±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 33155
New Yesterday: 2 Visitors: 195

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Latest Forum Posts

 
 Topics   Replies   Author   Views   Last Post 
  What happened to SiQuest? 3 Adam10541 580   Wed Dec 13, 2017 12:30 am 
Adam10541
  Why are the link files scattered about... 0 StreetForensics 94   Tue Dec 12, 2017 10:49 pm 
StreetForensics
  OLD Mobiles Emulator 7 einstein9 491   Tue Dec 12, 2017 7:20 pm 
Arbab
  Forensic/Mobile device investigator United Arab Emirates. 2 chrisataylor 5127   Tue Dec 12, 2017 10:33 am 
chrisataylor
  Editing Windows Event Log and a big Thank you! 3 Bunnysniper 670   Mon Dec 11, 2017 5:41 pm 
keydet89

MediaCache On Seagate drives – A Potential Problem For Digital Forensics

Tuesday, December 12, 2017 (16:03:08)
Imagine a situation where a police unit is preparing for the arrest of a person who committed a fraud with credit cards over the internet. He is using his laptop at the moment and filling the Excel file with the CC numbers.

Police officers break the door and when they are about to put on the hand cuffs, the felon smashes his laptop with something or drop it on the floor. If he is using a certain Seagate drive (families: Rosewood, Yarra, Granada…), there is a chance of losing files which can be used for digital evidence.

This potential problem can be explained as a corrupted MediaCache.

New MOBILedit 5.0 With Revolutionary Live Updates System Released

Tuesday, December 12, 2017 (13:31:24)
The new MOBILedit Forensic Express 5.0, the all-in-one mobile device examination tool, comes with a revolutionary feature - Live Updates of the app analyzer engine. It allows for quick response to new apps, their updates, new data structures and encryption. You can get the necessary updates of this forensic tool in hours or days instead of weeks or months. You no longer need to analyze app databases manually, the MOBILedit team does it for you...

PFIC & Park City - Together Again!

Tuesday, December 12, 2017 (12:50:29)
11th Annual PFIC is back where it all started, in the mountains of Park City, Utah.

We, at Paraben, have been missing the fresh mountain air. We are excited to announce that PFIC 2018 will be back at our favorite location in Park City, UT and hosted at the Park City Marriott hotel. We have announced the dates and call for speakers for PFIC 2018. The 2-day training event will be held on September 5th and 6th at the Park City Marriott hotel.
This is the 11th year of PFIC, which is renowned for bringing together top-notch speakers and excited attendees to create a high energy learning event focused on cyber-forensics. PFIC is designed so that attendees get to attend 100% of the conference by going to lectures on one day and labs on the next day; no more being stuck with the issue of picking and choosing between great topics.
  • Posted by: Shan
  • Topic: News
  • Score: 0 / 5
  • (219 reads)

MSAB And Kovar & Associates Agree To Partner On Drone Forensics Work

Tuesday, December 12, 2017 (10:11:45)
MSAB and Kovar & Associates announced today that the two companies have signed an agreement to work together to expand the drone forensics capabilities offered by MSAB.

Evidence Gathering For Network Security And Forensics

Monday, December 11, 2017 (09:58:39)
Dinil Mon Divakaran discusses his research at DFRWS EU 2017.

Divakaran: Good morning, everyone. My name is Dinil Mon Divakaran, and this work is with three other authors – Kar Wai, Ido, and Vrizlynn. We are from the A Star Institute for Infocomm Research. And as has been introduced, [00:25] Evidence Gathering for Network Security and Forensics.

So I think [00:30] takeaways from yesterday’s dinner talk was that [00:37] evidence, right? [00:42] trying to figure out if they can say something with more number of evidences. Before I start, I also would like to say that [00:57] [active borders between security and forensic attributes], kind of similar in many network security and forensic work that at least I am involved in. In the sense that the solution can be used for forensic analysis, can also be used for security analysis, offline, online, and real-time [01:19].

Read the full transcript and watch the video here.
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (307 reads)

Mobilyze 2017 R1.1 Is Now Available

Thursday, December 07, 2017 (10:32:36)
BlackBag Technologies is pleased to announce the release of the latest version of our mobile device triage tool, Mobilyze 2017 R1. New features added to this version of Mobilyze are designed to increase the capabilities of Mobilyze examiners to analyze the latest iOS and Android devices.

Improvements include:
- Support for Apple iOS 11
- Support for Android 8 Oreo
- iPhone 8 identified for full collection and analysis
- iOS 11 encrypted backups and MDM profiles detect and prompt for passwords
- Expanded Emoji support, including from the latest iOS 11.1 release

Learn more about the latest Mobilyze release.

Imaging Locked Motorola Devices Via Bootloader Exploit

Tuesday, December 05, 2017 (12:09:47)
Last-generation Android devices are gradually getting more secure, even approaching iOS-grade security in some usage scenarios. Equipped with fingerprint readers and compulsory encryption of the data partition, Android smartphones became a much tougher acquisition target compared to just a couple of years ago. In this world of increasing security, security firms go out of their way to discover usable techniques for imaging such devices. In this article, we will discuss the latest technique allowing experts to perform bootloader-level imaging and decryption of 2015, 2016 and 2017 Motorola models running Android 5.0 through 7.0.

Bootloader Lock

Before we go on to the new acquisition method, let us first have a look at Android data protection mechanisms. In this article, we’ll concentrate on three things: bootloader lock, encryption, and passcode. Let’s start with bootloader.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (826 reads)

Segmented Hashing With Atola Insight Forensic

Monday, December 04, 2017 (10:59:17)
It has been a year since Atola Technology introduced the concept of Segmented hashing, presented the open-source tool Seghash and supported it on its flagship device, Atola Insight Forensic.

While this method of hashing has a number of benefits for forensic specialists, among its strongest advantages is its applicability to damaged drives.
  • Posted by: Yulia
  • Topic: News
  • Score: 0 / 5
  • (890 reads)

Oxygen Forensics Adds 20 New Features To Launch Oxygen Forensic Detective X

Thursday, November 30, 2017 (17:06:05)
Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices, drones and cloud services, today announced that it has added almost 20 new features in its flagship product Oxygen Forensic® Detective X (version 10). Among the features, Oxygen has made its industry-leading Oxygen Forensic® Cloud Extractor even faster by using 64-bit database processing power that speeds up the entire data extraction process.

Oxygen Forensic Detective X enhances investigation abilities for forensic experts with the addition of these uniquely supported cloud services:

Mi Cloud - Xiaomi phones are growing in popularity. The Oxygen Forensic Cloud Extractor offers the industry-first ability to extract all available information from Mi Cloud via login/password or token including contacts, calls, messages, calendar and other personal data.
• Samsung Cloud backup - Forensic experts can import and parse complete Samsung Cloud backups that can be accessed via login/password or token. Backups may contain contacts, calls, messages, calendars, files and Wi-Fi history.
Samsung Cloud Gallery – Added the ability to extract live, trashed and deleted photos, videos and documents from Samsung Cloud. This data also contains geographical locations so experts can track the whereabouts of the Samsung device owner.

New Webinar Added To The AccessData Coffee Break Webinar Series

Thursday, November 30, 2017 (12:56:50)
AccessData recently added a webinar to their popular Coffee Break Webinar series—a series of 30-minute “how to” webinars targeted to the end user.

The webinar, How to identify, assess and eliminate risk with AD RTK™ will walk attendees through the features and benefits of one of the newest products from AccessData. AD RTK™ (Risk Toolkit) is a powerful new tool corporations and government agencies can use to combat problematic or sensitive data. It locates potential information risks—very often, authorized data residing in unauthorized locations, such as classified information on an unclassified network—and remediates it across the enterprise. In addition, AD RTK can run scans of thousands of computer endpoints and network share repositories once at a time or it can be scheduled for recurring jobs to ensure ongoing vigilance.

To find out more about this exciting new product, register for the webinar on 19 December 2017.
  • Posted by: hhagene
  • Topic: News
  • Score: 0 / 5
  • (748 reads)