本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
FORENSIC ANALYSIS
Alexis Brignoni at ‘Initialization Vectors’
Last week the awesome Heather Charpentier (my co-host on the Digital Forensics Now Podcast) and myself were working on building a parser for Google Chats in iOS. As we were looking for the location where images were share via the chat we came across a SQLite database called cacheV0.db in the /private/var/mobile/Data/Application/GUID/Library/Caches/com.google.Dynamite/ImageFetcherCache/ directory.The cacheV0.db file in context.Even though we found the images tied to the chats somewhere else in th...
Bullsh*t Hunting
www.bullshithunting.comCopy linkFacebookEmailNoteOtherBullshit Hunting: Digital Forensics EditionA guest post from a seasoned forensicator.Feb 7, 20244Share this postBullshit Hunting: Digital Forensics Editionwww.bullshithunting.comCopy linkFacebookEmailNoteOtherSharePhoto Credit: Dan Cristian PădurețThis is a guest post from Shafik Punja, a Canadian digital forensics expert. We are certain you’ll enjoy. - Bullshit Hunting CrewSeveral weeks ago, one of my brothers from another mother, Justin Sei...
Django Faiola at ‘Appunti di Informatica Forense’
IntroduzioneWaze è un’applicazione mobile di navigazione stradale gratuita per iOS e Android basata sul concetto di crowdsourcing, inizialmente sviluppata dalla start-up israeliana Waze Mobile e dal 2013 proprietà di Google. Grazie agli utenti, Waze è in grado di fornire aggiornamenti sul traffico o altri avvenimenti in tempo reale. Per maggiori dettagli sulle funzionalità dell'app consulta //www.waze.com. Dal punto di vista forense l'app conserva una buona quantità di dati che possono essere ut...
Dr. Tristan Jenkinson at ‘The eDiscovery Channel’
COPA v Wright – The Identity Question Takes Centre Stage Tristan Jenkinson Bitcoin, ChatGPT, Craig Wright, Cryptocurrencies, Digital Forensics, Experts, Fraud, Legal, Technology February 5, 2024February 5, 2024 7 Minutes By Dr Tristan Jenkinson Introduction I’ve written about Craig Wright a few times on my blog, he is due to return to court in London this week in a matter that will have major repercussions for related cases, and for the wider cryptocurrency world. Why? Because a court is directl...
Oleg Afonin at Elcomsoft
February 9th, 2024 by Oleg AfoninCategory: «General» The bootloader vulnerability affecting several generations of Apple devices, known as “checkm8”, allows for forensically sound extraction of a wide range of Apple hardware including several generations of iPhones, iPads, Apple Watch, Apple TV, and even HomePod devices. The exploit is available for chips that range from the Apple A5 found in the iPhone 4s and several iPad models to A11 Bionic empowering the iPhone 8, 8 Plus, and iPhone X; older...
Forensafe
09/02/2024 Friday The Android SMS service is a fundamental feature of the Android operating system that enables users to send and receive text messages on their mobile devices. It provides a convenient and reliable means of communication, allowing users to exchange text-based information with contacts in their address book or any phone number. Users can compose, send, receive, and manage SMS messages through the native messaging app or third-party messaging applications available on the Google P...
Invictus Incident Response
February 9, 2024Recently there have been some big changes in Microsoft auditing, especially with the Unified Audit Log (UAL). It all started with a blog (link) by Microsoft that laid out plans for the future of auditing. This was in the wake of the famous Storm-0558 attack, you can read the official write-up here. One of the positive things that came from this incident is that Microsoft promised some significant changes to the UAL. In this blog we want to highlight the status of some of these ch...
Mattia Epifani at Zena Forensics
By Mattia Epifani - February 04, 2024 A smartphone is often connected to a Wi-Fi network: think of how much time we spend at home, in our office, or even in a public place while studying or exercising. As soon as we can reach a (hopefully trusted) Wi-Fi network, we connect to it!On Android devices, the Wi-Fi connection is managed by the Wi-Fi service. This service must store information about the previously connected Wi-Fi networks so that the phone can reconnect as soon as it's in the vicinity....
Scott Koenig at ‘The Forensic Scooter’
Skip to content The Forensic Scooter Menu + × expanded collapsed The Forensic Scooter Contact Blog Device Set-up – Transferring data to new iPhone & Effects to Photos.sqlite Posted byScott_koenigFebruary 4, 2024February 5, 2024Posted iniPhone Setup, Photo Library, Photos.SqliteTags:#DFIR, com.apple.MobileBackup.plist, iPhone Setup, Photos.Sqlite, UDID I know it’s been a while since I have posted anything new. I would like to say thank you to everyone who has communicated how my previous blogs an...
Maxence Fossat at Synacktiv
Rédigé par Maxence Fossat - 08/02/2024 - dans CSIRT - Téléchargement Veeam Backup & Replication is a widely-used software suite for creating and managing backups of virtual, physical and cloud machines. In a remote incident response, where efficient data access is key, Veeam metadata files can be used to list and search for Backup objects. This article explores the structure of Veeam metadata and how to use a Velociraptor artifact to restructure this data. Introduction Data protection and di...
