Clik here to view.
Parallels hard drive image converting for analysis
Abstract The other day, talking to one of the analysts in Dallas, a question emerged about analyzing Parallels’ virtual machine hard drives. To my surprise, I did not find many help on this issue...
View ArticleClik here to view.
Retrieving Digital Evidence: Methods, Techniques and Issues
by Yuri Gubanov yug@belkasoft.com Belkasoft Ltd. http://belkasoft.com Abstract This article describes the various types of digital forensic evidence available on users’ PC and laptop computers, and...
View ArticleClik here to view.
Authenticating Internet Web Pages as Evidence: a New Approach
By John Patzakis [1] and Brent Botta [2] Previously, in Forensic Focus, we addressed the issue of evidentiary authentication of social media data (see previous entries here and here). General Internet...
View ArticleClik here to view.
Introduction to Penetration Testing – Part 3a – Active Reconnaissance
Apologies in advance, this is a bit of a connective blog entry – this is a big topic, and it needs some scene setting, basic understanding and several weeks worth to get the most out of it. We live in...
View ArticleClik here to view.
Firefox Forensics
I was showing someone a trick to export Firefox SQLite tables to a spread sheet, and while she is a forensics person, she had never ever heard of this trick. It is neat enough to know when working off...
View ArticleClik here to view.
Forensic Examination of FrostWire version 5
Introduction As digital forensic practitioners, we are faced regularly with users utilizing the internet to swop and download copyrighted and contraband material. Peer to peer (P2P) applications are...
View ArticleClik here to view.
Book Review: Mastering Windows Network Forensics & Investigations
Mastering Windows Network Forensics and Investigations fills an interesting niche not well addressed in the pantheon of digital forensics resources. The material is well suited for beginning and...
View ArticleClik here to view.
Generating computer forensic supertimelines under Linux: A comprehensive...
When the authors first published this paper, their intentions were to develop a comprehensive guide to digital forensic timelines in order to consolidate the many fragmented sources of information...
View ArticleClik here to view.
Evernote from a Forensic Investigation Perspective
by Stuart Clarke, Millnet Recently we have been looking at Evernote from a forensic investigation perspective, as we feel it is a great product which will grow in popularity therefore wanted to share...
View ArticleClik here to view.
Will Digital Forensics Crack SSD’s?
by Mike Sheward, a contributor to InfoSec Resources. Digital forensics is one of the most interesting and exciting fields of information security that you can ever be fortunate enough to work in, but...
View ArticleClik here to view.
Computer Analysts and Experts – Making the Most of GPS Evidence
by Professor David Last www.professordavidlast.co.uk The many companies that sell software for computer forensics have developed products for analysing satellite navigators. Police high tech crime...
View ArticleClik here to view.
New Linux Distro for Mobile Security, Malware Analysis, and Forensics
by Jay Turla, a contributor to InfoSec Resources. A new GNU/Linux distribution or distro designed for helping you in every aspect of your mobile forensics, mobile malware analysis, reverse engineering...
View ArticleClik here to view.
IPOD – Timestamps secrets
ABSTRACT This is a description how the Apple Ipod/Iphone stores the timestamps into their plist files. After an experiment we tried to order the various ways that Apple Idevices manage and store these...
View ArticleClik here to view.
Collecting and Processing Bloomberg Data
A few years ago, Bloomberg data may have been relatively unusual, however today we see Bloomberg chat and email data being collected quite frequently. Not a surprise really considering some of the...
View ArticleClik here to view.
Android Forensics
Smartphones are changing the IT and Communication landscape vastly. A Smartphone can do almost every good thing a computer can do. Today most of the corporate employee access and manage their...
View ArticleClik here to view.
The need for Transnational and State-Sponsored Cyber Terrorism Laws and Code...
Today, terrorists are making the best use of information technology to carry out their objectives. The NATO definition of cyber terrorism is “a cyber attack using or exploiting computer or...
View ArticleClik here to view.
Encrypt it, but Don’t Trust It
This is not about acquisition tools, but about understanding why we need to test our tools even if the tool was just updated. The latest and greatest tool without testing can be a risk factor just...
View ArticleClik here to view.
Why SSD Drives Destroy Court Evidence, and What Can Be Done About It
by Yuri Gubanov yug@belkasoft.com, Oleg Afonin aoleg@voicecallcentral.com Belkasoft Ltd. http://belkasoft.com Abstract Solid State drives (SSD) introduced dramatic changes to the principles of computer...
View ArticleClik here to view.
Forensic Analysis of Windows 7 Jump Lists
Forensic Analysis of Windows 7 Jump Lists Abstract The release of Microsoft Windows 7 introduced a new feature known as Jump Lists which present the user with links to recently accessed files grouped...
View ArticleClik here to view.
Unacceptable Acceptable Use Policy
Official Secrets Act warning sign on quayside at Crouch Corner, Foulness, Essex (Photo credit: Wikipedia) I had an opportunity this week to be on the receiving end of an acceptable use policy (AUP) –...
View Article