NISA 2017 - UNDERSTANDING METADATA - WHAT IS METADATA, AND WHAT IS IT FOR? is available. Surprisingly, not read anywhere else that this update was out, being that it is a highly relevant subject to digital (mobile, computer, audio, etc.) forensics.http://www.niso.org/apps/group_public/download.php/17446/Understanding%20Metadata.pdf
Hiển thị các bài đăng có nhãn forensics. Hiển thị tất cả bài đăng
Hiển thị các bài đăng có nhãn forensics. Hiển thị tất cả bài đăng
Chủ Nhật, 29 tháng 10, 2017
Thứ Tư, 28 tháng 6, 2017
U-N-I update on posts
On tháng 6 28, 2017
In CDR, cell details, cyber, evidence, fault-finding, fixed, forensics, large-scale computer networks, mobile, network, PCAP, switch data, traffic logs, universal network investigations
- Diameter - Online Charging Systems (OCS)- Big / Fresh / Deep - Data : Huaewi overview- Hot technologies to know about- ARP.pcap- bgp.pcap- https.pcap- ICMP-ARP-OpenFlow1.0.pcap- ICMP-DHCP-DNS.pcap- Russians target Telegram App- Wireshark- Protocols Relevant to U-N-I- Industrial Networks Hit By WannaCry- IM Telegram Replay Attack - Android- Whisper Signal WhatsApp- Subpico Intelligent Appication
Thứ Sáu, 23 tháng 6, 2017
Universal Network Investigations
On tháng 6 23, 2017
In CDR, cell details, cyber, evidence, fault-finding, fixed, forensics, large-scale computer networks, mobile, network, PCAP, switch data, traffic logs, universal network investigations
Just started a new LinkedIn group called 'Universal Network Investigations (UNI)'. It is a group only for those involved in the wider area of fixed, mobile and large-scale computer networks. The group exists to assist cyber, forensics and fault-finding investigations: to exchange observations and sharing 'intel' in a closed forum discussing fixed and mobile network investigations - trace data
Chủ Nhật, 19 tháng 6, 2016
Learning from Posters Pt2 - Forensics, Cyber and Security
Part 2 - Continuing on from Part 1 showing the collection of learning from posters which I thought it would be helpful to the community to have them posted in a single location.
Learning from Posters Pt1 - Forensics, Cyber and Securityhttp://trewmte.blogspot.co.uk/2016/06/learning-from-posters-pt1-forensics.html
Learning from Posters Pt1 - Forensics, Cyber and Securityhttp://trewmte.blogspot.co.uk/2016/06/learning-from-posters-pt1-forensics.html
Learning from Posters Pt1 - Forensics, Cyber and Security
Part 1 - I have been collecting these learning from posters which I thought it would be helpful to the community to have them posted in a single location.
Learning from Posters Pt2 - Forensics, Cyber and Securityhttp://trewmte.blogspot.co.uk/2016/06/learning-from-posters-pt2-forensics.html
Learning from Posters Pt2 - Forensics, Cyber and Securityhttp://trewmte.blogspot.co.uk/2016/06/learning-from-posters-pt2-forensics.html
Thứ Bảy, 19 tháng 3, 2016
eMMC
On tháng 3 19, 2016
In chip-off, eMMC, encryption, examination, flash, forensics, iNAND, memory sticks, MoviNAND, NAND FLASH, SERIAL FLASH, smartphones
Download software here http://www.up48.com/english/download.htm
Frequently data recovery work undertaken is on eMMC (embedded MultiMediaCard) found in a large number of the smartphones and memory sticks etc. on the market. I was asked what tool I would use for working with e.g. eMMC. One tool that is most frequently turned to is Up-n-Up UP828P Ultra Programmer ('P' is the latest version).
Exploration - missing the micro-evidence
If you are new to or have all but forgotten the humble (U)SIM Card now maybe as good time as any to refresh on the physical state of (U)SIM Card, in particular the hardware, so to speak.
To assist that refresh process, below are links to previously published materials that investigators and examiners might find useful:
http://trewmte.blogspot.co.uk/2013/09/usim-examination-physical-pt1.html
Chủ Nhật, 31 tháng 1, 2016
Investigation USIM EFs and Service Table
On tháng 1 31, 2016
In crime, cybercrime, data, EFSST, EFUST, Elementary Files, examination, forensics, GSM SIM card, investigation, law, tools, USIM Card, USIM Service Table
There has been so much going on over the past year and with research and testing I haven't posted as much as I would like. The growth areas in the variety of methods and tools for logical data and physical data extraction, harvesting and examination; impact that apps and malware might have on evidence; wireless options available on smartphones and tablets changing the way traditional cell site
Thứ Tư, 18 tháng 3, 2015
Emotion Icons
On tháng 3 18, 2015
In competence, emoji, Emotion icons, encrypted, evidence, forensics, mobile examiner, reliance on tools
From a recent discussion about knowledge/skills and experience and operators of forensics tools having a range of training, contributors comments varied as to exactly where the demarcation line lay regarding 'competence'. That is how far should an examiner go to valid the extracted and harvested data from a mobile phone. Bits and Bytes levels, carving out etc. brought some responses suggesting
Chủ Nhật, 4 tháng 5, 2014
iPhone factory reset bars access to revevlation
On tháng 5 04, 2014
In encrypted data, factory reset, factory restore, forensics, hacking, iPhone 4s etc, The Register
It has been known for sometime there is no general release that can handle the deleted encrypted data on iPhone 4s onwards. The latest article in the The Register ( http://www.theregister.co.uk/2014/05/01/thanks_for_nothing_apple_say_forensic_security_chaps/ ) rehearses discussion the forensic community has already had about deleted keys and deleted encrypted data. The factory reset point merely
