±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 35110
New Yesterday: 1 Visitors: 128

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Latest Forum Posts

 Topics   Replies   Author   Views   Last Post 
  iOS 12.4.0 jailbroken traces BlackBag 6 TinyBrain 389   Sat Feb 16, 2019 10:22 pm 
  Huawei Spying 30 TinyBrain 4479   Sat Feb 16, 2019 10:15 pm 
  IdentityTheft Flipside Process 4 TinyBrain 412   Sat Feb 16, 2019 8:18 am 
  WhatsApp - Secret Key 0 the_Grinch 134   Fri Feb 15, 2019 9:45 pm 
  Youtube removed clip 5 TinyBrain 370   Fri Feb 15, 2019 11:41 am 

Email Forensics: Investigation Techniques

Friday, February 15, 2019 (11:49:34)
by Chirath De Alwis

Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails in their critical business activities such as banking, sharing official messages, and sharing confidential files. However, this communication medium has also become vulnerable to attacks. This article focuses on email architecture and existing investigation techniques used by forensic investigators.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (412 reads)

Forensic Focus Forum Round-Up

Thursday, February 14, 2019 (12:43:35)
Welcome to this round-up of recent posts to the Forensic Focus forums

Which tools would you recommend for extracting data from iCloud?

Can you help gostep to extract usernames from a FileVault 2 encrypted image?

How would you work out when and how BitLocker was enabled on a Windows 10 machine?

Discussions continue about how to define a scale of confidence for digital evidence.

Can you help USMC85 with a research project for their degree?
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (360 reads)

Oxygen Forensic Detective Supports Parrot Drones And Uncovers BlaBlaCar Trips

Thursday, February 14, 2019 (11:05:00)
Oxygen Forensics has released an update to its flagship product, Oxygen Forensic® Detective, introducing advanced features to support Parrot drone flight logs extracted from either an installed mobile app and even a physical dump along with the exclusive ability to extract and parse BlaBlaCar and CoverMe data.


The nefarious use of recreational drones is already a part of many of today’s news stories. Keeping this in mind, we’ve introduced two new features in our robust drone forensics module – extending our support to now include Parrot drones and detailed parsing of DJI drone flight logs.

Parrot drone support. Our prior releases have supported data parsing from FreeFlight Pro, the official piloting mobile app for Parrot drones. However, the new version now delivers an ability to import and parse Parrot’s flight logs extracted from either an installed mobile app and also a drone physical dump. Now investigators can see geo coordinates containing timestamps and metadata that includes: altitude, velocity, ground speed, Wi-Fi signal, battery level, current satellite numbers, and more. The extracted flight history can be visualized with our built-in Maps.

DJI drone flight logs. The ability to import DJI drone logs has been a part of Oxygen Forensic Detective, but with this release, our JetEngine module will also support these valuable logs. Investigators now will be able to import DJI log flight logs and parse additional technical data, like drone acceleration, gyroscope and temperature details to name a few.

Adding APFS Support to The Sleuthkit Framework

Thursday, February 14, 2019 (10:05:22)
Joe Sylve discusses his work at DFRWS USA 2018.

Joe: So, as [Brad said], my name is Joe Sylve, I’m the Director of Research & Development at BlackBag Technologies. I’m going to talk about some work that we’ve done to integrate APFS support into the Sleuth Kit framework.

I was going to say that this might be a little bit of an awkward talk for me, but I’m not in a Santa suit, so I’m not going to say that anymore.

Joe: But the overview here is that we’ve got pretty full support for APFS and TSK, but the awkward part is that I can’t give it to you yet. Yeah, boo. BlackBag has been very nice and agreed to allow me to release the work. It’s just going to be released “soon”, because our commercial competitors haven’t really come close yet. But I would say [crosses fingers] … six months?

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (444 reads)

BlackBag Technologies Launches Introduction To Forensics Course

Monday, February 11, 2019 (13:33:14)
Stay up to date with the most current, relevant, and credible training in the industry with BlackBag's comprehensive multi-device investigation training course: Digital Forensic Basics. Whether you are first learning the fundamentals forensic investigation techniques or interested in seeing BlackBag’s tools in action, this course is an excellent fit for any forensic professional who could benefit from a full scenario-based investigative tutorial, regardless of prior use of BlackBag tools.

The Reliability Of Clocks As Digital Evidence Under Low Voltage Conditions

Monday, February 11, 2019 (11:27:06)
Jens: Yes, hello! I am Jens-Petter Sandvik from the NTNU, a Norwegian university of science and technology. I am doing a PhD there. Also working in the police with digital forensics, I’ve been practicing digital forensics for last 12 years. But now I decided to do some academic work also.

The background for this talk is from my court case in Norway I was working with. We had … it’s like a telephone, mobile phone, and we had evidence of the clock being adjusted back for 24 hours in time, at a very interesting time for the investigation. They found the database entries actually, SQLite, entries from database that showed that the ID number was increasing but time suddenly was turned back 24 hours.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (731 reads)

Child Abuse Images Hidden In Crypto-Currency Blockchain

Thursday, February 07, 2019 (11:48:07)
Images of child sexual abuse have been found embedded in the system powering a high-profile crypto-currency.

Somebody added the illegal images to the core ledger of Bitcoin Satoshi Vision (BSV) by using a payment processor.

This ledger, known as the blockchain, is a running record of crypto-currency transactions, shared among users of the platform.

Experts have warned that abuse of blockchain tech is a growing problem.

Read More (BBC)
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (1034 reads)

Webinar: Online Investigation Of A Real-World Trafficking Case

Tuesday, February 05, 2019 (15:54:09)

By: Paliscope (peer company to Griffeye)
Date: 2019-02-12
Time: 15.00 CET (9 am EST)
Speaker: Christian Berg, CEO & Founder of Paliscope
Info: Law Enforcement Only

Susteen Brings New Mobile Forensics Field Technology To Europe & Asia

Tuesday, February 05, 2019 (12:59:45)
European agencies can now have quick access to Susteen’s DATAPILOT 10 Field Triage Device. This new affordable device allows agencies to instantly access evidence data from cell phones in the field. This data can be viewed on scene or sent back to the lab for analyzing through a variety of tools already at your disposal. Susteen’s software is created in the United States of America and Schippers IT will allow for European customers to have quick access to stock of the device.

The DATAPILOT 10 is already in use throughout the United States and has recently been introduced throughout Europe. With this new device, agencies can greatly improve their digital forensic arsenal and increase their capability for acquiring evidence data immediately. The device’s cutting-edge ability to mirror anything that can be seen on the phone, gives the investigator the ability to acquire data from encrypted applications and more. Priced at only €1,500, the device is an affordable tool for a forward thinking agency that looks to make actionable decisions in the field in real-time.

Interview With Matt McFadden, Director of Training, BlackBag Technologies

Tuesday, February 05, 2019 (12:06:57)
Matt, you've recently been appointed Director of Training at BlackBag Technologies. Tell us about your role and what it involves.

The role of Director of Training involves working with many of the teams here at BlackBag. Primarily, I have the pleasure to work on the excellent instruction team developing and delivering solid digital forensic training for MacOS, iOS, and Windows examinations. I have reviewed the current course offerings and am impressed by their depth and quality.

Our team also maintains three industry-recognized certifications - Certified BlackLight Examiners, Certified Mobilyze Operator, and the Mac and iOS Certified Forensic Examiner. This role actively engages various groups such as Software Development, Product Management, Marketing, Support, and Sales in many projects.

Read More
  • Posted by: scar
  • Topic: News
  • Score: 0 / 5
  • (893 reads)