Build New Skills while Rubbing Shoulders with the Industry’s Brightest at CEIC 2015
This year when the best minds in security and digital forensics converge at CEIC May 18-21, 2015, you have an unprecedented opportunity to gaining skills and knowledge on real solutions to your biggest data-related challenges, as well as to collaborate with like-minded professionals who bring to CEIC plenty of war stories not unlike your own.
We’re excited to feature this year’s “EnCase in Action” conference track in today’s blog. We worked hard to pack it with sessions that will put real-world context around some of the EnCase capabilities you've heard so much about.
AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime
Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower those working to protect our communities from cybercriminals with its dynamic malware analysis and threat intelligence platform.
Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics/digital investigation capabilities. Malware analysis is also a critical part of digital investigation: to prove or disprove a "Trojan defense" for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.
Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics/digital investigation capabilities. Malware analysis is also a critical part of digital investigation: to prove or disprove a "Trojan defense" for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.
EnScript and .NET: Debugging in Visual Studio
I have been working on a few projects lately using C# and integrating it with EnScript code, and of course I run into problems in my code. Sometimes the problem is in the EnScript code, but other times it is in the C# code. To be honest, it is more often in the C# code since I have spent less time in that language than EnScript. Especially in the context of making a DLL to interface with EnScript.
If you have been reading this so far while thinking any of the following “What? C# and EnScript? When did this happen?” Check out this one for a little intro. My goal in this post is to show you how to debug your C# code while EnScript is calling it. Yes! You can do that!
If you have been reading this so far while thinking any of the following “What? C# and EnScript? When did this happen?” Check out this one for a little intro. My goal in this post is to show you how to debug your C# code while EnScript is calling it. Yes! You can do that!
- Posted by: James Habben
- On: 3/04/2015
- No comments
- Categories: .NET , Automation , EnCase App Central , EnScript , Integration
Using EnCase with the Latest Release of Belkasoft Evidence Center
Belkasoft has just updated its digital forensics suite, Belkasoft Evidence Center, making the tool a true, all-in-one forensic solution. When seamlessly integrated with EnCase, the two tools can cover nearly every digital forensic need. Belkasoft Evidence Center helps you jump-start investigations by automatically discovering evidence gathered from many different sources.
In its biggest update in two years, Belkasoft has done more than learn a few new tricks. It now extracts and analyzes evidence from pretty much any data source you can imagine. Hard drives and drive images with Windows, Linux, Ubuntu, and many other operating systems; smartphone backups in all popular formats; UFED images and chip-off dumps; live memory dumps; and many virtual machines can be scanned for available evidence. This major update turns Belkasoft Evidence Center into a true, all-in-one digital forensic tool.
We added several new modules to bring about these changes.
Firefox Cache2 Storage Breakdown
Mozilla introduced a new format of storage ** ** for the Firefox browser in version 27. It was defaulted off until recently in version 32, when it was turned on. Mozilla claims in its recent statements that cache2 is more efficient to speed up the browser.
Here is a good write-up about the previous version of cache in case you encounter it. Pretty much every forensic tool supports it—which brings me to my next point.
Here is a good write-up about the previous version of cache in case you encounter it. Pretty much every forensic tool supports it—which brings me to my next point.