DiscoverForensic Focus
Forensic Focus

Forensic Focus

Author: Forensic Focus: Digital Forensics, Incident Response, DFIR

Subscribed: 50Played: 843


Digital forensics discussion for computer forensics, DFIR and eDiscovery professionals. Visit Forensic Focus at for more.
81 Episodes
Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data. Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities. 00:00 – Introduction to Alan Platt 07:00 – Training 12:00 – Workflows 17:20 – Ensuring a secure environment 19:45 – Customer training 20:35 – Helping customers comply with ISO accreditation 25:00 – Validation and verification 27:30 – ISO standards 30:00 – MSAB’s pipeline plans 32:40 – XEC Director 43:45 – Privacy of user data
Nick Harvey, a former Detective Inspector in the Metropolitan Police, discusses his transition from law enforcement to his current role as a Customer Success Manager at Cellebrite. He describes his experience in tackling county lines, a form of organized crime in the UK where drug dealers set up operations in smaller towns and cities to expand their business. He also discusses the role of mobile phones in criminal investigations and how data-driven approaches can expedite the justice process. Nick goes on to highlight the challenges of explaining digital evidence to judges and juries and the potential impact of artificial intelligence in forensic investigations. He also emphasizes the importance of communication between digital forensics units and investigators and the need for tools that can handle large data sets and provide actionable insights. Nick shares his thoughts on the impact of regulations on forensic processes and the need for a balance between oversight and efficiency. He concludes by advising investigators to be open to new approaches and to focus on the objectives of their investigations. 00:00 – Introduction to Nick Harvey, Customer Success Manager at Cellebrite 02:40 – Data driven approach to tackling county lines crimes 07:50 – Changing landscape of mobile forensics 11:45 – Operation Venetic and EncroChat crime 15:20 – Ensuring admissibility of evidence 19:50 – Machine learning in crimes and crime detection 24:00 – Machine learning in Cellebrite’s tools 27:10 – Working at Cellebrite 31:30 – Managing large volumes of data 34:40 – Training tool users and empowering investigators to get the most from data 36:00 – Regulations and compliance frameworks 39:55 – Advice for digital investigators
Subscribe to the Forensic Focus Podcast: Keith Lockhart, Vice President of Training at Oxygen Forensics, discusses the evolution of training in the digital forensics industry. He highlights the shift towards online training and the use of technology to deliver courses remotely. He also mentions the importance of gathering feedback from customers and adapting training programs to meet their needs. Oxygen Forensics is focused on providing a range of training options, including on-demand content and hands-on training with shipped devices. Additionally, Keith discusses the company's new technologies, Oxygen Corporate Explorer (OCE) and Oxygen Analytic Center (OAC), which offer collaborative review and data collection capabilities.  00:00 - Keith Lockhart’s career  06:45 – Educational background 09:15 – Technical knowledge and software development 14:55 – Transitioning to a training role 20:05 – Sharing knowledge and presenting evidence in court 24:15 – Products and training from Oxygen Forensics 34:00 – Receiving customer feedback 35:30 – Online versus in-person conferences and training 38:10 – Providing training and tools in different languages 41:00 – Oxygen Forensic Certifications 44:10 – Oxygen Forensics’ focus for 2024
Si interviews Monica Harris from Cellebrite about new products and developments in the field of digital forensics. They talk about the importance of staying connected to the community and understanding their needs. Cellebrite has recently launched several new products, including Endpoint Mobile Now, a SaaS solution for the patent pending remote collection of targeted data on iOS and Android devices. Another new product is Mobile Ultra, a mobile forensics solution that provides access to mobile data on a wide range of iOS and Android devices. Cellebrite aims to develop technology that meets the needs of their customers and provides solutions for the challenges they face in digital forensics. 00:00 – Introduction to Monica Harris and Cellebrite 03:20 – New Cellebrite products and upgrades 05:40 – Cellebrite Endpoint Mobile Now 12:00 – Storage, privacy and ownership of acquired data 13:30 – Bandwidth requirements 15:00 – Targeting specific data 18:45 – Cellebrite Mobile Ultra 22:15 – Cloud collection platforms 26:10 – Collecting data from the cloud 27:05 – Screen share and capture capabilities 29:15 – What’s coming up for Cellebrite? 32:10 – AI and machine learning 36:40 – Final thoughts and invitation to get in touch
Si and Desi interview Rich Frawley from ADF Solutions. They discuss the use of screenshots and screen recording in mobile device investigations. Screenshots and screen recordings can be used to capture evidence that may not be available through logical acquisitions, allowing investigators to add valuable information to their cases. Rich also discusses the limitations of screenshots and screen recording, such as the inability to capture certain types of data or the risk of alerting the other party in a chat conversation. He emphasizes the importance of investigators knowing their cases and making informed decisions about the best methods to gather evidence. Rich also highlights the speed and efficiency of ADF Solutions' tools, which focus on triage and intelligence gathering rather than cracking devices. He mentions the company's training programs and the ability to generate reports and share data with other tools. The conversation touches on the future of mobile forensics, including wearables and emerging technologies like smart glasses.  
Si Biles interviews Sophie Powell, Professor Sarah Morris, and Rob Black about the Cyber 9/12 Strategy Challenge. The challenge is an opportunity for students to experience a simulated cyber crisis and provide advice to senior government decision-makers. The guests discuss the value of the competition in developing multidisciplinary skills and the importance of diversity and inclusion in the cybersecurity field. They encourage students to participate and emphasize the benefits of networking and learning from industry professionals. The guests also highlight the need for more outreach and support for women in cybersecurity at all levels of education, and the work of CyberWomen Groups C.I.C.. Show Notes: Event Recap: The CyberWomen Conference 2023 -
Si and Desi are joined by Brittany and Ailsa from digital forensics software company ADF Solutions. They discuss how ADF is addressing key challenges for digital forensics practitioners, including handling the massive volumes of data from mobile devices and the cloud. The guests outline ADF's focus on developing their software as an easy-to-use onsite triage tool that can help quickly identify pertinent evidence. Key features include advanced handling of video files, AI-assisted classification of images, and new screen recording capabilities for mobile devices that allow suspects to safely share relevant data. The hosts and guests also explore ADF's ongoing research into areas like facial recognition, handling new device types like games consoles and smart watches, and identifying deepfake media. 00:00 – Introduction to Ailsa and Brittany 03:00 – The challenge of vast amounts of data 05:50 – Recovering data from Chromebooks 08:50 – Triaging using ADF tools 12:30 – Benefits of using ADF Solutions’ tools 15:50 – Limitations in types of apps 17:20 – Keeping up with technological advancements 19:15 – ADF customer base 21:00 - Artificial intelligence in classifying images 30:00 – ADF Solutions’ triaging kit 37:00 – Training with ADF 40:00 – Target user 44:50 – Roadmap of future devices to examine 51:30 – Main focus for ADF Solutions going forwards Show Notes: AI-generated CSAM article on Sky News -
Si and Desi interview Emi Polito from Amped about how to become an Amped FIVE Certified Examiner (AFCE). They discuss the exam requirements and format, as well as Amped’s future plans. Emi explains that the certification is aimed at demonstrating competency with the Amped FIVE video analysis software after completing training. The exam consists of multiple choice questions on theory and practical exercises using the software. Emi talks about the online exam format and process for passing or failing. Emi also discusses the broader challenges many organizations face with validation and accreditation. He emphasizes Amped's commitment to developing tools that facilitate that process. The hosts reflect on the confusing accreditation landscape and Amped’s passion for improving training and certification in forensics. This episode provides an overview of Amped's new certification and perspective on challenges in the field of video forensics. Show Notes: Introducing The AFCE Certification (Amped FIVE Certified Examiner) - Video Evidence Principles With Amped Software - Digital Image Authenticity And Integrity With Amped Authenticate - File Analysis And DVR Conversion Training From Amped Software - Amped FIVE Speed Estimation 2d Filter And Training From Amped Software - Amped Software’s Martino Jerian on Key Challenges and Opportunities for Video Evidence - LEVA 2023 Training Symposium - Forensic Collision Investigation & Reconstruction Ltd - Amped FIVE Certified Examiner - Introducing the Amped FIVE Certification Program - Amped Software YouTube - How to Use the Validation Tool in Amped FIVE -  
Si and Desi talk to Gavin Prue and Selim Kang about their non-traditional paths into cybersecurity careers. They share their diverse educational backgrounds, from vocational college courses to returning to school later in life, and the hands-on training that helped prepare them for incident response roles. Gavin and Selim provide advice for aspiring cybersecurity professionals on the importance of networking, asking questions, having a positive attitude, and being willing to put in extra time learning new skills. They discuss the value of university degrees versus certifications, the pros and cons of accredited cybersecurity programs, and the need for continued education in this rapidly evolving field. Whether starting from scratch or changing careers, their stories demonstrate that resilience and motivation can overcome lack of formal qualifications.
Si and Desi talk to Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, and Emma Pickering, Head of Tech and Economic Abuse at Refuge. They discuss the impact of digital forensics and incident response (DFIR) in cases of domestic abuse. They highlight the prevalence of tech-enabled abuse, such as the use of stalkerware, and the need for comprehensive support and safety plans for survivors. They also talk about the challenges faced by law enforcement in investigating and prosecuting these cases, as well as the importance of training and awareness in addressing tech-enabled abuse. The conversation emphasizes the need for collaboration between organizations, tech developers, and law enforcement to effectively combat domestic abuse. Show Notes: Apple Support: How Safety Check on iPhone works to keep you safe - IBM: Five Technology Design Principles to Combat Domestic Abuse - EFF: Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users - Wesley Mission: More support to help escape family violence - Refuge: How we can help you - Electronic Frontier Foundation -
Si and Desi interview Lee Reiber, CEO of Oxygen Forensics. Lee provides an overview of Oxygen's tools for extracting data from mobile devices, cloud services, and computers to aid digital investigations. He talks about Oxygen's training program that is now included with their software to train examiners to become skilled investigators. Lee also shares insights on overcoming hurdles like encryption and multifactor authentication in mobile forensics. He stresses that there is always a way to get needed data from mobile devices. Lee additionally talks about the vetting process Oxygen uses to ensure their tools are used ethically and explains how Oxygen adapts quickly to help law enforcement with urgent cases.
Join Desi and Si as they chat with Rob Fried, a digital forensics expert, author, and licensed private investigator. In this episode, Rob discusses the upcoming 2023 E-Crime Symposium: Cutting Edge Topics in Digital Forensics, taking place virtually on 31st October 2023. The symposium will feature keynote talks and panel discussions exploring e-crimes and criminal investigations. Topics include Mobile Device Investigations, Cryptocurrency Investigations, and Forensic Fundamentals in Innovation. Rob also discusses his background, career, and passion for writing and sharing knowledge in the forensics field. He talks about the value of collaboration and giving back through events like the symposium and authoring books for students and practitioners. Show Notes: 2023 E-Crime Symposium: Cutting Edge Topics In Digital Forensics - Rob Fried's website - PI Magazine -    
Ryan joins Si and Desi to discuss his research into SS7 hacking and cell phone tracking. As someone passionate about radio technology, Ryan became interested in cell networking and eventually discovered he could intercept calls and texts by building fake cell towers. He learned that phone users have virtually no ability to opt out of their locations and identifiers being commercially available via simple API calls. Ryan hopes to put this knowledge to good use by developing a system to warn domestic abuse shelters if an offender's phone is near by tracking SS7 data. During the technical discussion, Ryan demonstrates querying an API with his own phone number to retrieve subscriber data and location. The hosts consider how individuals could possibly protect themselves from SS7 exploits, such as avoiding SMS authentication. They also discuss Ryan's other projects exploring radio hacking tools and a magazine shining light on digital counterculture topics. 
Si and Desi are joined by Professor Sarah Morris, Digital Forensics Academic and Practitioner, to talk about DFIR at Southampton University, and Sarah’s innovative approach to lecturing.  They explore a range of topics, from electronic storage detection using robots, to strength-testing Faraday bags. They also venture into the realm of forensics in unexpected places, like unravelling mysteries hidden within a washing machine. Plus, Sarah offers a rare insider's perspective on the biometrics and forensics ethics group, an advisory non-departmental public body sponsored by the Home Office.
Si is joined by Martino Jerian, CEO and Founder of Amped Software, and Eugene Liscio, 3D Forensic Analyst at ai2-3D. They discuss Martino’s recent presentation on video evidence principles to the European Parliament. Martino explains the difference between authenticity and integrity when it comes to video evidence, and explores the often necessary role of editing in producing a more accurate representation of reality, such as when correcting lens distortion. In this complex field, our guests emphasize the critical need for maintaining a precise, repeatable, and reproducible workflow, aligning with best practices and established guidelines. They also discuss how judges and juries can easily be mislead by expert witnesses, and the resultant importance of presenting technical information in an accurate but accessible way. Furthermore, for those curious about a career in video forensics, the trio provides practical insights into the qualifications, training, and experience that can guide you on this path. Show Notes: Video Evidence Principles: Presentation at the European Parliament - 3D Forensics | ai2-3D | Ontario - 3D Forensics YouTube - Digital Image Authenticity And Integrity With Amped Authenticate - Amped Software’s Martino Jerian on Key Challenges and Opportunities for Video Evidence - Amped Replay Explained: A Detective’s Review Of The Enhanced Video Player For Forensic Investigations - Amped FIVE Speed Estimation 2d Filter And Training From Amped Software - File Analysis And DVR Conversion Training From Amped Software - Liverpool John Moores University -  
Si and Desi recap the European Interdisciplinary Cybersecurity Conference (EICC) 2023, which hosted a range of talks and discussions on fields related to cybersecurity.  Si highlights some of the talks he found most interesting, including those on the following topics:  Research conducted at the University of Kent on the prevalence of child sexual abuse material (CSAM) in the DarkWeb, including differences between English- and Chinese-language marketplaces Tracking vehicles and anonymising personal data in a way that still allows useful statistical analysis Conversion of malware binaries into visual images, allowing for the detection of malware families and programs by visual analysis Detecting device fingerprinting on iOS with API function hooking Age classification from images, including potential challenges, theoretical uses and current accuracy levels Machine learning and cybersecurity The duo also discuss what's coming next on the Forensic Focus podcast.  Show Notes:  European Interdisciplinary Cybersecurity Conference: Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference: Conference program: Improving file-level fuzzy hashes for malware variant classification:  
Si and Desi talk to Ryan Parthemore, Product Evangelist at Cellebrite, and Robert Fried, Senior Vice President and Global Head of Forensics Investigations at Sandline Solutions. They discuss best practices and compliance frameworks to ensure the admissibility of digital evidence at trial. They highlight the foundational principles of repeatability, reproducibility, and justifiability in the field of digital forensics. Drawing on their own real-life experiences, they emphasize the importance of defensible investigations and illustrate how proper methodologies can protect the chain of custody and ensure the reliability of the digital evidence.
Si and Desi talk to Monica Harris, Project Business Manager at Cellebrite, about current eDiscovery challenges. They cover some of the reoccurring pain points customers experience during the integration stage, the difficulties of collecting mobile data for investigations, and the development of legal holds and how they influence digital forensic cases. This episode also touches on the role of machine learning in eDiscovery and how large amounts of data can be reformatted for the review stage of a case.
In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices. Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity. Show Notes: 100 Days of Code: The Complete Python Pro Bootcamp for 2023 - Domestika - MIT OpenCourseWare -  MasterClass - Raspberry Pi 400 Complete Kit - Flipper Discord - Flipper Zero - This Programmer Figured Out How to Play Doom on a Pregnancy Test - Here’s a dude playing Doom Eternal on his fridge -  Doom hacker gets Doom running in Doom - Doom Running On A Calculator Powered By Old Potatoes - GoldenEra - Racing the Beam - High Score (TV series) - Microcontroller Courses (Udemy) - The story of Final Fantasy XIV’s renegade do-good modders - Logical fallacies -
In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian. Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git. He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git. Show Notes: Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - rotates its exposed private SSH key (Bleeping Computer) - Conpago - Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - Dynamic Secrets (HashiCorp) - Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - trufflesecurity/trufflehog (GitHub) - gitleaks/gitleaks (GitHub) - Git (Wikipedia) - awslabs/git-secrets (GitHub) -
Download from Google Play
Download from App Store