archives

scar

Scar de Courcier is an assistant editor at Forensic Focus.
scar has written 57 posts for Forensic Focus – Articles

Classifying Illegal Activities On Tor Network Based On Web Textual Contents

by Mhd Wesam Al Nabki, Eduardo Fidalgo, Enrique Alegre & Ivan de Paz; Department of Electrical, Systems and Automation, University of Leon, Spain & INCIBE Spanish National Cybersecurity Institute Abstract The freedom of the Deep Web offers a safe place where people can express themselves anonymously but they also can conduct illegal activities. In this paper, we … Continue reading

Internet Of Things Mobility Forensics

by K M Sabidur Rahman & Matt Bishop (University of California Davis) and Albert Holt (NSA) Abstract The Internet of Things (IoT) comes with great possibilities as well as major security and privacy issues. Although digital forensics has long been studied in both academia and industry, mobility forensics is relatively new and unexplored. Mobility forensics deals … Continue reading

Enfuse 2017 – Las Vegas 22-25 May

From the 22nd to the 25th of May 2017, Forensic Focus will be attending Enfuse (formerly known as CEIC) in Las Vegas, Nevada, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is an overview of … Continue reading

How Do Criminals Communicate Online?

Flashpoint, a business intelligence agency specialising in the deep and dark web, recently published a report on the economy of criminal networks online. The report looks not only at where criminals go to communicate on the internet, but also how their communications are structured, and the ways in which online communication has changed the criminal … Continue reading

A Survey On Data Carving In Digital Forensics

by Nadeem Alherbawi*, Zarina Shukur & Rossilawati Sulaiman; Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia Abstract Data carving is a very important topic in digital investigation and computer forensics. And for that reason research is needed to focus on improving data carving techniques to enable digital investigators to retrieve important data and evidence from damaged … Continue reading

Cellular Provider Record Retention Periods

by Patrick Siewert, Principal Consultant, Pro Digital Forensic Consulting I just returned from a fantastic few days at the Virginia Trial Lawyers Association 2017 annual conference. I spent 3 days meeting with litigators from all over Virginia about the various ways data can help in their cases. Part of the nuance of operating a digital forensic consultancy … Continue reading

Techno Security 2017 – Myrtle Beach 4th – 7th June

From the 4th to the 7th of June 2017, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in Myrtle Beach, South Carolina, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is … Continue reading

Unscrambling Pixels: Forensic Science Is Not Forensic Fiction

by Martino Jerian, CEO and Founder, Amped Software  In every branch of forensic science, we have to fight with the falsehoods introduced by the popular series à la CSI (hence the properly called CSI effect), but probably this belief is the strongest in the field of forensic image and video analysis. From endless zooming from satellite … Continue reading

Nuix Web Review & Analytics: Process, Search And Review Evidence In A Single Workflow

by Scar de Courcier, Forensic Focus Background Nuix Web Review & Analytics (WR&A) was created to enable analysts and non-technical investigators to collaborate on investigations. The tool allows a senior investigator or case supervisor to allocate and assign data to individuals within a case. They can then log into the web interface to look through data, … Continue reading

Mobile Forensics Monkey Wrench: iOS 10.2 and Encryption

by Patrick Siewert, Pro Digital Forensic Consulting It’s not secret to those involved in the study and practice of mobile forensics that Apple likes to throw us curve balls with almost every new iteration of the iOS operating system. It turns out, iOS 10.2 is no different (released December 12, 2016). A conversation began recently … Continue reading

Windows 10 PE for Digital Forensics

by Robin Brocks, IT Forensic Expert and Incident Responder Only a few years ago, it was a real pain creating a portable Windows on CD/ DVD or thumb drive, because the Operating System was not prepared to run on those media. There have been numerous projects and volunteers, like BartPE or the WindowsFE (Forensic Edition), to … Continue reading

Digital Forensic Investigational Tool For Volatile Browser Based Data Analysis in Windows 8 OS

by W.Chirath De Alwis, School of Computing, Asia Pacific Institute of Information Technology, Colombo, Sri Lanka Abstract Cyber security threats on sensitive resources have increased recently and it has increased the need for digital forensic analysis tools. Digital evidence can be extracted not only from hard drives but also from other memory resources of a computing device. … Continue reading

The Ugly Side of Two-Factor Authentication

by ElcomSoft Two-factor authentication is great when it comes to securing access to someone’s account. It’s not so great when it gets in the way of accessing your account. However, in emergency situations things can turn completely ugly. In this article we’ll discuss steps you can do to minimize the negative consequences of using two-factor … Continue reading

New Federal Rule of Evidence to Directly Impact Computer Forensics and eDiscovery Preservation Best Practices

by John Patzakis, X1 A key amendment to US Federal Rule of Evidence 902, in the form of new subsection (14), will go into effect on December 1, 2017. This amendment will significantly impact eDiscovery and computer forensics software and its use by establishing that electronic data recovered “by a process of digital identification” is … Continue reading

Forensic Implications of iOS Lockdown (Pairing) Records

by ElcomSoft In recent versions of iOS, successful acquisition of a locked device is no longer a given. Multiple protection layers and Apple’s new policy on handling government requests make forensic experts look elsewhere when investigating Apple smartphones. In this publication, we’ll discuss acquisition approach to an iOS device under these specific circumstances: Runs iOS … Continue reading