archives

computer forensics

This tag is associated with 123 posts

Forensic Focus Legal Update December 2019 – Part II: Search And Seizure

by Christa Miller In cooperation with the National White Collar Crime Center (NW3C) and SEARCH, The National Consortium for Justice Information and Statistics, Forensic Focus offers a quarterly roundup of the latest legal developments around digital forensic evidence. Comprising major legislation and case law from around the country, this guide is intended to help our … Continue reading

How To Parse AirDrop Artifacts In Magnet AXIOM

Hey everyone, Trey Amick from Magnet Forensics here. Today we’re going to be looking at a new set of artifacts specific to Mac investigations, which will be released as part of the AXIOM 3.8 release. Today we’re going to be looking at dedicated AirDrop artifacts that AXIOM can now parse out. AirDrop is a service … Continue reading

Enfuse 2019 – Recap

by Mattia Epifani The Enfuse Conference, organized by OpenText, took place from the 11th-14th of November 2019 at the Venetian Conference Center in Las Vegas. More than 1,000 attendees from 40 countries were present, coming from different fields like digital forensics, e-discovery, incident response and cybersecurity. Most of the attendees were from the US and … Continue reading

Investigating Nonconsensual Intimate Image Sharing

by Christa Miller, Forensic Focus Nonconsensual intimate image sharing – also known as image-based sexual abuse, nonconsensual pornography, or its original slang, “revenge porn” – has been around since at least the 1980s, but didn’t become a widespread social problem until the internet – and mobile phones – became ubiquitous. So called because its perpetrators … Continue reading

How To Search For Visual Data With Griffeye Analyze DI

In this video, we’re going to discuss how to use the ‘Search’ function to help you quickly locate files of interest within your case. Analyze DI allows users to search for not only text-based information, but also visual clues as well. Adding visual clues into your workflows can really improve efficiency and help you get … Continue reading

How To Extract Credential Data Using KeyScout

Hello, this is Keith Lockhart from Oxygen Training, and this video is going to discuss the KeyScout application. The KeyScout application is one of the tools available in the tool suite concept of the Forensic Detective product. KeyScout is a standalone application that can be run locally or on the go, we’ll look at use … Continue reading

Digital Forensic Techniques To Investigate Password Managers

by Dr Tristan Jenkinson In part one we discussed the importance that data from password managers can play. In part two, we look at aspects an investigation may include from a digital forensics perspective. How Password Managers Can Be Investigated Using Digital Forensics Evidence of Usage of Password Management Systems Finding evidence that a password … Continue reading

How To Digital Forensic Boot Scan A Mac With APFS

by Rich Frawley  In this short 3-minute video, ADF’s digital forensic specialist Rich Frawley shows how to boot a MacBook Air (APFS, non-encrypted) with Digital Evidence Investigator. The ADF digital forensic team is hard at work putting the finishing touches on the complete package: Enabling FileVault support at boot Allowing the input of credentials, much like … Continue reading

Digital Forensics For National Security Symposium – Alexandria, VA, December 10th-11th

On the 10th and 11th of December 2019, the inaugural Digital Forensics For National Security Symposium will take place in Alexandria, VA, USA. Below is an overview of the subjects and speakers that will be featured at the event. Tuesday December 10th Registration will be open from 8:00-8:45am, after which Retired Special Agent Jim Christy … Continue reading

How To Conduct A Live Forensic Scan Of A Windows Computer

Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator.  Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target … Continue reading

How To Use Magnet AXIOM In Mac USB Investigations

Hey everyone, Trey Amick from Magnet Forensics here. Today we’re talking about Mac USB investigations, and what happens when we’ve been alerted that a USB has been inserted into an end point. Different organisations handle USB policies differently. Some have alerting mechanisms in place for when USBs are detected, while others may encrypt the drive … Continue reading

Can Your Investigation Interpret Emoji?

by Christa Miller, Forensic Focus Emoji are everywhere — including in your evidence. Used across private-messaging apps and email, social media, and even in passwords and account names, emoji are pictographic representations of objects, moods, and words. They’re a convenient shortcut for users who want to convey tone and emotion in digital communication without using … Continue reading

How To Use Griffeye Brain – Artificial Intelligence

The Griffeye Brain in Analyze DI Pro version 19.2 brings the power of machine learning and artificial intelligence to help you quickly locate and identify child sex abuse material within your investigations. In addition, the Griffeye Brain now has improved object detection, allowing for multiple objects to be located within the same image. In this … Continue reading

How To Save Time With XAMN’s Dynamic Artifact Count Feature

At MSAB, we’re always looking to improve our software and make every product more user-friendly, intuitive, and valuable; and to help save you time. We’ve recently improved the way that XAMN displays and counts artifacts. Let’s take a look at the new functionality. We’ve opened this case in XAMN, and from the start we can … Continue reading

How To Boot Scan A Microsoft Surface Pro

Hi, I’m Rich Frawley, and I’m the Digital Forensic Specialist with ADF Solutions. Today we’re going to conduct a boot scan of a Microsoft Surface Pro with BitLocker activated. At this point you have decided on a search profile, or search profiles, to use and prepared your collection key. When conducting a boot scan, Digital … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,291 other followers