Depending upon the nature of investigations, timely forensic examinations normally can expedite the apprehension of suspects. The use of a triage tool can identify the most likely evidentiary data sources. Ideally, the relevant evidence should then be seamlessly exported and analyzed in-depth by another comprehensive forensic tool which can provide indexing and detailed analysis.
This is the conclusion of our discussion with Jake Williams, Instructor at SANS Institute...
The Sony breach has given a great deal of attention to North Korea. Regardless of whether the...
At first glance, it would seem that the most logical and obvious way to increase storage capacity would be to add more platters to a hard drive. However, this raises a number of inherent problems, such as having to increase the size beyond the current form factors (3.5”, 2.5”, etc.), escalating the cost per hard drive, having to have more read/write heads per hard drive, and so forth.
Not long ago, mobile device forensics was a relatively straightforward process. Contact lists, SMS messages, and call logs were obtained and examined for evidence using specialized forensic technology. But with the blistering rate of advances in mobile technology, the explosion of mobile data and devices, times have drastically changed.
To increase hard drive storage capacity, manufacturers have been able to decrease the size of magnetic grains which comprise data bits. This allows for a greater number of bits of data to be recorded. However, the grains are so small that they can potentially interfere with each other. This diminishes their ability to maintain assigned magnetic orientations and data would become corrupted, leading to an unreliable and unusable hard drive.
Effective training in professional ethics doesn’t primarily consist of rote memorization of rules, but instead must prepare the examiner in the art of ethical issue spotting. Similarly, an effective code of ethics consists not only of certain static core principles, but also may consist of components that can be adapted over time to keep pace with the law and with professional norms.
The mobile device industry is evolving very quickly. To stay current on the latest devices and the proper techniques for acquiring and analyzing data, smartphone and mobile device forensic analysis training courses are becoming more and more necessary.
A month after rebranding from Telecom to Spark, the leading New Zealand ISP had received collateral damage from the conflict between Russia and Ukraine. Fights there have never really been toe-to-toe, but, on Friday evening, September 5, Spark engineers announced that a layer-3 DDoS attack was causing an overload of its DNS servers.
When compared to a typical hard drive, SSDs are totally different in design and functionality which leads to some difficult issues to deal with pertaining to their forensic analysis.
Current research in the area of digital image forensics is developing better ways to convert image files into frequencies, such as using wavelet transforms in addition to more traditional cosine transforms and more sensitive methods for determining if each area of an image belongs to the whole.
As digital devices continue to proliferate, digital storage capacities are approximately doubling every two years. The sheer amount of digital media being submitted for forensic analysis is overwhelming.
Do you ever feel overwhelmed as a manager? Being overburdened by the responsibility of having to figure out what others want and need of you is a familiar feeling shared among leaders. Fortunately, there is a “best practice” for obtaining just the kind of information needed to increase your leadership effectiveness — ask them what they want.
Future data storage needs for businesses, corporations, and governments are going to far exceed the ability of current technology to provide those storage devices. Obviously, without major technological advancements, the cost of future data storage could be unprecedented. There are however, a number of technologies under development which may eventually be able to store vast amounts of information, far exceeding today’s devices.
Boot loaders are currently considered the most forensically sound physical extraction method. While they do involve loading a piece of code onto the device, this happens before the forensic tool accesses any evidentiary data. That’s because they replace the device’s normal boot loader, or the first set of operations that kick off the phone’s startup process and hand off to the main controlling program, like the operating system.
This checklist can help you to build a penetration testing lab. To successfully set up your lab will require attention to detail, redundancy, and a littel bit of paranoia.
Cloud computing raises some unique law enforcement concerns regarding the location of potential digital evidence, its preservation, and its subsequent forensic analysis. Further forensic issues concern the potential effect the cloud services could have on the digital data itself and how the forensic examiner can explain all these indiscretions to the court.
The courts have generally accepted evidence collected from the Internet as long as its authenticity can be established. Commonly accepted digital forensic methodologies can all be used to identify a three-pronged approach to Internet forensics.