archives

scar

Scar de Courcier is an assistant editor at Forensic Focus.
scar has written 136 posts for Forensic Focus – Articles

Forensics Europe Expo London 2019 – Recap

by Jade James  This article is a recap of some of the main highlights from the Forensics Europe Expo 2019, which took place in London, UK on the 5th and 6th of March. The Forensics Europe Expo has now run for seven years and is co-located with the Security & Counter Terror Expo at Olympia … Continue reading

Burnout in DFIR (And Beyond)

by Christa Miller Quite a lot has been written over recent weeks about burnout. Not only DFIR-specific posts, first from Richard Bejtlich and then, in follow-up from Eric Huber and Brett Shavers; but also news articles including: Why Are Young People Pretending to Love Work? (The New York Times) How Millennials Became The Burnout Generation … Continue reading

How To Install And Use The Optional Thunderbolt I/O Card On Logicube’s Falcon-NEO

Welcome to Logicube’s tutorial on the optional Thunderbolt I/O card on the Forensic Falcon-NEO. In this session, we’ll show you how to install and use this card. The optional Thunderbolt I/O card connects directly to Falcon-NEO’s source or destination I/O card ports. This card allows you to image directly to or from Thunderbolt USB C, … Continue reading

Email Forensics: Investigation Techniques

by Chirath De Alwis Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails in their critical business activities such as banking, sharing official messages, and sharing confidential files. However, … Continue reading

Forensic Examination Of Manipulated Email In Gmail

by Arman Gungor Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using Outlook to edit the message and change its contents after it was received. I wanted to … Continue reading

Dissecting Malicious Network Traffic To Identify Botnet Communication

by Swasti Bhushan Deb Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to connected devices, and even propagating infection to other devices, among other things. Internet Relay Chat (IRC) … Continue reading

Scene Of The Crime: You’ve Found A Drone. What Do You Do?

by Lee Reiber, COO, Oxygen Forensics, Inc. The proliferation of recreational drones and their impact on digital incident response has dramatically increased during the last several years. In January 2018, Nextgov stated the U.S. Federal Aviation Administration (FAA) reported over 1 million drone operators registered with the United States government. This number continues to grow … Continue reading

Techno Security & Digital Forensics 2019 – San Diego March 11-13

From the 11th to the 13th of March 2019, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Diego, CA, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is an overview of … Continue reading

Walkthrough: Forensic Falcon NEO From Logicube

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session, we’ll conduct a product tour, including all of the various ports available, and show you how hard drives are connected to the Falcon NEO. At the front of the Falcon NEO you will find two USB 3.0 ports that can be used as … Continue reading

How To: Multitask With Logicube’s Forensic Falcon NEO

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session we’ll show you how to multitask. For this tutorial I have connected the Falcon NEO to a network, and from a PC on the same network I’ve logged into the unit using a web browser so that I can operate remotely. I’ve already … Continue reading

How To: Integrate LACE Carver With Griffeye Analyze DI Pro

Let’s talk about the exciting new LACE Carver Integration with Analyze DI Pro. Once you have the proper license, you can head over to your Downloads page on MyGriffeye.com and go to the LACE Carver download. Once the app package has been downloaded, we can go back to Griffeye and install it under Settings, Plugins, … Continue reading

How To: Use The File Browser Feature In Logicube’s Forensic Falcon NEO

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this session, we’ll show you how to use the file browser feature. The file browser feature of the Falcon NEO provides logical access to source and destination drives connected to the Falcon NEO. To open the file browser, click on the left-hand menu and click … Continue reading

How To: Create A Logical Image On Falcon NEO

Welcome to Logicube’s tutorial on the Forensic Falcon NEO. In this episode, we’ll show you how to perform a logical image. The logical imaging feature of Falcon NEO shortens the evidence collection process by allowing investigators to select and acquire only the specific files they need, rather than the entire physical drive. Users can create … Continue reading

Forensic Analysis Of The μTorrent Peer-to-Peer Client In Windows

by Michael R. Godfrey The μTorrent software client is the most popular BitTorrent peer-to-peer software application worldwide [1]. Contraband files such as copyrighted movies and music, child pornography and pirated content, are frequently acquired through the peer-to-peer (P2P) file sharing protocol BitTorrent. This research will include the digital forensic analysis of the μTorrent client, specifically, the … Continue reading

Requirements In Digital Forensics Method Definition: Observations From A UK Study

by Angus M. Marshall & Richard Paige Abstract During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,181 other followers