Digital Forensics Now

• The Iceberg of Digital Evidence: What AI Can't See

  Send us a textThe boundary between tool-dependent analysis and true forensic expertise grows increasingly blurred as AI enters the digital forensics landscape. Alexis Brignoni and Heather Charpentier reunite after a month-long hiatus to sound the alarm on a concerning trend: the integration of generative AI into forensic tools without adequate safeguards for verification and validation.Drawing from Stacey Eldridge's firsthand experience, they reveal how AI outputs can be dangerously inconsistent, potentially creating false positives (or missing critical evidence) while providing no reduction in examination time if proper verification procedures are followed. This presents investigators with a troubling choice: trust AI results and save time but risk severe legal and professional consequences, or verify everything and negate the promised efficiency benefits. The hosts warn that as AI becomes ubiquitous in forensic tools, it dramatically expands the attack surface for challenging evidence in court—especially when there's no traceability of AI prompts, responses, or error rates.Beyond the AI discussion, the episode delivers practical insights for investigators, including an in-depth look at the Android gallery trash functionality. When users delete photos, these files remain in a dedicated trash directory for 30 days with their original paths and deletion timestamps fully preserved in the local DB database—a forensic goldmine for cases where suspects attempt to eliminate evidence shortly before investigators arrive. Other highlights include recent updates to the Unfurl tool for URL analysis, Parse SMS for recovering edited and unsent iOS messages, and Josh Hickman's research on Apple CarPlay forensics.Whether you're investigating distracted driving cases, analyzing group calls on iOS, or simply trying to navigate the increasingly complex digital evidence landscape, this episode offers both cautionary wisdom and practical techniques to enhance your forensic capabilities. Join the conversation as we explore what it truly means to be a digital forensic expert in an age of increasing automation.Ready to strengthen your digital investigation skills? Subscribe now for more insights from the front lines of digital forensics.Notes:Magnet Virtual Summit Presentationshttps://www.magnetforensics.com/magnet-virtual-summit-2025-replays/https://www.stark4n6.com/2025/03/magnet-virtual-summit-2025-ctf-android.htmlparse_smsdbhttps://www.linkedin.com/posts/alberthui_ios-16-allows-for-imessagesmsmmsrcs-message-activity-7279586088988413952-xHWlhttps://github.com/h4x0r/parse_sms.db/tree/mainAre you a DF/IR Expert Witness or Just a Useful Pawn?https://www.linkedin.com/posts/dfir-training_a-pawn-moves-where-its-told-a-dfir-expert-activity-7292981112463572992-c3wd/Unfurlhttps://dfir.blog/unfurl-parses-obfuscated-ip-addresses/https://github.com/obsidianforensics/unfurlAI to Summarize Chat Logs and Audio from Seized Mobile Phoneshttps://www.404media.co/cellebrite-is-using-ai-to-summarize-chat-logs-and-audio-from-seized-mobile-phones/Ridin' With Apple CarPlay 2https://thebinaryhick.blog/2025/02/19/ridin-with-apple-carplay-2/Hello Who is on the Line?https://metadataperspective.com/2025/02/05/hello-who-is-on-the-line/

  --------  

  1:06:51
• Mind Matters: Navigating DFIR with Balance

  Send us a textGet ready for a hands-on look at digital forensics and the challenges professionals tackle every day. We share a story about forensic guessing that highlights the importance of testing assumptions and following the evidence to avoid errors. The discussion emphasizes how staying grounded in facts can prevent investigations from going off track.We also highlight advancements in forensic tools and training. Learn about tools like Belkasoft, the UFADE tool for iOS device extraction, and SQBite for SQLite database analysis. These tools are improving efficiency and accessibility in the field. But it’s not all about the tech. We address the important topic of mental health in digital forensics. We discuss the pressures of the job, strategies for managing stress, and the importance of supporting one another. Personal experiences and practical tips highlight the need to prioritize mental well-being in this demanding field.This episode provides valuable information on tools, investigative approaches, and mental health strategies for forensic professionals. Notes:Belkasoft Windows Forensics Coursehttps://belkasoft.com/windows-forensics-trainingUpdates to UFADEhttps://github.com/prosch88/UFADE/releasesThe Duck Hunter's Bloghttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-1.htmlhttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-2.htmlhttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-3.htmlSQBitehttps://digital4n6withdamien.blogspot.com/2025/01/introducing-sqbite-alpha-python-tool.htmlhttps://github.com/SpyderForensics/SQLite_Forensics/tree/main/SQBiteMental Health in DFIRhttps://thebinaryhick.blog/2019/06/21/mental-health-in-dfir-its-kind-of-a-big-deal/https://www.forensicfocus.com/podcast/the-impact-of-traumatic-material-on-dfir-well-being/https://www.forensicfocus.com/news/dfir-and-mental-health-are-we-doing-enough-to-protect-investigators/https://www.sciencedirect.com/science/article/pii/S2666281721000251https://belkasoft.com/preventing-burnout-in-digital-forensicshttps://www.magnetforensics.com/resources/taking-care-of-mental-health-during-digital-forensics-investigations/https://www.harmlessthepodcast.com/https://www.shiftwellness.org/about-ushttps://www.nyleap.org/What's New with the LEAPPShttps://github.com/abrignoni

  --------  

  1:03:25
• New Year, New Discoveries: Diving into Digital Forensics!

  Send us a textKick off your new year with some forensic fun as we recount our holiday escapades and dive into the latest in digital forensics! Ever wondered how RAM dumps from Android devices can reveal crucial data? We spotlight MSAB's innovative RAMalyzer tool and their new blog series covering RAM from mobile devices. Discover how the digital forensics community is collaborating to propel the field forward, as we share insights from the DF Pulse 2024 Digital Forensic Practitioner Survey and the delicate dance between competition and cooperation. Standardization is the name of the game, and we're exploring how the field of digital forensics can benefit from it. Updates to Magnet Axiom's date range capabilities showcase the ceaseless evolution of digital forensics tools. Journey with us as we tackle the intricacies of Bluetooth tracker detection, all while considering the dual nature of technology and the significance of using it responsibly.From exploring Richard Davis's work with 13 Cubed to discussing Yogesh Khatri's contribution to analyzing the USN Journal, we shine a light on the vital role of principles in our field. With warm wishes for the new year, we invite you to stay tuned for more episodes brimming with insights and camaraderie.Notes:MSAB RAMalyzer series!https://msab.com/resources/blog/Paraben Forensic Innovation Conferencehttps://link.reachpenguin.com/widget/form/99kVMTgaA0mbpZvYLTjGTip Tuesday: Troubleshooting in PAhttps://www.youtube.com/watch?v=eSNovfdwucw&list=PLwmKlEiYNUYte-pnlbw45YKpPB7K8xCgC&index=1DFPulse: The 2024 digital forensic practitioner surveyhttps://www.sciencedirect.com/science/article/pii/S2666281724001719Magnet Axiom Cyber 8.7: Acquire iCloud backups from ADP-enabled accounts, and more!https://www.magnetforensics.com/blog/magnet-axiom-cyber-8-7-icloud-adp-and-more/Android Will Let You Find Unknown Bluetooth Trackers Instead of Just Warning You About Themhttps://www.engadget.com/mobile/smartphones/android-will-let-you-find-unknown-bluetooth-trackers-instead-of-just-warning-you-about-them-204707655.htmlBe Kind, Rewind... The USN Journalhttps://youtu.be/GDc8TbWiQio?feature=sharedApple Photos phones home on iOS 18 and macOS 15https://lapcatsoftware.com/articles/2024/12/3.htmlSWGDE Considerations for Required Minimization of Digital Evidence Seizureswgde.org/16-f-002/

  --------  

  1:16:29
• The Gift of Expertise: Why Forensics Matter in the Courtroom

  Send us a textJoin us for a holiday-themed episode of Digital Forensics Now, where we blend expert insights with personal stories from the field of digital forensics.This episode delves into cutting-edge tools and techniques for digital forensics. Explore insights from Arsenal on advanced methods for analyzing swap space and memory files. We also share experiences with the Samsung Secure Health Data Parser, highlighting the challenges of decrypting health databases and the critical role of UFED in overcoming them. Don’t miss an in-depth look at the remarkable features of ArtEX, showcasing its value to examiners. Additionally, we introduce the LEAPPS Artifact Viewer App (LAVA), a groundbreaking tool unveiled at the Cyber Social Hub conference. We discuss the vital role of forensic experts in legal proceedings, from the importance of meticulous validation to the risks of mishandling evidence. Real-world cases and a controversial court rulings that highlight why expert testimony remains essential in interpreting digital artifacts.We close with gratitude to our listeners and warm holiday wishes. Stay tuned on social media for updates on our next live session after the holidays.Notes:Working with 010 Hex-Editor https://www.youtube.com/playlist?list=PLCS2zI95IiNwheFCTaUEytA1GT0mNOOdn Arsenal Releases a New Tool! https://arsenalrecon.com/additional-products Samsung Secure Health Data Parser - A Forensic Tool for Parsing & Analyzing Samsung Secure Health Databases https://github.com/breakpointforensics/Samsung-Secure-Health-Data-Parser-/tree/main ArtEx Artifact Examiner <br>https://www.doubleblak.com/app.php?id=ArtEx2 Why the Manual Preview/Screenshots May Not Hold Up in Court https://www.forbes.com/sites/larsdaniel/2024/11/13/think-that-screenshot-is-proof-heres-why-it-might-not-hold-up-in-court/  https://www.forbes.com/sites/larsdaniel/2024/12/06/smartphone-forensics-and-fake-texts-how-are-courts-responding/ What's New with the LEAPPS!? Google Keep Notes <br>https://charpy4n6.blogspot.com/2024/12/google-keep-notes.html Signup for Updates! leapps.org 

  --------  

  1:19:31
• BFU Data, Forensic Tools, and the Future of Digital Investigations

  Send us a textThe latest episode of Digital Forensics Now kicks off with lighthearted banter about Heather's newfound fame in commercials, bringing a fun and relatable start to a tech-heavy discussion. Following the laughs, the conversation shifts to an invigorating recap of Alexis' recent experience at SANS DFIRCON, featuring interactions with digital forensics luminaries like Brian Maloney and Ian Whiffin. Ian's ArtEx tool, which cleverly maps locations for forensic investigations, also takes center stage as a highlight of the conference. The episode weaves in personal reflections, including a scenic family train ride from Orlando to Miami and the implementation of a Python artifact exercise during a teaching session.The journey continues with a vibrant detour to the Tanganyika Wildlife Park in Kansas, where the usual birthday horseback riding tradition was replaced with unforgettable encounters like swimming with penguins, feeding giraffes, and snapping selfies with lemurs. These charming moments with nature set a refreshing tone before diving back into the tech world.In the realm of digital forensics, the episode explores reverse engineering iOS 18, discusses the brief availability of BitLocker support in FTK Imager, and examines the evolving landscape of BFU (Before First Unlock) data extraction in law enforcement. The hosts delve deep into the complexities of digital forensics tools, translating technical data structures into accessible insights while emphasizing the importance of a strong digital evidence strategy. Topics include advancements in the LEAPP Parsers, the innovative Lava Viewer, and the latest developments in Blue Sky data structures, offering a comprehensive look at the tools shaping the field.The episode wraps up with an open invitation for listeners to connect on social platforms, share their thoughts, and showcase innovative projects within the community, fostering a collaborative and forward-thinking space for digital forensics enthusiasts.NotesiOS Devices Rebooting Continuedhttps://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.htmlSamsung Secure Health Data Parser https://breakpointforensics.com/2024/11/06/samsung-secure-health-data-parser-a-forensic-tool-for-parsing-analyzing-samsung-secure-health-databases/https://github.com/breakpointforensics/Samsung-Secure-Health-Data-Parser-/tree/mainMobile Forensics Data Structures: Extracting and Analyzing Data with Free Toolshttps://www.hexordia.com/blog/mobile-forensics-data-structuresGAMEPLANS: A template for robust digital evidence strategy developmenthttps://onlinelibrary.wiley.com/doi/10.1111/1556-4029.15655Digital Evidence Enhancing public safety using digital investigative technologieshttps://majorcitieschiefs.com/wp-content/uploads/2024/10/MCCA-Digital-Evidence-White-Paper-_-Oct-2024.pdfImportance of BFU Partial Filesystem Extractions!https://www.linkedin.com/posts/1carl-lawrence_dfir-polcing-digitalforensics-activity-7264179600631468034-FHGhSumuri Gives Back 2024https://sumuri.com/sumuri-gives-back-2024/

  --------  

  1:17:52

Flere Teknologi podcasts

Trendige Teknologi podcasts

Om Digital Forensics Now