Digital Forensic News & Events
Bringing investigators digital forensics and cybersecurity related news from around the world. #AllinForensics

 

Live Mac Forensics: Round Out Your On-Scene Triage

Live Mac Forensics: Round Out Your On-Scene Triage

March 2, 2022

When conducting on-scene triage for any type of crime it is essential to be prepared for any devices you may encounter. It is important to pre-plan and try to figure out what type and how many devices you may encounter, but no matter how many times you read the report or conduct pretextual calls your estimate is going to be off. You need to be prepared and have the ability to adapt and overcome.

Read More
How to Have a Digital Forensic Triage Process that Works Field to Lab

How to Have a Digital Forensic Triage Process that Works Field to Lab

August 10, 2021

In this 3-minute "How To" video, you'll learn the benefits of having a digital forensic triage process that works from field to lab. Using ADF digital forensic tools, examiners can prepare field investigators to find digital evidence and intelligence on mobile phones, tablets, computers, and storage devices starting on-scene. 

Read More
macOS Forensics: Live Scan Macs with T2 or M1 chips

macOS Forensics: Live Scan Macs with T2 or M1 chips

May 18, 2021

Investigators can now scan all available Mac computers (including macs with T2 or M1 chips) with all types of encryption and virtual drives by running a remote agent that communicates with the desktop application. Now you can perform digital forensic triage on all Macs including

  • macOS T2 chip
  • macOS M1 chip
  • Mac Fusion Drive
Read More
What is RAM Capture and Why does it Matter?

What is RAM Capture and Why does it Matter?

March 19, 2020

RAM, short for Random Access Memory, is physical hardware that temporarily stores data for quick read and write access. Think of RAM as a scratch pad you use while working; although all the information you need and may refer to is stored in a binder (in this analogy, your hard drive), the information on the scratch pad is what you are using and need right in the moment. With RAM, it is right there for you to access. While RAM helps with the speed and efficiency of the computer, it can all be lost in an instant as it is volatile.

Read More
How to Conduct a Live Forensic Scan of a Windows Computer

How to Conduct a Live Forensic Scan of a Windows Computer

February 22, 2019

Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator.  Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target computer only has one USB port. 

When running a live scan from a Collection Key it is possible to create a RAM dump of the computer. RAM dumps can then be analyzed with appropriate software (e.g. Volatility). 

Read More

Get Your News (once a month)

Posts by Tag

See all

Recent Posts

CustomButton

  • READY TO ACCELERATE YOUR DIGITAL INVESTIGATIONS?

  • Purchase

", css: '', target: '#hs_form_target_module_152512477666343_blog_subscribe_1', formData: { cssClass: 'hs-form stacked' } });