Instagram is a very popular social media application that allows its users to interact through uploaded photos, videos, and direct messages/chat threads. Used by 1/3 of mobile phone users in the world according to Pew Research Center, there is a potential for Instagram to be relevant in some digital forensic cases. The following are highlighted findings... Continue Reading →
We are all aware that Digital Forensics, like most other fields, has many misconceptions ingrained in its daily work. The immense separation between the technical knowledge and the general public creates an overwhelming disconnect that I believe should be worked on. With the hopes of closing this separation, here is quick answer to a common... Continue Reading →
Unabridged and vastly underestimated, often is the potentially dense quality of indirect digital forensic data. Sometimes the most prime sources of information lays not within an event's data, but the data that is produced --about-- the data. What is Metadata and why is it important? The shorthand answer: Metadata is informational data/statistics/descriptors of other pieces of... Continue Reading →
Is it alright if my company's IT employees perform initial forensic work so I can save money? Review what the best practice is.
Along my hunt for useful forensic data stored within everyday Windows 10 store applications, I decided to take a look at the popular application "Netflix". Although the locally stored data I found doesn't necessarily have adequate standalone forensic use, some user-action related data does exist. Findings:The Windows 10 store application 'Netflix' can be found under a... Continue Reading →
Can you tell if a USB storage drive was plugged into a specific computer? Data exfiltration --and introduction-- through USB storage devices can be a plausible concern in an overabundance of situations. Whether an employee is leaving your company, new malware found its way onto your system, or you just want to see if any... Continue Reading →
Quick, how do I find all user accounts on a Windows PC and their login count? Sometimes you might need to find what user accounts exist on a system, and other times it could just help narrow down your work. Regardless, it is always beneficial to know as much case background information as... Continue Reading →
If you wanted to build a car from scratch, it would be smart to first know the different components of a car. Why should an investigation involving computers be any different? That is why Digital Forensic Investigators go beyond what the average user can see, and search under "the hood" of the Operating System (OS).... Continue Reading →