本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Ahmed Belhadjadji
Window Event Logs ForensicsWe reached the eighth and final phase of Windows forensics process, all the 7 previous steps are mentioned below:1- Gathering Volatile Information: link2- Collecting Non-volatile Information: link3- Memory Analysis: link4- Registry Analysis: link5- Cache, Cookies, and History Analysis: link6.7- Windows Files and Metadata analysis: linkThe Windows operating system logs all user activity on the system and can serve as a valuable source of evidence in a forensic investiga...
David Spreadborough at Amped
David Spreadborough April 11, 2023 Welcome back to our blog series on CCTV Acquisition. In this latest article, we shall be looking at the public submissions of CCTV and video evidence. CCTV and video are now covered under the umbrella of digital data. In the series so far, we have learned about some of the many challenges investigators face when acquiring that data in an evidential manner. It is a long way from simply removing the VHS tape from the machine. Read on to find out more! Contents 1 ...
Elcomsoft
Perfect Acquisition Part 3: Perfect HFS AcquisitionHomePod Forensics III: Analyzing the Keychain and File SystemObtaining Serial Number, MAC, MEID and IMEI of a locked iPhoneUnderstanding Partial File System Extraction: What Data Can and Cannot be Accessed on iOS 15.6-16.1.2 DevicesPerfect Acquisition Part 2: iOS BackgroundHomePod Forensics II: checkm8 and Data ExtractionSideloading the Extraction Agent using a FirewallMore... Events Official site About us Home Categories GeneralElcomsoft NewsSe...
Perfect Acquisition Part 4: The Practical PartPerfect Acquisition Part 3: Perfect HFS AcquisitionHomePod Forensics III: Analyzing the Keychain and File SystemObtaining Serial Number, MAC, MEID and IMEI of a locked iPhoneUnderstanding Partial File System Extraction: What Data Can and Cannot be Accessed on iOS 15.6-16.1.2 DevicesPerfect Acquisition Part 2: iOS BackgroundHomePod Forensics II: checkm8 and Data ExtractionSideloading the Extraction Agent using a FirewallMore... Events Official site Ab...
Automating DFU Mode with Raspberry Pi PicoPerfect Acquisition Part 4: The Practical PartPerfect Acquisition Part 3: Perfect HFS AcquisitionHomePod Forensics III: Analyzing the Keychain and File SystemObtaining Serial Number, MAC, MEID and IMEI of a locked iPhoneUnderstanding Partial File System Extraction: What Data Can and Cannot be Accessed on iOS 15.6-16.1.2 DevicesPerfect Acquisition Part 2: iOS BackgroundHomePod Forensics II: checkm8 and Data ExtractionSideloading the Extraction Agent using...
Eric Capuano
blog.ecapuano.comCopy linkTwitterFacebookEmailCapturing & Parsing Forensic Triage Acquisitions for Investigation TimeliningThis guide will walk you though capturing and processing triage acquisitions into forensic timelines, step-by-step, with a VM containing all needed tools. Eric CapuanoApr 12, 2023∙ Paid4ShareShare this postCapturing & Parsing Forensic Triage Acquisitions for Investigation Timeliningblog.ecapuano.comCopy linkTwitterFacebookEmailKeep reading with a 7-day free trialSubscribe to...
Forensafe
14/04/2022 Friday pCloud is a cloud storage service developed by a Swiss company founded in 2013. It is a standard cloud storage service for keeping files private, stable, and accessible across all platforms. pCloud also provides file management, sharing, versioning, security, backup, and digital assets management. The app is available on Windows, Mac, Linux, Android, and iOS devices. Digital Forensics Value of pCloud Artifact pCloud artifacts provide information about files and folders that the...
Invictus Incident Response
Insights from practical experienceBackgroundRecently we were engaged by a company after they were targeted by a ransomware attack in their AWS environment. In this blog we want to show you what happened and how we were able to piece together the picture based on available logging.Due to confidentiality we will be using censored screenshots to protect our client’s information. They approved the publication of this blog, to prevent other companies from becoming a victim to a similar attack.Attack ...
