archives

Digital Forensics

This tag is associated with 135 posts

Unreal Steganography: Using A VR Application As A Steganography Carrier

by Stuart Wilson This report focuses on the use of virtual reality as a potential steganography carrier file to avoid detection of forensic analysis applications commonly used within law enforcement. The goal is to show how a virtual reality game/environment can be made with little training, what file types can be stored within it and … Continue reading

Finding And Interpreting Windows Firewall Rules

by Joakim Kävrestad Determining with whom and in what way a computer has communicated can be important and interesting in several types of examinations. Communications can be an important part of analyzing if and how a computer has been remote controlled or with whom the computer has shared information. It can also be a good … Continue reading

Techno Security & Digital Forensics 2019 – San Antonio Sept 30 – Oct 2

From the 30th of September to the 2nd of October 2019, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Antonio, TX, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments. Below … Continue reading

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer.  Historically, digital forensic timeline analysis has been broken down into two parts:  ‘Timeline’ to describe changes associated with temporal file metadata in a file system. In … Continue reading

Industry Roundup: Image Recognition And Categorization

by Christa Miller, Forensic Focus The need for image recognition and categorization has never been more in demand thanks to the spread of extremist propaganda, child sexual abuse material (CSAM), and other illicit activity across the internet. Because of the sheer amount of material online, investigators assigned to these kinds of cases need ways to … Continue reading

Fighting Crime With Data: Law Enforcement In The 21st Century

by Paul Hamrick, Nuix Executive Summary Law enforcement investigations have long been influenced by developments in technology; after all, new technologies create new ways for criminals to profit and new sources of evidence. Law enforcement needs to keep up with the times, dealing with technological developments in areas like firearms, automobiles or more recently, digital … Continue reading

Case Study: Extracting And Analyzing Messenger Data With Oxygen Forensic Detective

by Nikola Novak It‘s a great pleasure to share my experience of working with Oxygen Forensic Detective, which was a crucial tool in solving one of my cases. A father of a minor girl contacted me, worried his daughter was in suspicious society and probably had been consuming marijuana. His wife accidentally found traces of … Continue reading

How To Use Cross-Case Search With Belkasoft Evidence Center

by Yuri Gubanov Diving deeper may be the key to the eventual success of a digital forensic investigation. This is true not only when it comes to a single given case, but also when it comes to intersections between different cases.  Sometimes, a person being investigated may have associates who are problematic, or who have … Continue reading

My Digital Forensics Career Pathway

by Patrick Doody Let me start by introducing myself. I’m Patrick, 39 years of age and from a working-class background. I’ve lived in London all my life, my parents moved to the UK from Southern Ireland when they were young and started a new life together and a family. I am the youngest of two … Continue reading

How To Read A Moving Low-Quality License Plate Using Amped FIVE’s Perspective Stabilization And Perspective Super Resolution

Thanks to TV series and movies, people nowadays believe that when it comes to digital images and videos, everything is possible. Some of you may remember the “never-ending enhance” sequence in Blade Runner or the magic zoom they have in CSI. Then we turn to reality, where cameras with poor components, coupled with Digital Video … Continue reading

From Crime To Court: Review Principles For UK Disclosure

by Hans Henseler UK Law Enforcement agencies are facing significant challenges related to digital evidence disclosure in criminal prosecution cases. Suspects who are charged with a crime must have access to all relevant evidence to ensure a fair trial, even if the evidence can undermine the prosecution. To avoid disclosure errors and ensure that digital … Continue reading

The Opportunity In The Crisis: ICS Malware Digital Forensics And Incident Response

by Christa Miller, Forensic Focus Malware aimed at industrial control systems (ICS) is nothing new. Nearly 10 years have passed since Stuxnet first targeted the supervisory control and data acquisition (SCADA) systems and programmable logic controllers (PLCs) associated with centrifuges in Iran’s nuclear program. Since then, Havex, BlackEnergy 2, and Crash Override / Industroyer have … Continue reading

Leveraging DKIM In Email Forensics

by Arman Gungor My last article was about using the Content-Length header field in email forensics. While the Content-Length header is very useful, it has a couple of major shortcomings: Most email messages do not have the Content-Length header field populated If the suspect is aware of this data point, the integer value in the Content-Length header … Continue reading

How To Image To A Network Repository With Logicube’s Forensic Falcon-NEO

Welcome to Logicube’s tutorial on the Falcon-NEO forensic imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, or using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In this episode we’ll show you how to image from a physical drive connected to the … Continue reading

Facebook’s Privacy Manifesto: What Does It Mean For Digital Forensic Investigations?

by Christa Miller, Forensic Focus Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the News Feed era.”  Zuckerberg’s opening statement draws a distinction between the “digital equivalent of a … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,225 other followers