Send us a Text Message.

Join us as we recount our recent travels to Argentina and the Techno Security & Digital Forensics conference. We'll share the highlights of our trips before diving into the core content.

What could possibly go wrong with a feature designed for user convenience? We'll scrutinize Microsoft's controversial "Recall" feature, exploring its significant privacy concerns and implications for digital forensics. From unencrypted data to automatic opt-ins, we speculate on the potential user backlash. We'll also dive into the latest tech updates, including CCL Solutions Group's enhancements to the Rabbit Hole tool and how these advancements can revolutionize data analysis processes.

Discover the capabilities of VFC from MD5 and the latest tools for examining data from platforms like Snapchat and Facebook. We'll introduce new and updated blogs, innovative Python scripts, and the latest additions to the LEAPPS in this packed episode. Stick around for an insightful discussion and a sneak peek at what's coming in future episodes.

Notes-
Rabbit Hole Updates and SQLite Blog/Cheatsheet
https://vimeo.com/948752153
https://www.cclsolutionsgroup.com/post/time-travelling-with-sqlite-journals-and-wal
https://vimeo.com/953570512
https://cdn.prod.website-files.com/5f02f2c93eab87a6ea84e2f3/665ed5e6ec5ef877d9d74dd2_sqlite-journal-cheatsheet.pdf

Copilot+ Recall disaster & Forensic Applications of Microsoft Recall
https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e
https://cybercx.com.au/blog/forensic-applications-of-microsoft-recall/

Rising Star Jeremy McBroom
https://yeahihaveaquestion.com/

Analysis of Browser Artefacts from File Sharing Services
https://us5.campaign-archive.com/?u=a5a2a1131e612711f02b96e2c&id=9555c3f865
https://github.com/cclgroupltd/ccl_chromium_reader

SQLite Freelist Page Checker
https://github.com/SpyderForensics/SQLite_Forensics

Forensics StartMe Page
https://start.me/p/q6mw4Q/forensics?locale=en

Send us a Text Message.

Join us for an engaging session where we'll recap recent events and activities before diving into the latest research, cutting-edge tools, and exciting updates!

Tune in as we explore groundbreaking research conducted by emerging stars in the DFIR community. We'll delve into the testing of data stored in iOS Unified Logs, focusing on driving and motion states—this is sure to be fascinating. Discover the newly documented multi-user/multi-account functionality, such as Samsung's Dual Messenger, uncovered by a newcomer to digital forensics. Stay informed about enhancements and new capabilities for tools like UFADE.

We'll also ponder the implications of significant market acquisitions, such as Thoma Bravo's, and discuss their potential impact on the digital forensics field.

Additionally, learn about Android's innovative anti-theft features designed to thwart device thieves, which will also have implications for forensic investigations.

This episode is packed with insights you won't want to miss!

Notes-
iOS Unified Logs - Driving and Motion States
https://www.ios-unifiedlogs.com/post/ios-unified-logs-driving

Thoma Bravo Announces a Cash Offer to Acquire Cybersecurity Leader Darktrace
https://www.thomabravo.com/press-releases/thoma-bravo-announces-a-cash-offer-to-acquire-cybersecurity-leader-darktrace

Magnet One
https://www.magnetforensics.com/products/magnet-one/

UFADE Updates
https://github.com/prosch88/UFADE/

Android’s Theft Protection Features Keep Your Device and Data Safe
https://blog.google/products/android/android-theft-protection/

CCL Updates
https://github.com/cclgroupltd/ccl-segb

Brian Hempsteads Work on the Session Application
https://www.linkedin.com/posts/bhempstead_a-guide-for-session-app-sqlite-database-navigation-activity-7196877311659446272-zebu

Phil Hagen YouTube Channel
https://www.youtube.com/@PhilHagen

VMware Fusion Pro: Now Available Free for Personal Use
https://blogs.vmware.com/teamfusion/2024/05/fusion-pro-now-available-free-for-personal-use.html
https://unexploredterritory.tech/074-newsflash-vmware-workstation-and-fusion-licensing-changes-did-i-hear-free/

Send us a Text Message.

Live from the International Association of Computer Investigative Specialists (IACIS) with special guest Bill "the phone wizard" Aycock!!


Notes:
Three New SANS Posters
https://www.sans.org/posters/ios-third-party-apps-forensics-reference-guide-poster/
https://www.sans.org/posters/android-third-party-apps-forensics/https://www.sans.org/posters/dfir-advanced-smartphone-forensics/

New Release of Mushy
https://doubleblak.com/app.php?id=Mushy

Blue Crew Forensics
https://bluecrewforensics.com/2022/03/07/ios-app-intents/