News

This news feed is supplied with permission from the Forensic Focus website.To read more on any news snippet click on its headline.

Project Spartan Forensics

by James Gratchoff & Guido Kroon, University of Amsterdam

Project Spartan is the codename of the new Microsoft Edge browser and successor to its previous, Internet Explorer. This research paper gives insight into the current artefacts that the current development versions of Project Spartan leaves behind on workstations. The authors analysed what these artefacts are, where they are located and how can they be gathered. This research led to the conclusion that Project Spartan’s back end does not differ much from the latest Internet Explorer versions, as Project Spartan still uses similar ways to store data on the workstation it runs on. Furthermore, an open source tool has been developed to gather some of these artefacts in an automated way. The purpose of the tool is to gather the location of the artefacts not present in the database.

Read MorePosted: 27 July 2015

FT Cyber Security Summit Europe – London 22nd September

On the 22nd of September 2015, Forensic Focus will be attending the FT Cyber Security Summit in London. If there are any topics you’d specifically like us to cover, or any speakers you think we should interview, please let us know in the comments.

The second annual FT Cyber Security Summit Europe 2015 will bring together boardroom directors, chief executives, senior management and chief information security officers to discuss the current threats in cyberspace and what more should be done to build safer and more resilient businesses.

Chaired and moderated by senior FT journalists, the speakers and panellists will include a mix of corporate CISOs and senior officials from government departments responsible for helping public and private sector organisations manage their cyber risks.

Forensic Focus readers save 15% on the ticket price. Quote code FORF15 when registering online at http://live.ft.com/cybersecurity

Read MorePosted: 23 July 2015

Webinar: Mobile Chat & Social App Forensics

Date: Thursday, July 23, 2015

Registration: http://www.magnetforensics.com/mobile-forensics/mobile-chat-social-app-forensics

Presenter: Tayfun Uzun, Product Manager at Magnet Forensics

Smartphone apps that allow users to express themselves by messaging, posting, tweeting, liking, commenting, and sharing images and videos, have radically altered communication patterns. This new world of hyper-connected mobile chat and social apps is evolving at warp speed, and it seems like a new app explodes in popularity every month, with others constantly changing and adding new features.

These apps are drastically altering the field of mobile forensics, creating new demands of digital forensics examiners who are expected to stay abreast of the latest app developments in order to recover and interpret data. The Magnet Forensics R&D team tracks the latest mobile app trends in order to develop the timely artifact updates that IEF mobile module users require.

Register now at http://www.magnetforensics.com/mobile-forensics/mobile-chat-social-app-forensicsPosted: 22 July 2015

Evidence Acquisition and Analysis from Live Exchange

A great amount of legal and forensics discussion is involved when there is an investigation procedure that involves the seizing of crucial evidence from Live Exchange server. Whenever there is such an investigation, two things remain in focus

1. Identification of suspect evidence from the network
2. Collection approach that maintains exactitude of evidence

There has been an increasing effort in the theory of live imaging approaches because of the liabilities that come up when a server is taken down. In such a situation, the rules of law and evidence acquisition have caused new approaches and techniques of acquiring electronic evidence to be formed; many of these are specifically targeted at the large storage of data.

What are the data that are generally in question?

Read MorePosted: 21 July 2015

Guidance Software, Inc. Introduces Tableau Password Recovery

Guidance Software, Inc. is pleased to introduce Tableau Password Recovery, a powerful solution that accelerates dictionary-based and brute force password attacks to unlock protected files. By helping investigators access encrypted and locked files, the appliance expedites time-sensitive investigations and prevents them from becoming stalled or incomplete. The product was developed through a collaboration with leading vendors Passware and Digital Intelligence, Inc.Posted: 18 July 2015

New Belkasoft Evidence Center 7.3 Enhances Data Carving and SQLite Analytics

Belkasoft updates Belkasoft Evidence Center, the company’s flagship digital forensic solution, to version 7.3. The new release comes with significant improvements to file carving and SQLite analysis algorithms as well as the search engine. With this update, Belkasoft Evidence Center enables investigators discover more evidence faster, while raising the bar of SQLite analysis to a whole new level. In addition, the product now supports Cellebrite Link Analysis integration, and offers numerous other enhancements.Posted: 17 July 2015

Cybercriminal Darkode Forum Taken Down Through Global Action

This week, law enforcement and judicial authorities worldwide have taken down the most prolific English-speaking cybercriminal forum to date: Darkode. In an international coordinated action against the hacking forum and its users, investigators from all over the world targeted cybercriminals that were using the Darkode forum to trade and barter their hacking expertise, malware and botnets, and to find partners for their next spam runs or malware attacks.

The operation was led by the FBI and supported by Europol’s European Cybercrime Centre (EC3), with the involvement of law enforcement officers from 20 countries in and outside the European Union. The takedown and arrests were coordinated from command posts set up by the FBI (Pittsburgh, USA) and Europol’s EC3 (The Hague, the Netherlands).

Read (Europol)Posted: 16 July 2015

Nuix Appoints Paul Slater as Executive Director for EMEA Region

Nuix, a technology company that enables people to make fact-based decisions from unstructured data, today announced it has appointed Paul Slater as Executive Director for the Europe, Middle East and Africa (EMEA) region. Slater will be an ambassador and subject matter expert for the company throughout EMEA, oversee Nuix’s operations in the region and directly manage the UK-based team of subject matter experts and sales engineers.Posted: 16 July 2015