The software and data for cloud applications are stored on servers owned by a third party and not local to the user. As such, they are not under the end user's control—a key requirement in traditional network forensics, where the examiner has either physical control over the network, or can take control by installing a piece of code on the computer to be examined.
Today we’ll be discussing what to do when conventional mobile device extraction tools are unable to extract the evidence you need. When a smartphone is locked, broken, or unsupported by forensic tools, Flasher box, JTAG, or chip-off extraction methods become necessary.
This edition will look at forensic tool validation. Myriad tools exist for the examination of digital evidence. These tools automate many of the tedious forensic processes and allow you to perform investigations more efficiently, but it is important that you not take these tools for granted.
As new requirements emerge from the DoD for cyber defense, the National Guard is leaning forward to prepare the states' and territories' 54 Computer Network Defense Teams for real world attacks. Capt. Kyle Key reports from the 2014 Cyber Shield exercise at the Professional Education Center in North Little Rock, Ark.
Today we’ll be discussing the collection and packaging of cell phones and other mobile devices. Proper packaging is essential to preserve the sometimes volatile electronic evidence these devices contain.
In the first part of our Digital Evidence Series, we’ll be discussing Warrants as they apply to cell phones, computers, and other types of digital evidence. These types of evidence require a different set of procedures from those you are familiar with.
The CRU Ditto Forensic FieldStation combines special-purpose computing hardware, capable of fast analysis, and carefully selected duplication of attached hard drive data. It has all of the classic characteristics required for forensic investigations and IT personnel.
This talk from the 30th Chaos Communication Congress will discuss a case in which criminals compromised and robbed an ATM by infecting it with specially crafted malware. The successful compromise of an ATM can easily result in the loss of several hundred thousand dollars.
University of New Haven Cyber Forensics decided to unbox some expensive digital forensics equipment and record it with Google Glass and a Geo Pro. Everyone has watched unboxing videos - but we have never seen someone unbox digital forensics equipment! Enjoy the write-blockers, forensic duplicators/wipers and the beast F.R.E.D.
Gary Kessler explores the acceptability of digital evidence in court as regards the Federal Rules of Evidence.
A look at the Department of Defense Cyber Crime Center's Digital Forensics Academic Excellence Program.
Dr. Hany Farid, a distinguished professor at Dartmouth College and the "father" of digital image forensics, is an expert on authenticating images.
A technical introduction to digital forensics geared towards fellow geeks who think tinkering with data in hex is fun and interesting.
This is a post-exploitation demonstration with a walk-through of exploiting a Windows machine, getting a copy of the Web server's home page, and then modifying it with an iframe that points to an exploit server.
Here's how to locate the MFT and MFT Mirror from the Volume Boot, using EnCase.
As we start the month of October, we grow closer to the November 2nd, 2010 Challenge submission deadline. The 2010 DC3 Challenge already has over 30 teams with partial and full submissions. With over 11 prizes available this year, make sure to get your submissions in.