Many jobs require writing in some form or another. Writing can range from documenting inventory of empty boxes to full-blown and extremely detailed legal briefs of a complex criminal investigation.  Your basic report writing and notetaking falls somewhere between these two ends of the spectrum. When we write, but generally, we suck at it. <I might be speaking only for myself…>. We suck at it because we don't like doing it because it is boring.

Read more at https://www.dfir.training/dfir-training-blog/no-job-is-finished-until-the-paperwork-is-done

Earlier in the year Digital Forensic Analyst Marco Neumann wrote a series of great blog posts analysing artifacts created by Skype apps (both Windows Store and Desktop versions):
 

There are few things cooler than finding that one of your forensic tools was updated with new features.  It does not matter which tool, or which new feature. There are times when some of the new features don’t apply to what I work on but are cool nonetheless as it shows that a tool is constantly being developed.  Small, new features are neat, but the major updates are usually so good that I have to immediately test it out.

Read more https://www.dfir.training/dfir-training-blog/2019-10-23-02-13-47

A total of 3 winners will be picked to each win a 3-year license of Forensic Notes!

 

 

Read more here: https://www.dfir.training/dfir-training-blog/forensic-notes-giveaway

Thursday, 03 October 2019 00:41

National Cyber Security Awareness Month

https://staysafeonline.org/ncsam/history/

What's New in Belkasoft Evidence Center 2020 Version 9.7

Belkasoft Evidence Center 2020 v.9.7 (or, in short, BEC ) is an all-in-one forensic solution , combining mobile and computer forensics as well as memory, cloud and remote forensics, and incident investigations in a single tool. Given its affordable price, it is one of the best choices among other available products on the market.

In v.9.7, Belkasoft significantly expanded BEC support of various mobile data sources and improved its Remote Forensics module.

Among major features included in BEC 2020 v.9.7 there are:

  • Acquisition of MTK based devices
  • Acquisition via MTP/PTP protocols
  • iOS 13 support
  • Support for Xiaomi and Huawei backups
  • F2FS file system parsing and analysis
  • CarPlay analysis
  • Major improvements of Remote Forensics ( macOS support; WMI deployment )
  • Connection Graph revamped
  • Numerous improvements in Artificial Neural Network analysis of photos
  • The search of Japanese texts improved
  • Numerous updates to artifact extraction

Read more https://belkasoft.com/new

Belkasoft announces the upcoming release of BEC ( Belkasoft Evidence Center 2020 ) version 9.7. In v.9.7, Belkasoft significantly expanded BEC support of various mobile data sources and added support for more operating systems in its Remote Forensics module.

Among features expected in the upcoming release of BEC 2020 there are:

  • Acquisition of MTK based devices ; acquisition via MTP/PTP protocols ; iTunes backups supported for iOS 13
  • Support for Xiaomi and Huawei backups
  • F2FS file system parsing and analysis
  • CarPlay analysis
  • Major improvements of Remote Forensics ( macOS and Linux support; WMI deployment )
  • Incident Investigation module improvements (more activities extracted; artifact layout made more intuitive)
  • Support of AFF4 images
  • Connection Graph revamped
  • Numerous improvements in Artificial Neural Network analysis of photos
  • The search of Japanese texts improved
  • Numerous updates to artifact extraction

 

Read more here https://belkasoft.com/sneak_peek

KeyScout is a utility built into Oxygen Forensic ® Detective which uncovers and extracts user data, tokens and passwords from apps and web browsers as well as Wi-Fi hotspot passwords, iTunes backups, and operating system data on PCs running Windows.

Read more https://blog.oxygen-forensic.com/oxygen-forensic-key-scout/

DeepSpar has a solid reputation in regards their products for recovering data from bad drives. It goes to figure that anything with DeepSpar’s name on it should be just as good, andin the case of the Guardonix, this is true.


Read more https://www.dfir.training/dfir-training-blog/if-you-don-t-already-have-a-deepspar-guardonix-you-might-want-to-get-one

BlackLight quickly analyzes computer volumes and mobile devices. It sheds light on user actions and now even includes analysis of memory images. BlackLight allows for easy searching, filtering and otherwise sifting through large data sets. It can logically acquire Android and iPhone/iPad devices, runs on Windows and Mac OS X, and can analyze data from all four major platforms within one interface. It’s simply the best option available for smart, comprehensive analysis.

Read more https://www.blackbagtech.com/blacklight.html