archives

Digital Forensics

This tag is associated with 87 posts

Giving Back In DFIR

by Jessica Hyde, Magnet Forensics A few months back I was on my way to BSides NoVa, having a conversation with someone competing in the CTF about where his team would donate the prize money to if they won. I suggested some organizations related to helping young people learn about Information Security. A few hours later, … Continue reading

Techno Security & Digital Forensics 2018 – San Antonio September 17-19

From the 17th to the 19th of September 2018, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Antonio, Texas, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is an overview of … Continue reading

Using IMAP Internal Date for Forensic Email Authentication

by Arman Gungor Internal Date is an IMAP Message Attribute that indicates the internal date and time of a message on an IMAP server. This is a different timestamp than the Origination Date field found in the message header and can be instrumental in authenticating email messages on an IMAP server. Let’s start with an example. The perpetrator … Continue reading

Electromagnetic Side-Channel A‚ttacks: Potential For Progressing Hindered Digital Forensic Analysis

by Asanka Sayakkara, Nhien-An Le-Khac & Mark Scanlon Abstract Digital forensics is a fast-growing €field involving the discovery and analysis of digital evidence acquired from electronic devices to assist investigations for law enforcement. Traditional digital forensic investigative approaches are o‰ften hampered by the data contained on these devices being encrypted. Furthermore, the increasing use of IoT devices with … Continue reading

Deep Learning At The Shallow End: Malware Classification For Non-Domain Experts

by Quan Le, Oisín Boydell, Brian Mac Namee & Mark Scanlon Abstract Current malware detection and classification approaches generally rely on time consuming and knowledge intensive processes to extract patterns (signatures) and behaviors from malware, which are then used for identification. Moreover, these signatures are often limited to local, contiguous sequences within the data whilst … Continue reading

Techno Security Myrtle Beach 2018 – Recap

by Scar de Courcier This article is a recap of some of the main highlights from the Techno Security & Forensic Investigation Conference 2018, which took place in Myrtle Beach, SC from the 3rd-6th June 2018. Under the sunny skies of South Carolina, the digital forensic community got together at the beginning of June this year … Continue reading

Apple iPhone Forensics: Significant Locations

by Patrick Siewert, Principal Consultant, Pro Digital Forensic Consulting I recently attended a conference of civil litigators in Virginia. During the cocktail hour and after a very interactive CLE presentation on “Leveraging Data in Insurance Fraud Investigations”, I was talking with a few attendees about the different types of data available to them in their … Continue reading

Digital Forensics Resources

by Scar de Courcier One of the most frequent questions I’m asked by digital forensics students is about resources: where can they go to continue learning, where can they find out more about the industry, what are the best blogs and social accounts out there for DFIR people? The below is by no means an … Continue reading

ADR512 Testing

by Andrey Fedorov The purpose of this article is to find additional information about the capabilities, specifics, and USPs of the ADR512 Android Data Recovery program. A full description of this software can be found here. Developers from 512 BYTE, who created the software, invited specialists from digital forensics lab Gross to test it.  Let’s … Continue reading

Searching And Filtering Emails When Forensically Collecting Mailboxes

by Arman Gungor When mailboxes are forensically preserved for eDiscovery or digital forensic investigations, their contents are almost always searched and filtered. Filtering emails helps overcome time, scope and cost constraints and alleviates privacy concerns. There are two main ways of filtering emails—before and after the forensic acquisition. Each method has its pros and cons, … Continue reading

Using Technology To Get Results: Think Outside The Silo

by Johann Hofmann, Griffeye In an article series of three, published in the Interpol Newsletter, Griffeye explores the possibilities of technology in digital media investigations. In this second article, Johann Hofmann, Director & Head of Griffeye, talks about the limitations for investigators working in silos. We explore what happens if investigators can’t access, use or share critical information … Continue reading

Changes To Forensic Laboratory Accreditation Requirements – ISO/IEC 17025

by Tim Alcock ISO/IEC 17025:2017 – General requirements for the competence of testing and calibration laboratories is the principal international standard for the accreditation of laboratories performing testing (including sampling) and/or calibration. Originating from ISO/IEC Guide 25, the standard has been through several iterations culminating in the latest version released in November 2017.   ISO/IEC 17025:2017 … Continue reading

Techno Security & Digital Forensics 2018 – Myrtle Beach 3rd-6th June

From the 3rd to the 6th of June 2018, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in Myrtle Beach, South Carolina, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below is … Continue reading

Finding Metasploit’s Meterpreter Traces With Memory Forensics

by Oleg Skulkin & Igor Mikhaylov Metasploit Framework is not only very popular among pentesters, but is also quite often used by real adversaries. So why is memory forensics important here? Because Meterpreter, for example – an advanced, dynamically extensible Metasploit payload – resides entirely in the memory and writes nothing to the victim’s drive. In … Continue reading

2018 Nuix Insider Conference Recap

by Jessica Lyford Close to 300 customers, partners, and guests converged at the Royal Lancaster London for Nuix’s annual Insider Conference last week to share their experience using Nuix or to learn something new to address their data, cybersecurity, risk, and compliance challenges. The scale of this year’s event symbolizes Nuix’s growth within the region, … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,112 other followers