±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35110
New Yesterday: 1 Visitors: 139

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Page 2

Search on This Topic: News

[ Go to Home | Select a New Topic ]

Using Santa To Augment Forensic Investigations

Monday, February 04, 2019 (14:55:11)
Gary: Hi. The title of this talk is ‘He’s Making a List, and We’re Checking it Twice: Santa for Forensic Analysis’. I want to point out that it was very difficult coming up with this title. We had many runner-ups, including ‘I’m Telling You Why: Santa as a Forensics Tool’, ‘He Sees You When You’re Happy and Knows Just What You [Take]’, and ‘I Saw... Santa Claus’. None of those washed out, and ‘He’s Making a list, and We’re Checking it Twice’ is the title.

But you’re probably wondering who we are. I’m Gary. I’m on the Digital Forensics team at Google. I handle all security incidents, with a specialty on [00:53] last couple of years, and that’s kind of how I [fell into Santa]. And before that, I worked in the Detection team at Google, and before that, I did detection for the Federal Reserve’s National Incident Response team.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (771 reads)

Griffeye Webinar: Collaboration Workflows In Analyze DI Pro Using VICS OData

Monday, February 04, 2019 (10:47:07)

Date: Feb 13, 2019
Time: 3 pm CET (9 am EST)
Presenter: Eric Oldenburg, Law Enforcement Liaison, Griffeye

In this webinar, we will discuss how to use the VICS OData* Export function within Analyze DI Pro to seamlessly share case data between users. This functionality allows investigators to collaborate with forensic examiners, maximizing results and minimizing time spent in CSA investigations.

Sign up here

OpenText™ Solutions For All Your Digital Investigation Needs

Friday, February 01, 2019 (10:49:56)

OpenText™ acquired Guidance Software, the provider of EnCase™ cybersecurity, digital forensic investigation and e-Discovery software solutions, in 2017 and has since continued to evolve in the digital forensics market. OpenText’s digital forensic suite comprises of EnCase™ Forensic, EnCase™ Mobile Investigator and Tableau Forensic Hardware. Forensic investigators must have the right combination of forensic hardware and software to securely triage, acquire, investigate, and report the findings. EnCase™ Forensic and Tableau Forensic Hardware solutions are the market leaders in digital investigations and are the tools of choice for thousands of field agents, lab technicians, and investigators all over the world. In fact, OpenText is the only provider offering a complete set of software and hardware digital forensic solutions to help investigators during every phase of their work.

A Forensic Framework To Identify Local Vs Synced Artifacts

Friday, February 01, 2019 (10:31:58)
Jacques: Thank you. Alright. First of all, I’ll start off by thanking U-City, thanking [An], who’s my prof, who [00:13] be here today, but actually he’s teaching in Sri Lanka, so he wasn’t able to be here.

So, this presentation will be a lot less technical than some of the other ones, although it’s still very much related to forensics. The agenda will look at the motivation for why I undertook this research; what the objective was; did a quick survey of practitioners, I’ll talk about that when we get to it; we’ll go through the framework; we’ll look at the application of the framework; and then, conclusion and future work.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (902 reads)

WhatsApp Challenges: Finding Evidence With Oxygen Forensic Detective

Wednesday, January 30, 2019 (10:33:35)
With more than 1.5 billion users and 5.5 billion messages per day, WhatsApp is without a doubt the most popular messenger in the world. All messages sent using WhatsApp have end-to-end encryption, meaning they are unreadable if intercepted by anyone, including law enforcement and WhatsApp itself. More importantly, WhatsApp communications are never stored on the WhatsApp server. It is no surprise with this type of security built-in to the application it is often the choice communication platform of users with nefarious agendas. Keeping that fact in mind, it is imperative investigators are armed with methods and tools to recover this essential data.

Oxygen Forensics offers the most comprehensive WhatsApp data extraction and decryption tools in the market.

Forensic Examination Of Manipulated Email In Gmail

Tuesday, January 29, 2019 (15:40:28)
by Arman Gungor

Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using Outlook to edit the message and change its contents after it was received. I wanted to reproduce this setup and examine the results to see what we find out.

I started by performing a baseline acquisition of the target email account over IMAP—which is the same protocol Outlook would use to connect to Gmail. This allowed me to capture the Internal Date Message Attribute as well as the Unique Identifier (UID) Message Attribute for each message before any manipulation took place. I used our Forensic Email Collector to do this, but you can also capture these values by directly interfacing with Gmail’s IMAP server.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (881 reads)

Educating Judges, Prosecutors And Lawyers In The Use Of Digital Forensic Experts

Monday, January 28, 2019 (18:11:57)
Hans: Yeah, welcome this morning and thank you. I think the keynote for me was very lucky, a public prosecutor from Italy, and now I will tell about educating judges, prosecutors, and lawyers in the use of digital forensic experts.

Thank you, [Marie Angela], for the introduction. I have many different heads, and one of them is working at the Netherlands Register of Court Experts. The paper that’s in the proceedings I wrote together with Sophie van Loenhout, who was working with me at the Netherlands Register, but she left last year actually, but her colleagues are here, joining us at this conference also. Even though they are not very technical, they are involved in this registration process, and I will try to explain to you what we did.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (655 reads)

Introducing DFIR Review: Fast Peer Reviewed Research In Digital Forensics

Thursday, January 24, 2019 (18:15:51)
In digital forensics we see a lot of research that takes place outside the boundaries of conferences and academic research projects. Often someone will conduct a piece of research that's relevant to their present needs, and might post about it on social media or on their personal blog, but although these can be a handy source of information, it also can be hard to find what you're looking for and work out whether the new technique or product you are looking at is reliable and robust.

Enter DFIR Review, a new initiative which responds to the need for a focal point for up-to-date community-reviewed applied research and testing in digital forensics and incident response. DFIR Review concentrates on targeted studies of specific devices, digital traces, analysis methods, and criminal activities to help digital forensic practitioners deal with real-world issues.

Find out more on the DFIR Review website.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (906 reads)

Data-Driven Approach For Automatic Telephony Threat Analysis

Thursday, January 24, 2019 (12:56:20)
ElMouatez Billa Karbab discusses his work at DFRWS EU 2018.

Elmouatez: Hello back. Yeah. I’m here the second author, and the first one couldn’t make it. This is why I’m presenting. Thank you.

This work is entitled ‘Data-Driven Approach for Automatic Telephony Threat Analysis and Campaign Detection’. The agenda will be: introduction, where we define our problems with the problem statement; after, we discuss framework architecture, the implementation; then we provide some very first results; and after, we conclude.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (669 reads)

Register For Webinar: Valuable New Capabilities of the Tableau TX1

Tuesday, January 22, 2019 (16:02:09)
The latest free update for the OpenText™ Tableau TX1 Forensic Imager provides several exciting new features and enhancements guaranteed to improve data acquisition capabilities.
Join OpenText on January 29 at 11 am CST for a live webinar, Valuable New Capabilities of the Tableau TX1 Forensic Imager. Current or new TX1 users will learn:

How-to tips and practical use cases for using the TX1 Logical Imaging feature during an investigation
How to create forensic images of Apple computers with the TX1
How the TX1 encryption detection can save time during an investigation
Bring your questions for the live Q&A at the end of the webinar.

Presenters: Jeff Hedlesky, Forensic Evangelist, OpenText; Sunali Sagar, Product Marketer, OpenText

Date & time – January 29 at 11 am CST

Register here
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1259 reads)