Forensic Blogs

An aggregator for digital forensics blogs

by

Industry Experience at Opentext Conference

Introduction

This summer, I spent a few days next to a pool in warm, beautiful Las Vegas. But I didn’t spend that time thawing out from the Vermont winter. The LCDI was able to send myself and other students to Enfuse 2018. We were granted the opportunity to experience a conference, network with industry professionals, and attend some of the 100+ sessions that took place over the four days.The sessions gave us the opportunity to learn new things, from finding specific types of forensic artifacts to lessons from the field.

Order in Chaos: How Not to Lose Your Head When Your Hair is on Fire

Bad days suck. You know, the days where everything that can go wrong seems to go wrong? Well, in the world of information security, a lot of time and money is spent planning around what can go wrong, and trying to minimize that damage. At Enfuse, I was able to attend a session called “Order in Chaos: How Not to Lose Your Head When Your Hair is on Fire”, presented by Rafal Los, host of the podcast Down The Security Rabbithole. This session talked about the days where things went wrong for Los, and the lessons that the rest of us can learn from other people’s mistakes. Ros highlighted the importance of media communication during an incident and how a reliance on technology, which may not be available during an incident, can pose potential problems.

Conclusion

Enfuse 2018 was a fantastic experience and I’m so grateful to have had the opportunity to attend. I was able to meet new and knowledgeable people, as well as learn new things from the sessions I attended.

To learn more about the LCDI, take a look at our Facebook and Twitter pages or send an email to lcdi@champlain.edu!

The post Industry Experience at Opentext Conference appeared first on The Leahy Center for Digital Investigation.

by

Digital Forensics and Macintosh

Introduction

This past May, I had the honor of representing Champlain College at Enfuse 2018 in Las Vegas, Nevada. Enfuse is an annual conference that presents a variety of seminars and labs to showcase concepts and information in categories such as eDiscovery, IoT forensics, incident response, and data governance, to name a few.

 

Macintosh Examinations Review

The session I most enjoyed was Macintosh Examinations. This session was orchestrated by OpenText Training Instructor and Curriculum Developer, Simon Key. Key’s session focused on document artifacts and examination techniques, especially those not typically used by examiners.  He provided us with EnScripts to view Plist files and SQLite database files, which allowed us to apply the concepts learned in the session to a sample investigation using EnCase. Forensic tools traditionally have a focus on Windows environments, therefore additional work is necessary in a Mac examination. Simon conducted one of those classes that appealed to a broad audience across all skill levels. He reminded us that forensics is not always turn key; there may be additional work required, specifically when tasked with investigating a Mac environment. Simon also reminded us not to be afraid to investigate in untraditional places in addition to more common ones. I found Key’s material to be very informative and applicable to future investigations.

 

Conclusion

EnFuse is such an amazing conference, I was able to attend multiple classes all in different areas of focus! Not to mention extensive networking with new and familiar faces. EnFuse is more than a “tech” conference; it’s truly an experience all professionals should take part in at some point in their careers. I thank OpenText  and Champlain College for providing me with the opportunity to attend once again.I hope I can have more experiences like this in the coming year!

 

To learn more about the LCDI, take a look at our Facebook and Twitter pages or send an email to lcdi@champlain.edu!

The post Digital Forensics and Macintosh appeared first on The Leahy Center for Digital Investigation.

by

Smartphones: The Nexus of Evidentiary Data from Social Media to IoT

Introduction

As a first year cybersecurity student, my application to the OpenText Enfuse conference felt like a long shot. Additionally, seeing how I am a cybersecurity major and the conference is mainly focused on digital forensics, I wasn’t sure how much of the content I would be able to understand. Despite this, I was selected and feel that I learned a significant amount of new information. The session that was most informative to me was “Smartphones: The Nexus of Evidentiary Data from Social Media to IoT” given by Amber Schroader.

 

 

Amber Schroader

Smartphones and Social Media

Amber Schroader is the President, CEO and Founder of the Parabon Corporation, a leading company in the field of forensics for mobile devices, smartphones, computers, email, gaming systems ,and the cloud. Despite her vast experience in a variety of forensic technology, her Enfuse talk focused solely on smartphones. She began the session by laying out three topics she intended to cover. The first: the hurdles of smartphone forensics. The second: the location of valuable data. The third: how smartphones interact with IoT Her presentation was engaging, at times humorous, and heavily aided by actual data she took from her children’s phones. This included logs of Tinder conversations and other text messaging apps. All in all, for a talk on a somewhat complex process, I felt I was able to understand most of the information despite my lack of experience.

 

Conclusion

Enfuse was a great experience for me. I was able to meet and network with many industry professionals and I believe I learned a significant amount and gained a better understanding of what digital forensics really is.

To learn more about the LCDI take a look at our Facebook or Twitter pages or send an email to lcdi@champlain.edu.

 

The post Smartphones: The Nexus of Evidentiary Data from Social Media to IoT appeared first on The Leahy Center for Digital Investigation.