Security News

Schroader talks about the impact of exponential data growth on forensic practices, the role of AI in optimizing investigations, and emphasizes the need for professionals to adapt to the changing dynamics of digital investigations, along with cross-education in related fields. With the exponential growth in data volume, how do digital forensic experts manage and analyze large datasets effectively?

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition.

DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties.

Mobile Verification Toolkit is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. MVT supports using public indicators of compromise to scan mobile devices for potential traces of targeting or infection by known spyware campaigns.

Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct precise and rapid collection of digital forensic data across multiple endpoints simultaneously.

In this detailed article about academic plagiarism are some interesting details about how to do data forensics on Excel files. It really needs the graphics to understand, so see the description at the link.

Attackers can exfiltrate company data stored in Google Cloud Platform storage buckets without leaving obvious forensic traces of the malicious activity in GCP's storage access logs, Mitiga researchers have discovered. "In normal usage, files inside storage objects are read multiple times a day as part of day-to-day activity of the organization," Mitiga cloud incident responder Veronica Marinov noted.

Digital forensics is growing while being more tied with incident response, according to the latest State of Enterprise Digital Forensics and Incident Response survey from Magnet Forensics. Digital forensics increasingly involved with incident response.

Digital forensics is used to find, examine and analyze digital evidence that can serve in criminal investigations, but also in incident response, investigations of data breaches, to unearth insider threats, etc. Colm Gallagher, Forensics Director, CommSec Communications & Security, talks about the factors that make digital forensics more difficult for law enforcement and industry, and offers advice and lays out practical measures that can increase forensic readiness for all.

A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT environment to be investigated after an attack. Now it is available on GitHub to the security community as open source software to help advance and accelerate forensic data collection and analysis.