrypt Physical Images From Macs With T2 Chips

Thursday, May 09, 2019 (13:59:24)

BlackBag Technologies is proud to announce the release of the first and only solution to produce a decrypted physical image of the latest Mac systems utilizing the Apple T2 chip in MacQuisition 2019 R1. MacQuisition 2019 R1 also includes several exciting updates to support the latest Mac systems you may encounter in the field. Prior logical imaging solutions, including functionality available in the earlier versions of BlackBag’s own MacQuisition tool and competing solutions like Sumuri Recon and EnCase, miss critical file system information that only this new level of physical access will be able to provide. To enhance our forensic Mac imaging tool further, we've included the following new features:

- Ability to create physical images of Macs with the Apple T2 chip
- Support for imaging APFS Fusion drives
- Capture RAM and targeted collections live on Mojave
- Support added to boot newer hardware

GrayKey Integration And A New SQLite Viewer Come To Magnet AXIOM 3.1

Thursday, May 09, 2019 (12:52:10)
The innovation of Magnet AXIOM 3.0 continues with the release of Magnet AXIOM 3.1—which is now available to download!

In this release, we’re excited to have developed our exclusive technology partnership with Grayshift by integrating the loading of GrayKey images directly within AXIOM. We’ve also introduced a new SQLite viewer to give you better access when reviewing SQLite databases. And we’ve brought support for 12 Chromium-based browsers on Android—leading to 90 new supported artifacts.

On top of these new features, we’ve continued to build on the great new features of AXIOM 3.0, with new Mac artifacts and further enhancements to Cloud acquisition (including Facebook Warrant Returns and public Twitter acquisitions), Timeline, and media categorization.

If you’re not already using AXIOM and want try AXIOM 3.1 for yourself, request a trial today.

How To Image From A Network Repository Using Logicube’s Forensic Falcon-NEO

Thursday, May 09, 2019 (08:46:24)
Welcome to Logicube’s tutorial on the Falcon-NEO Forensic Imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, and to image from a network location using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In this episode, we’ll show you how to image from a network repository to a physical drive connected to the Falcon-NEO.

Before creating a network repository on the Falcon-NEO, make sure you have full permissions to the shared resource. We strongly suggest that you contact your network administrator to ensure proper permissions have been set up.

We’ve set up a directory on the C drive of a computer that is connected to the same network as the Falcon-NEO. By right-clicking on the directory, I can verify that I have full permissions to this share.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (4655 reads)

Interview With Umit Karabiyik, Assistant Professor, Purdue University

Tuesday, May 07, 2019 (15:02:35)
Umit, you're Assistant Professor of Computer & Information Technology at Purdue University. Tell us about your role; what does a typical day in your life look like?

I identify myself as Digital and Cyber Forensics researcher and educator. As a researcher, I lead my Digital and Mobile Forensics laboratory where I conduct applied forensics research with my graduate and undergraduate students. There is an amazing culture at Purdue and we collaborate with law enforcement as well as industry for mutual research interests.

As an educator, I teach courses in our Cybersecurity (undergraduate) and Digital and Cyber Forensics (graduate) in which we focus on hands-on and active learning. My educator role never ends in the classroom or labs, it also continues during our research meetings, one-on-one meetings, and when I'm advising my students.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (5068 reads)

Following The RTM: Forensic Examination Of A Computer Infected With A Trojan

Monday, May 06, 2019 (13:57:37)
by Oleg Skulkin

Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the trojan have been sent to potential victims with admirable persistence.

From September to December 2018 the RTM group sent out more than 11,000 malicious emails. The cybercriminals, however, are not going to stop there, as evidenced by the new malicious campaigns that we track as part of our ongoing threat intelligence activities.

In this article, I am going to show how to perform forensic analysis of an image of a computer infected with the RTM banking trojan.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (5601 reads)

BlackBag Technologies Announces Partnership With Traversed

Monday, May 06, 2019 (08:35:42)

BlackBag Technologies has announced new services partnership with digital forensics, eDiscovery, and cyber training company Traversed, LLC effective immediately. The partnership will enable both BlackBag and Traversed to address growing challenges faced by examiners in the digital forensics field.

Walkthrough: Carving With Belkasoft Evidence Center

Friday, May 03, 2019 (11:14:29)
by Yuri Gubanov, Danil Nikolaev & Igor Mikhailov © Belkasoft Research

Carving is an irreplaceable technique widely used in data recovery and digital forensics. By using carving, we essentially perform a low-level scan of media for various artifacts, looking for signatures—specific sequences of bytes, characteristic of different types of data.

This also means that carving disregards files themselves in performing the byte sequence search, thus becoming extremely helpful in cases where data has been corrupted or deleted. However, its usefulness is not limited to one particular scenario. Let us take a look at various cases where carving comes in handy.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (7120 reads)