Forensic Focus

Si and Desi recap the European Interdisciplinary Cybersecurity Conference (EICC) 2023, which hosted a range of talks and discussions on fields related to cybersecurity. Si highlights some of the talks he found most interesting, including those on the following topics: Research conducted at the University of Kent on the prevalence of child sexual abuse material (CSAM) in the DarkWeb, including differences between English- and Chinese-language marketplaces Tracking vehicles and anonymising personal data in a way that still allows useful statistical analysis Conversion of malware binaries into visual images, allowing for the detection of malware families and programs by visual analysis Detecting device fingerprinting on iOS with API function hooking Age classification from images, including potential challenges, theoretical uses and current accuracy levels Machine learning and cybersecurity The duo also discuss what's coming next on the Forensic Focus podcast. Show Notes: European Interdisciplinary Cybersecurity Conference: https://www.fvv.um.si/eicc2023/ Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference: https://dl.acm.org/doi/proceedings/10.1145/3590777 Conference program: https://www.fvv.um.si/eicc2023/static/docs/EICC2023_program.pdf Improving file-level fuzzy hashes for malware variant classification: https://www.sciencedirect.com/science/article/pii/S1742287619300283

Si and Desi talk to Ryan Parthemore, Product Evangelist at Cellebrite, and Robert Fried, Senior Vice President and Global Head of Forensics Investigations at Sandline Solutions. They discuss best practices and compliance frameworks to ensure the admissibility of digital evidence at trial. They highlight the foundational principles of repeatability, reproducibility, and justifiability in the field of digital forensics. Drawing on their own real-life experiences, they emphasize the importance of defensible investigations and illustrate how proper methodologies can protect the chain of custody and ensure the reliability of the digital evidence.

Si and Desi talk to Monica Harris, Project Business Manager at Cellebrite, about current eDiscovery challenges. They cover some of the reoccurring pain points customers experience during the integration stage, the difficulties of collecting mobile data for investigations, and the development of legal holds and how they influence digital forensic cases. This episode also touches on the role of machine learning in eDiscovery and how large amounts of data can be reformatted for the review stage of a case.

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices. Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity. Show Notes: 100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days... Domestika - https://www.domestika.org/en MIT OpenCourseWare - https://www.youtube.com/@mitocw MasterClass - https://www.masterclass.com/ Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspb... Flipper Discord - https://discord.com/invite/flipper Flipper Zero - https://flipperzero.one/ This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/scie... Here's a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21... Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-g... Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-... GoldenEra - https://www.imdb.com/title/tt11753760/ Racing the Beam - https://en.wikipedia.org/wiki/Racing_... High Score (TV series) - https://en.wikipedia.org/wiki/High_Sc...) Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcont... The story of Final Fantasy XIV's renegade do-good modders - https://www.pcgamesn.com/final-fantas... Logical fallacies - https://yourlogicalfallacyis.com/

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian. Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that's helped by the setup of GitHub and Git. He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git. Show Notes: Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-a... GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news... Conpago - https://www.conpago.com.au/ Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security... Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsaye... Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology... Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault... Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-c... trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/tr... gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks Git (Wikipedia) - https://en.wikipedia.org/wiki/Git awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets

In this episode of the Forensic Focus podcast, Si and Desi are joined by Marco Fontani from Amped Software. Together, they delve into the world of digital image forensics and discuss the use of Amped Authenticate. Amped Authenticate can be used to uncover the processing history of a digital image, helping to determine whether it can be used as reliable evidence in a court of law. Today's episode looks at the challenges involved in analysing pictures downloaded from the web or social media platforms, the impact of AI-based processing during capture on modern smartphones, and Authenticate's ability to assist with triage, allowing investigators to quickly filter through large amounts of data to find relevant evidence. Show Notes: Amped Authenticate (Amped Software) - https://ampedsoftware.com/authenticate Samsung's Moon Shots Force Us to Ask How Much AI Is Too Much (WIRED) - https://www.wired.co.uk/article/samsu... A Leak in PRNU Based Source Identification—Questioning Fingerprint Uniqueness (IEEE Xplore) - https://ieeexplore.ieee.org/abstract/... Is PRNU Camera Identification Still Reliable? Tests on Modern Smartphones Show We May Need a New Strategy! (Amped Software) - https://blog.ampedsoftware.com/2020/0... Dealing with Deepfakes (Amped Software) - https://blog.ampedsoftware.com/2021/0... NVIDIA Broadcast 1.4 Adds Eye Contact and Vignette Effects With Virtual Background Enhancements (GeForce) - https://www.nvidia.com/en-us/geforce/... The Face Deepfake Detection Challenge (MDPI) - https://www.mdpi.com/2313-433X/8/10/263

In this episode of the Forensic Focus podcast, Si and Desi recap the 18th International Conference on Cyber Warfare and Security (ICCWS). Desi shares his top picks of the best talks, which explore a range of topics, from forensic investigations on Github breaches and blockchain forensics to deepfake technology and network forensics on submarines. They also take a look at LockBit ransomware investigations and examine whether or not there has been a resurgence in 'script kiddies'. Show Notes: ICCWS 2024 program: https://docs.google.com/spreadsheets/d/1u_ajyuxeZ5Hi-989nw50KxI5tTMnKPylhg47fVTp9pk ICCWS 2023 papers (including book): https://papers.academic-conferences.org/index.php/iccws

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

In this episode of the Forensic Focus podcast, Si and Desi explore the cutting-edge technology of deepfake videos and image manipulation. In addition to discussing the latest technological developments and efforts being made to detect manipulated media, they also examine the associated legal and ethical implications. Show notes: Boris Johnson image - https://www.theguardian.com/politics/2023/jan/10/spot-the-difference-boris-johnson-appears-scrubbed-from-photo-posted-by-grant-shapps Deep Fake Neighbour Wars - https://m.imdb.com/title/tt21371376/ Stalin image - https://www.history.com/news/josef-stalin-great-purge-photo-retouching Nvidia eye contact AI - https://www.polygon.com/23571376/nvidia-broadcast-eye-contact-ai and https://www.youtube.com/watch?v=xl87WTDrReo Birthday problem - https://en.wikipedia.org/wiki/Birthday_problem Same frightening woman in AI images - https://petapixel.com/2022/09/09/the-same-frightening-woman-keeps-appearing-in-ai-generated-images/ Inherent mysogeny of AI portraits - https://www.theguardian.com/us-news/2022/dec/09/lensa-ai-portraits-misogyny Midjourney - https://www.midjourney.org/ Deepfake porn legality - https://www.theverge.com/2022/11/25/23477548/uk-deepfake-porn-illegal-offence-online-safety-bill-proposal and https://www.technologyreview.com/2021/02/12/1018222/deepfake-revenge-porn-coming-ban/ AIATSIS - https://aiatsis.gov.au/cultural-sensitivity Fake tiger porn story - https://www.dailydot.com/unclick/tiger-porn-britain-law/ Group photo with no blinking - https://www.countrylife.co.uk/comment-opinion/curious-questions-group-photo-179102 Emma Watson deefake audio - https://www.thetimes.co.uk/article/ai-4chan-emma-watson-mein-kampf-elevenlabs-9wghsmt9c Domestika - https://www.domestika.org/en/courses/981-introduction-to-interviewing-the-art-of-conversation Investigative Interviewing - https://www.amazon.co.uk/dp/0199681899?ref=ppx_pop_mob_ap_share Forensic Focus events calendar - https://www.forensicfocus.com/events/ Si Twitter - https://twitter.com/si_biles

In this episode, Si and Desi talk to Matt Suiche from Magnet Forensics about the rise of e-crime and info stealers. They look at the latest shifts in how cybercriminals are operating, with a lot of ransomware gangs now moving towards hacking, stealing, extortion and leaking documents, rather than blindly encrypting files. They also examine the importance of memory forensics in trying to detect active threats within a network, and how ChatGPT – a chatbot launched by OpenAI in November last year – could be leveraged to create functioning malware. Want to hear more from Matt? You can check out Matt's presentation "Know When to Seek Help for Memory Loss" at both the Magnet Virtual Summit and the Magnet User Summit in 2023 (register at magnetvirtualsummit.com or magnetusersummit.com). Show notes: dumpIT - http://www.toolwar.com/2014/01/dumpit-memory-dump-tools.html comae - https://www.comae.com/dumpit/ Matt's wiki - https://en.wikipedia.org/wiki/Matt_Suiche VMWare acquires CloudVolumes - https://blogs.vmware.com/euc/2014/08/cloudvolumes.html Vitali Kremex - https://twitter.com/vk_intel?lang=en ChatGPT - https://openai.com/blog/chatgpt/ Magnet Virtual Summit - https://magnetvirtualsummit.com/ Magnet User Summit - https://magnetusersummit.com/