archives

computer forensics

This tag is associated with 117 posts

Digital Forensic Techniques To Investigate Password Managers

by Dr Tristan Jenkinson In part one we discussed the importance that data from password managers can play. In part two, we look at aspects an investigation may include from a digital forensics perspective. How Password Managers Can Be Investigated Using Digital Forensics Evidence of Usage of Password Management Systems Finding evidence that a password … Continue reading

How To Digital Forensic Boot Scan A Mac With APFS

by Rich Frawley  In this short 3-minute video, ADF’s digital forensic specialist Rich Frawley shows how to boot a MacBook Air (APFS, non-encrypted) with Digital Evidence Investigator. The ADF digital forensic team is hard at work putting the finishing touches on the complete package: Enabling FileVault support at boot Allowing the input of credentials, much like … Continue reading

Digital Forensics For National Security Symposium – Alexandria, VA, December 10th-11th

On the 10th and 11th of December 2019, the inaugural Digital Forensics For National Security Symposium will take place in Alexandria, VA, USA. Below is an overview of the subjects and speakers that will be featured at the event. Tuesday December 10th Registration will be open from 8:00-8:45am, after which Retired Special Agent Jim Christy … Continue reading

How To Conduct A Live Forensic Scan Of A Windows Computer

Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator.  Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target … Continue reading

How To Use Magnet AXIOM In Mac USB Investigations

Hey everyone, Trey Amick from Magnet Forensics here. Today we’re talking about Mac USB investigations, and what happens when we’ve been alerted that a USB has been inserted into an end point. Different organisations handle USB policies differently. Some have alerting mechanisms in place for when USBs are detected, while others may encrypt the drive … Continue reading

Can Your Investigation Interpret Emoji?

by Christa Miller, Forensic Focus Emoji are everywhere — including in your evidence. Used across private-messaging apps and email, social media, and even in passwords and account names, emoji are pictographic representations of objects, moods, and words. They’re a convenient shortcut for users who want to convey tone and emotion in digital communication without using … Continue reading

How To Use Griffeye Brain – Artificial Intelligence

The Griffeye Brain in Analyze DI Pro version 19.2 brings the power of machine learning and artificial intelligence to help you quickly locate and identify child sex abuse material within your investigations. In addition, the Griffeye Brain now has improved object detection, allowing for multiple objects to be located within the same image. In this … Continue reading

How To Save Time With XAMN’s Dynamic Artifact Count Feature

At MSAB, we’re always looking to improve our software and make every product more user-friendly, intuitive, and valuable; and to help save you time. We’ve recently improved the way that XAMN displays and counts artifacts. Let’s take a look at the new functionality. We’ve opened this case in XAMN, and from the start we can … Continue reading

How To Boot Scan A Microsoft Surface Pro

Hi, I’m Rich Frawley, and I’m the Digital Forensic Specialist with ADF Solutions. Today we’re going to conduct a boot scan of a Microsoft Surface Pro with BitLocker activated. At this point you have decided on a search profile, or search profiles, to use and prepared your collection key. When conducting a boot scan, Digital … Continue reading

How To Export Media Files From BlackLight Into Semantics21

So before we go to export our files from BlackLight to S21, what we will normally do is we will run the hashes against our case. In this case what we’ve done is we’ve already run these hashes against BlackLight, and as you can see, S21 has been run and it’s showing complete. These are … Continue reading

Cost-Effective Tools For Small Mobile Forensic Labs

by Alex Moeller As the costs associated with running a mobile devices forensic laboratory can be considered to be high, this article is aimed at providing alternative options for small organisations or individuals looking to reduce overheads.  Case Management Tools There are numerous case management systems available online which are free to download, and premium … Continue reading

Walkthrough: What’s New In XAMN v4.4

Hello and welcome to this video about what’s new in XAMN 4.4. I’m going to take you through ten new improvements, as you can see listed here in the latest release of the XAMN application. Let’s get straight on to the product so we keep this video as short as possible for you. This is the … Continue reading

What Changes Do We Need To See In eDiscovery? Part V

by Harold Burt-Gerrans Welcome to Part 5. As promised in Part 4, I’ll start by discussing recursive de-duplication. Recursive De-Duplication: Using Aliases Within De-Duplication I can’t count the number of times that clients have complained about x.400/x.500 addresses in emails. Unfortunately, if the collected data comes with those address structures and not fred@xyz.com, we’re stuck with … Continue reading

How To Use Amped DVRConv To Quickly Convert And Make Playable Proprietary CCTV Video

by Blake Sawyer, Amped Software When I worked for the police department, I was constantly pulled in a lot of different directions. To keep a good turnaround time for the nearly 200 requests we had each month, I was constantly looking for tools to automate or ease the load. Amped FIVE was a great resource … Continue reading

How To Collect And Share Digital Evidence Files With Prosecutors

In this short How To video, digital forensic specialist Rich Frawley will show you how to collect and share digital evidence files with prosecutors and third parties using ADF Software. This video is ideal for learning how to share evidence with prosecutors for review. If you are tasked with the collecting specific files or collecting … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,276 other followers