Week 10 – 2018




  • Jamie McQuaid at Magnet Forensics will be hosting a couple of webinars on the trends in mobile forensic device acquisition. The webinars will take place Tuesday, March 27th @ 1:00PM EST and Wednesday, March 28th @ 9:00AM EST
    Mobile Trends, Tools and Methods

  • NW3C and NCFTA are delivering a webinar on 03/14/2018 at 1PM EDT titled “How Virtual Currency is Changing the Way We Investigate”
    Check out @NW3CNews’s Tweet

  • Jason Jordaan will be hosting a webcast for SANS on Tuesday, March 13th, 2018 at 3:30 PM EST (19:30:00 UTC) on tips and techniques for testifying at court.
    Webcast 3: Tips and Techniques for Testifying Successfully




  • Eric Huber at ‘A Fistful of Dongles’ continues his ‘life after law enforcement’ series, talking about what to expect in terms of the change of pace, as well as the different types of work and how it’s affected by corporate politics or other factors. It’s clear from the article that this is a good place if you’re motivated to do a good job (and be rewarded for it), as opposed to government positions where you may be able to get away with coasting.
    Life After Law Enforcement: Life In The Fast Lane

  • Bob Petrachek at Blackbag Technologies lists a number of reasons on why he would select a Mac as his examination platform of choice. I don’t necessarily disagree but I think I would recommend if you have the option, I’d suggest getting a grunty Windows/Linux desktop, and a (preferably high-end, but they’re stupid expensive) MacBook Pro. That would give you a lot of the benefits listed in the article of having MacOS, without the pricetag of the Mac Pros. I spoke with Bob recently about speccing out a Mac Pro and was told that RAM was key to processing quickly with Blacklight. Knowing this, it makes sense to throw your case onto your best-specced machine aka Windows box (most probably) for processing and then you can move it to your Mac for the bits that need a Mac’s touch. Mac Pro’s look great and all, but the cost and form-factor (for forensics, they’re nice to look at though) is just hard to justify.
    Examination Platforms – Mac or Windows?

  • Alistair Ewing at Compute Forensics shares out his top 10 free computer forensics tools.
    Top Ten Free Computer Forensic Software

  • Brett Shavers at DFIR.Training shares his thoughts on creating test images and describes his process for doing so.
    Forensic Test Images!

  • Digital Forensics Corp shared an article from Beebom on Android emulators for Windows.
    Android Emulators for Windows

  • Christa Miller from Magnet Forensics has written an article in Forensic Magazine on the different approaches one can take when dealing with today’s landscape of digital devices and evidence.
    Next-generation Digital Forensics: Expanding the Toolkit

  • Cindy Murphy at Gillware Digital Forensics gave a lengthy shoutout to a number of prominent women in computing that accomplished great things and inspired her. She also gave a shout-out to a number of women in the DFIR field (some of whom I’m friends with and can attest to their awesomeness :)).
    A Shout-Out to Amazing Sheroes in IT

  • Johann Hofmann and Pelle Gara at Griffeye talk about the utility of AI and machine learning for digital data in criminal investigations.
    AI and machine learning: The future is now

  • Paul Kincaid at Malwarebytes Lab walks through the four phases of the “NIST SP800-61r2 Incident Response Life Cycle”
    Building an incident response program: creating the framework

  • John E Dunn at Naked Security reports on a company, Grayshift, which is “quietly touting software it claims can unlock Apple’s flagship handsets, the iPhone X and 8”. If this does work and isn’t patched by Apple, this could provide law enforcement with an “expensive” way of getting through iOS passcodes. I think it’s only a matter of time though before Apple finds a way to improve their security again (which I’m not really for or against; you want to be able to catch the bad guys, but you also want your things secure)
    Second company claims it can unlock iPhone X


And that’s all for Week 10! If you think I’ve missed something, or want me to cover something specifically hit me up through the contact page or on the social pipes!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s