Digital Forensics

Digital forensics for large-scale networks

With a new collection of open-source tools and code wrappers, network forensic investigators can capture, selectively analyze and reconstruct files from network traffic. The all-in-one toolkit is free for law enforcement teams in the U.S.

  • By Susan Miller

Digital forensics library for investigators

The online repository supports creating legal policy and procedures around the lawful access to evidence from public and private cloud sources.

  • By Sara Friedman

Hacking your data without touching your network

Cybersecurity researchers show how data can be captured by near-field analysis of electromagnetic leakage.

  • By Patrick Marshall

DHS upgrades ICE forensics lab

The Immigration and Customs Enforcement forensics lab has beefed up its equipment and travel document library to better fight foreign terrorism.

  • By Amanda Ziadeh

‘Textalyzer’ may give police evidence of distracted driving

A bill in New York calls for a device that can field-test electronic devices after an accident for proof of their unlawful use while driving.

  • By Derek Major

In-Q-Tel invests in digital forensics firm

The deal with Magnetic Forensics will expand the capabilities of the company’s existing products for use by In-Q-Tel partners.

DARPA wants better detection of doctored images

The Defense Advanced Research Projects Agency Media Forensics program aims to build better tools for identifying image manipulation.

  • By Mark Pomerleau

Plan for the next breach with incident response forensics

In order to prevent system failure, minimize the loss and prevent the next breach, agencies need an incident response plan that includes forensic investigation.

  • By Lou Magnotti

4 crime scene mistakes that can sink a cyberforensic investigation

Detectives and information security professionals can learn not only from each other’s best practices, but also from tactics each follow to ensure they are avoiding common mistakes.

  • By Jayne Friedland Holland

Forensic software extracts iPhone data – even with iOS 8 encryption

Apple's latest security improvements in iOS 8 make iCloud backup acquisition the only way for criminal investigators to access the suspect's smartphone data.

  • By GCN Staff

Incident response requires forensics and storage

The growing window between compromise and discovery on networks puts a premium on forensics, and this requires effective storage of large volumes of data.

  • By William Jackson

Network forensics enhances Army NIE

An Army network forensics team made a positive impact on network troubleshooting, reliability and network protection at the latest Network Integration Evaluation field evaluation.

  • By GCN Staff

Mobile forensics tools hammer out evidence

Proprietary and open source forensic tools are helping law enforcement extract evidence from mobile devices and even recover data that has been deleted.

  • By William Jackson

Can digital forensics keep up with smartphone tech?

Smartphones provide a wealth of evidence for forensics investigators, but the escalating number and variety of mobile devices coupled with a growing case backlog has put digital forensics development to the test.

  • By William Jackson
Featured eBooks

Insider threats add pressure for real-time fixes to workforce risks

The Snowden and Wikileaks affairs, as well as potential threats from other insiders, has ratcheted up the urgency for a near-real-time analytic approach to government insider workforce risks.

  • By Brian Robinson

Forensics tool makes sure investigators don't come up empty

CyanLine's Fast Disk Acquisition System gives forensics teams a real-time preview of what's on a drive, including whether it's set to prevent copying.

  • By Kevin McCaney

Tech, tactics behind CitiWatch’s large-scale video surveillance system

A video surveillance system that combines thousands of cameras requires more than technology to be effective.

  • By William Jackson

Force multiplier: PSIM leverages video surveillance networks in Baltimore

With thousands of cameras providing round-the-clock surveillance of Baltimore, the CitiWatch surveillance program turned to a video analysis platform from VidSys to help make sense of all of the data.

  • By William Jackson

DHS mulls changes to CyberFETCH registration

The department is seeking feedback on the forms it uses to validate participants in its repository of cyber forensic tools and best practices.

  • By Kathleen Hickey

Reverse engineering reveals inner workings of Comfoo Trojan

Researchers at Dell SecureWorks were able to monitor the command and control system of the persistent RAT, which was used in the 2010 RSA breach that also compromised DOD contractors and is still in wide use.

  • By William Jackson

The trick to detecting Poison Ivy RAT and other stealthy malware

Although malware can evade signatures and other filters, its code leaves telltale tracks that can be discovered through traffic analysis, analysts show in FOSE demonstration.

  • By William Jackson