WhatsApp in Plain Sight: Forensic Artifacts [group-ib]
If you are keen to know what kinds of forensic WhatsApp artifacts exist in different operating systems and where exactly they can be found, you have come to the right place. This post is focused on WhatsApp forensics and what data can be obtained from a device during forensic analysis....
Read more
WHAT IS FACIAL RECOGNITION [oxygen-forensic]
Facial recognition systems are bio-metric technologies capable of identifying or verifying a person from a digital image or a video frame from a video source. Facial recognition can identify a person by analyzing patterns based on the person’s facial textures and shape. Facial recognition is said to be started in the...
Read more
Extracting And Analyzing Messenger Data With Oxygen Forensic [forensicfocus]
It‘s a great pleasure to share my experience of working with Oxygen Forensic Detective, which was a crucial tool in solving one of my cases. A father of a minor girl contacted me, worried his daughter was in suspicious society and probably had been consuming marijuana. His wife accidentally found...
Read more
Copying v Dragging a file to an OS X Disk Image [source: ThinkDFIR]
Had a need to do some quick testing on different operations on OS X 10.10.5 (Yosemite) and thought I’d share. Created a new disk image, and then copied an existing file into it. Then created a new file, and dragged that into the disk image. Here is what we may...
Read more
Apple iPhone “Significant Locations” [source: prodigital4n6]
Where & What Are “Significant Locations” The first step is to identify where and what “Significant Locations” are. The artifact is available to view on the device at Settings>Privacy>Location Services>System Services>Significant Locations. If location services are turned OFF, the significant locations data will not be logged and therefore unavailable. ...
Read more
DATA RECOVERY AFTER RANSOMWARE THAT ENCRYPTS FILES [source: digitalforensics]
The problem of data recovery after ransomware that encrypts files has increased, with more and more cases recently. Help in these cases is not a trivial task. Let’s consider some sides of this problem. Ransomware usually encrypts the most-used data such as photos, videos, office files, databases, etс. Ransomwares can...
Read more
