archives

scar

Scar de Courcier is an assistant editor at Forensic Focus.
scar has written 49 posts for Forensic Focus – Articles

Nuix Web Review & Analytics: Process, Search And Review Evidence In A Single Workflow

by Scar de Courcier, Forensic Focus Background Nuix Web Review & Analytics (WR&A) was created to enable analysts and non-technical investigators to collaborate on investigations. The tool allows a senior investigator or case supervisor to allocate and assign data to individuals within a case. They can then log into the web interface to look through data, … Continue reading

Mobile Forensics Monkey Wrench: iOS 10.2 and Encryption

by Patrick Siewert, Pro Digital Forensic Consulting It’s not secret to those involved in the study and practice of mobile forensics that Apple likes to throw us curve balls with almost every new iteration of the iOS operating system. It turns out, iOS 10.2 is no different (released December 12, 2016). A conversation began recently … Continue reading

Windows 10 PE for Digital Forensics

by Robin Brocks, IT Forensic Expert and Incident Responder Only a few years ago, it was a real pain creating a portable Windows on CD/ DVD or thumb drive, because the Operating System was not prepared to run on those media. There have been numerous projects and volunteers, like BartPE or the WindowsFE (Forensic Edition), to … Continue reading

Digital Forensic Investigational Tool For Volatile Browser Based Data Analysis in Windows 8 OS

by W.Chirath De Alwis, School of Computing, Asia Pacific Institute of Information Technology, Colombo, Sri Lanka Abstract Cyber security threats on sensitive resources have increased recently and it has increased the need for digital forensic analysis tools. Digital evidence can be extracted not only from hard drives but also from other memory resources of a computing device. … Continue reading

The Ugly Side of Two-Factor Authentication

by ElcomSoft Two-factor authentication is great when it comes to securing access to someone’s account. It’s not so great when it gets in the way of accessing your account. However, in emergency situations things can turn completely ugly. In this article we’ll discuss steps you can do to minimize the negative consequences of using two-factor … Continue reading

New Federal Rule of Evidence to Directly Impact Computer Forensics and eDiscovery Preservation Best Practices

by John Patzakis, X1 A key amendment to US Federal Rule of Evidence 902, in the form of new subsection (14), will go into effect on December 1, 2017. This amendment will significantly impact eDiscovery and computer forensics software and its use by establishing that electronic data recovered “by a process of digital identification” is … Continue reading

Forensic Implications of iOS Lockdown (Pairing) Records

by ElcomSoft In recent versions of iOS, successful acquisition of a locked device is no longer a given. Multiple protection layers and Apple’s new policy on handling government requests make forensic experts look elsewhere when investigating Apple smartphones. In this publication, we’ll discuss acquisition approach to an iOS device under these specific circumstances: Runs iOS … Continue reading

Touch Screen Lexicon Forensics (TextHarvester / WaitList.dat)

By Barnaby Skeggs Preamble Since the release of Windows 8, and the ‘Metro’ interface, touch screen input has been implemented in a rapidly rising number of Windows devices including Microsoft Surface Pro/Book, 2-in-1s, convertible laptops and tablets. Microsoft has catered for this trend, implementing conversion between touch/pen handwriting to computer text in software such as … Continue reading

Malware Can Hide, But It Must Run

by Alissa Torres, SANS Certified Instructor It’s October, haunting season. However, in the forensics world, the hunting of evil never ends. And with Windows 10 expected to be the new normal, digital forensics and incident response (DFIR) professionals who lack the necessary (memory) hunting skills will pay the price. Investigators who do not look at … Continue reading

InSig2 LawTech 2016 – Brussels 7th – 8th November

From the 7th – 8th of November 2016, Forensic Focus will be attending InSig2’s Law Tech Europe conference in Brussels, Belgium. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is an overview of the subjects and speakers that will … Continue reading

10 DFIR Blogs You Don’t Want to Miss

by Christa M. Miller Digital forensics is a tough job. Forensicators must evolve as rapidly as the technology does, which means being in a constant state of learning. Formal education is costly and can’t keep up. The next best alternative: learn from others’ experience. It can be a challenge, however, to share one’s forensication expertise … Continue reading

Meeting A Forensic Challenge: Recovering Data From A Jolla Smartphone

by Davide Gabrini, Andrea Ghirardini, Mattia Epifani and Francesco Acchiappati Preface During the hacking camp MOCA 2016, at the end of a talk held by Davide “Rebus” Gabrini on passcode circumvention methods on mobile devices, a bystander offered an intriguing challenge: he offered for research purposes a smartphone to find out if and how someone … Continue reading

How to Stop Worrying and Learn to Love Your Inner Impostor

by Christa M. Miller It’s pretty much impossible to work in a small, niche community like DFIR and not eventually rub elbows with a rock star. You go to a conference and get to talking with someone, and you don’t even realize until 20 minutes later — when, inspired by the conversation, you finally ask … Continue reading

CIFI Security Summit 2016 – London 6th – 7th July

From the 6th – 7th of July 2016, Forensic Focus will be attending the CIFI Security Summit in London, England. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is an overview of the subjects and speakers that will … Continue reading

Forensics Europe Expo – Recap

This article is a recap of some of the main highlights from the Forensics Europe Expo which took place at Kensington Olympia Conference Centre, London, on the 19th-20th of April 2016. Conference Highlights  The Forensics Europe Expo covers all aspects of forensics, including bioforensics and other areas unrelated to digital forensics, and is held in … Continue reading