Full Memory Crash Dumps vs. Raw Dumps: Which Is Best for Memory Analysis for Incident Response ?
Matt Suiche talks about full memory crash dumps vs. raw dumps how they measure up for memory analysis during incident response investigations.
Content Industry: Federal Agencies
S1:E2 // The meaning of messages
In this Mobile Unpacked with Chris Vance webinar, Chris will focus on the Messages app on iOS and its storage components. With Apple’s notable presence in the mobile market in North America, the core Messages app is one forensic examiners are exposed to frequently. With so many additional features beyond just sending and receiving messages, … Continued
Tips & Tricks // Acquiring WhatsApp Data: There’s More Than One Way to Get the Data
Join Kim Bradley, forensic consultant, as she shows you how to acquire data from WhatsApp using different methods while exploring different avenues for acquisition, such as from cloud sources, mobile devices, and workstations.
S1:E1 // Rethinking mobile forensics
In this first webinar in our Mobile Unpacked With Chris Vance series, Chris will address some of the main challenges that examiners are faced with in mobile forensics, as well as lay out a new way of addressing these challenges. He will also cover what can (and cannot) be extracted from each typical protocol used … Continued
S1:E3 // Missing data? Build back better with biomes!
Did some of your favorite data go missing in iOS 16? Events missing from your timeline? With iOS 16’s deeper adoption of the biome directory and the ‘SEGB’ file format found within, much of this information has found a new home. This Mobile Unpacked with Chris Vance episode will more deeply explore the SEGB file … Continued
Overcoming challenges in video authentication for law enforcement
Public evidence submission portals are a game changer for frontline police officers and investigators. Officers and detectives no longer need to deal with the challenge of obtaining individual video files from cellphones or other digital devices, only to face the additional challenges of storing and sharing video evidence. Citizens can now receive a link from … Continued
Free Digital Forensics Tools Every Investigator Needs
Magnet Forensics offers a variety of free digital forensics tools designed to assist in many aspects of digital forensics and incident response (DFIR).
Researching FORCEDENTRY: Detecting the Exploit With No Samples
Earlier this month, I reached out to my friend Valentina and told her I wanted to learn about macOS/iOS exploitation, so she recommended taking a look at the CVE-2021-30860 vulnerability, also known as FORCEDENTRY, and the prior work her friend Jeffrey Hofmann posted on Twitter.
Comparing Magnet AXIOM Performance Speeds Through the Ages
How large was the last case you worked and how much data were you dealing with? I get a bit sentimental thinking back to some of the earlier days of my digital forensics casework. The good old days when a normal case consisted of a single desktop computer with maybe a few gigabytes of storage capacity—on the high end.
The Top 10 Updates to Magnet AXIOM Cyber in 2022
Picking our favorite updates to Magnet AXIOM Cyber in 2022 was no mean feat. From the inclusion of scanning with YARA rules to spot the latest malware, to Email Explorer for easy browsing of email evidence, AXIOM Cyber in 2022 got some major upgrades. While there are too many new features to fit in one post, here are ten great new AXIOM Cyber features from the past 12 months, in no particular order.