This is the fourth blog post in a series of five about recovering Business Applications & OS Artifacts for your digital forensics investigations. What are prefetch files? Prefetch files are great artifacts for forensic investigators trying to analyze applications that have been run on a system. Windows creates a prefetch file when an application is … Continued
This is the third blog post in a series of five about recovering Business Applications & OS Artifacts for your digital forensics investigations. What are LNK files? LNK files are a relatively simple but valuable artifact for the forensics investigator. Shortcut files link to an application or file commonly found on a user’s desktop or … Continued
Beginning with iOS 18, Apple has added an inactivity reboot timer into the operating system that is tied only to the device’s lock state. This means that when the device has been locked for a period of three days (72 hours), the device reboots. Sounds simple, right? Well, it’s not quite so simple for the … Continued
Windows Recycle Bin in Digital Forensics The Windows Recycle Bin, a seemingly simple feature, has undergone significant changes across different versions of the Windows operating system. This artifact is not just a virtual trash can but a critical element in digital forensic investigations. Understanding its evolution and functionality can provide valuable insights into user activity … Continued
While digital evidence is commonly linked to crimes like child exploitation, violent offenses, and cybercrimes, its significance extends to almost every crime, including understanding the complexities of vehicle accidents. A traditional vehicle accident investigation focuses on reconstructing the physical scene and Magnet Axiom adds a crucial new dimension: the digital traffic crash scene. Consider the … Continued
Magnet Axiom 8.4 is now available, delivering feature and functionality improvements that will help you work as efficiently as possible, including: You can upgrade within Axiom or over at the Customer Portal. If you’re looking to try Axiom, you can request a free trial here. Artifact reference in Portable Case There have been a number … Continued
In this series, Chad Gish, CID/SISU Detective, Metropolitan Nashville Police Department shares some noteworthy cases in his extensive career where tools like Magnet Axiom were able to help close a difficult case. The importance of acquiring cloud and social media data in criminal investigations cannot be overstated. Sometimes there can be crucial information found that … Continued
Digital forensics tools have improved a lot in the past several years. With these advances, the digital forensics community now has many tool options for each phase of an investigation.
Geolocation data has become an indispensable tool in criminal investigations, offering unparalleled insights into the movements and whereabouts of mobile devices. This technological advancement provides law enforcement with the ability to reconstruct crime scenes, establish timelines, and verify alibis with a level of precision that was previously unattainable. The forensic examination of mobile digital devices … Continued
In this series, Chad Gish, CID/SISU Detective, Metropolitan Nashville Police Department will delve into some noteworthy cases in his 26-year career, focusing on investigations that were either completely solved or significantly aided by a critical piece of evidence—what he calls “that one artifact.” Digital evidence possesses the remarkable ability to accelerate investigations and frequently establishes … Continued
Notifications
