Clik here to view.
Job Hunting In The DFIR Field
by Jessica Hyde, Magnet Forensics For those who don’t know, in addition to my work at Magnet Forensics, I teach Mobile Device Forensics at George Mason University. In addition to teaching the skills...
View ArticleClik here to view.
ISO 17025 For Digital Forensics – Yay Or Nay
by Robert Merriott “Much of the digital forensic community desires to have their evidence seen in court as forensically sound and bulletproof, yet do not want to go through the rigors that other...
View ArticleClik here to view.
The Necessity Of Developing A Standard For Exchanging A Chain Of Custody Of...
by Jasmin Cosic, Miroslav Baca & Peter Grd Abstract Today there is no criminal investigation that does not contain a digital dimension. A large number of criminal offenses, whether official...
View ArticleClik here to view.
Charlatans In Digital Forensics
by James Zjalic There’s a topic that is rarely publicized in the world of digital forensics, but is well known to those within the field and stories are often traded between experts when they meet at...
View ArticleClik here to view.
Detection Of Backdating The System Clock In MacOS
by Oleg Skulkin & Igor Mikhaylov Recently we received a good question from one of our DFIR mates: “How can one detect backdating of the system clock forensicating macOS?”. This is a really good...
View ArticleClik here to view.
Memory Dump Formats
by Chirath De Alwis As in other storage devices, volatile memory also has several formats. According to the acquisition method that is in use, the captured file format can be vary. According to (Ligh...
View ArticleClik here to view.
Techno Mode – The Fastest Way To Access Digital Evidence On Damaged SSDs
by Roman Morozov, NAND Data Recovery Tutor, ACE Lab Recent statistics show that solid-state drives are getting a good share of the market of storage devices. And the popularity of SSDs is only expected...
View ArticleClik here to view.
Evidence Acquisition Using Accessdata FTK Imager
by Chirath De Alwis Forensic Toolkit or FTK is a computer forensics software product made by AccessData. This is a Windows based commercial product. For forensic investigations, the same development...
View ArticleClik here to view.
Oxygen Drone Forensics – How To Deal With A New Threat
It was not too long ago when drones were discussed we would often think of military use or large commercial type applications. However, today drones are now in the hands of hobbyists who frequently use...
View ArticleClik here to view.
Forensic Acquisition Of Solid State Drives With Open Source Tools
by Josué Ferreira Abstract From a judicial perspective, the integrity of volatile storage devices has always been a reason for great concern and therefore, it is important for a method to forensically...
View ArticleClik here to view.
Forensic Analysis of Damaged SQLite Databases
by Oleg Skulkin & Igor Mikhaylov SQLite databases are very common sources of forensic artifacts nowadays. A lot of mobile applications store data in such databases: you can also find them on...
View ArticleLaw Enforcement Professionals Need to Evaluate Digital Forensics Practices...
by L.E. “Ted” Wilson There is a fascinating constitutional showdown brewing in the U.S. that will have significant implications for how our law enforcement agencies are able to conduct digital...
View ArticleClik here to view.
Jailbreaking iOS 11 And All Versions Of iOS 10
by Oleg Afonin, Mobile Product Specialist at ElcomSoft Jailbreaking iOS is becoming increasingly difficult, especially considering the amounts of money Apple and independent bug hunters are paying for...
View ArticleClik here to view.
2018 Nuix Insider Conference Recap
by Jessica Lyford Close to 300 customers, partners, and guests converged at the Royal Lancaster London for Nuix’s annual Insider Conference last week to share their experience using Nuix or to learn...
View ArticleClik here to view.
Finding Metasploit’s Meterpreter Traces With Memory Forensics
by Oleg Skulkin & Igor Mikhaylov Metasploit Framework is not only very popular among pentesters, but is also quite often used by real adversaries. So why is memory forensics important here? Because...
View ArticleClik here to view.
Techno Security & Digital Forensics 2018 – Myrtle Beach 3rd-6th June
From the 3rd to the 6th of June 2018, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in Myrtle Beach, South Carolina, USA. If there are any topics you’d...
View ArticleClik here to view.
Changes To Forensic Laboratory Accreditation Requirements – ISO/IEC 17025
by Tim Alcock ISO/IEC 17025:2017 – General requirements for the competence of testing and calibration laboratories is the principal international standard for the accreditation of laboratories...
View ArticleClik here to view.
Using Technology To Get Results: Think Outside The Silo
by Johann Hofmann, Griffeye In an article series of three, published in the Interpol Newsletter, Griffeye explores the possibilities of technology in digital media investigations. In this second...
View ArticleSearching And Filtering Emails when Forensically Collecting Mailboxes
by Arman Gungor When mailboxes are forensically preserved for eDiscovery or digital forensic investigations, their contents are almost always searched and filtered. Filtering emails helps overcome...
View ArticleClik here to view.
ADR512 Testing
by Andrey Fedorov The purpose of this article is to find additional information about the capabilities, specifics, and USPs of the ADR512 Android Data Recovery program. A full description of this...
View Article