摘要:
CelleBrite UFED Touch系列产品使用指导视频(持续更新中)1. CelleBrite UFED Touch产品介绍 阅读全文
posted @ 2013-08-22 15:44 YiDiscovery 阅读(1356) 评论(0) 推荐(0) 编辑
摘要:
论版本变化速度,AD绝对首屈一指,从FTK 4到现在的FTK 5也不过两年多时间,EnCase近期(初步预计8月初)将推出V7的新版本7.08,下面是一些新功能:Evidence Processor ManagerEvidence Processor Manager allows for distribution and control of evidence processing for one or more EnCase Examiners or EnCase Processors. Every license of EnCase Forensic comes with an addit 阅读全文
posted @ 2013-07-30 15:21 YiDiscovery 阅读(462) 评论(0) 推荐(0) 编辑
摘要:
从事计算机取证的应该都听说过MIP(Mount Image Pro)、VFC仿真和Recover My Files,上述三个应用比较广泛的软件都是GetData公司的产品。GetData现在也推出了自己的计算机取证软件Forensic Explorer。详细信息可以参考:http://www.forensicexplorer.com/从价格来看,的确不贵,一套Forensic Explorer(含MIP v5)带一年SMS收费$949,增加一年SMS $299,价格堪称良心,具体功能还有待测试。 阅读全文
posted @ 2013-07-30 11:33 YiDiscovery 阅读(475) 评论(0) 推荐(0) 编辑
摘要:
原文跳转:http://dig4n6.blogspot.tw/2013/07/vdi-in-box-analysis-results.html*文中引用图片如无法浏览,请科学上网*VDI-in-a-Box Analysis ResultsbyEthan FleisherDespite the fact that my capstone thesis was complete over three months ago, it’s been a struggle to make this post. That being said, hopefully this blog post doesn& 阅读全文
posted @ 2013-07-30 11:27 YiDiscovery 阅读(531) 评论(0) 推荐(0) 编辑
摘要:
原文跳转:http://arstechnica.com/security/2013/07/disabling-a-cars-brakes-and-speed-by-hacking-its-computers-a-new-how-to/Tampering with a car’s brakes and speed by hacking its computers: A new how-toThe "Internet of automobiles" may hold promise, but it comes with risks, too.byDan Goodin-July 阅读全文
posted @ 2013-07-30 11:18 YiDiscovery 阅读(317) 评论(0) 推荐(0) 编辑
摘要:
俄罗斯厂商Elcomsoft近日更新了其旗下的iOS取证软件Elcomesoft iOS Forensic Toolkit,更新后的1.2版本支持针对iOS 4-6的iPhone 4s、iPhone5进行简单密码破解、物理镜像转储以及keychain解锁等。详情请见 :http://elcomsoft.com/eift.html 阅读全文
posted @ 2013-07-18 10:47 YiDiscovery 阅读(7914) 评论(0) 推荐(0) 编辑
摘要:
近日,以色列手机取证设备制造商CelleBrite对旗下UFED手机取证产品进行升级:UFED Classic 及 UFED Touch固件更新至1.9.0.0UFED Logical Analyzer 及 Physical Analyzer 更新至3.7.2详细Release Note请下载: 点我下载 阅读全文
posted @ 2013-06-07 10:35 YiDiscovery 阅读(295) 评论(2) 推荐(0) 编辑
摘要:
根据来自美国GuidanceSoftware的消息,在电子取证行业具有一定影响力的EnCase认证调查员(EnCase Certified Examiner,EnCE)近期将进行变化:自2013年5月31日起,GSI官方及授权培训伙伴停止提供EnCE v6 prep课程,EnCE v7 Prep不受影响。自2013年5月31日起,GSI不再接受EnCE v6的考试认证申请,仅提供EnCE v7版本考试。在接下来的EnCE考试中,Phase II部分的案例动手练习将不再采用从美国寄送加密狗及证据文件的方式,考试版EnCase的授权将采用证书文件方式,同时证据文件将采用下载。 阅读全文
posted @ 2013-05-23 22:24 YiDiscovery 阅读(814) 评论(0) 推荐(0) 编辑
摘要:
What's New in Version 7.07Evidence Processor performance scalingBookmarking Case Analyzer dataMac OS X email message supportMac OS X Artifact ParserLinEn support featuresSorting tags within a columnPII Credit Card Pattern enhancementApple iOS 6 supportEvidence Processor Performance ScalingThe Ev 阅读全文
posted @ 2013-05-06 17:50 YiDiscovery 阅读(363) 评论(0) 推荐(0) 编辑
摘要:
原文跳转:http://www.hexacorn.com/blog/2013/04/30/jumplists-file-names-and-appid-calculator/JumpList files are an interesting forensic artifact and as such they have been thoroughly explored by many researchers over last 2-3 years. There is really a lot of material out there and there are also many tools 阅读全文
posted @ 2013-05-05 17:44 YiDiscovery 阅读(507) 评论(0) 推荐(0) 编辑
摘要:
EDEC Digital Forensics has released a beta of its latest version of the company’s Tarantula Chinese Cell Phone Analysis Tool. Tarantula 2.0 beta is a significant advance.“In an industry where technology advances at the speed of light, it is our responsibility to provide investigators with the most a 阅读全文
posted @ 2013-05-05 17:41 YiDiscovery 阅读(606) 评论(0) 推荐(0) 编辑
摘要:
详情跳转:http://www.cellebrite.com/mobile-forensic-products/ufed-applications/ufed-link-analysis.html 阅读全文
posted @ 2013-04-18 14:40 YiDiscovery 阅读(370) 评论(0) 推荐(1) 编辑
摘要:
Cellebrite, developer and provider of mobile data forensic solutions, released an update to its software that extends its physical and file system extraction support to a range of popular HTC and Motorola devices on which such deep access was previously impossible, along with physical extraction sup 阅读全文
posted @ 2013-04-11 14:38 YiDiscovery 阅读(462) 评论(0) 推荐(0) 编辑
摘要:
作者:Arthur Gingrande原文跳转:http://www.documentmedia.com/ME2/dirmod.asp?sid=&nm=&type=Publishing&mod=Publications%3A%3AArticle&mid=8F3A7027421841978F18BE895F87F791&tier=4&id=6D44870EEFAC4C6DBD2BC6DE21DAE9DFThe Long-term Preservation of Digital EvidenceBy Arthur GingrandeAs the em 阅读全文
posted @ 2013-04-09 16:22 YiDiscovery 阅读(362) 评论(0) 推荐(0) 编辑
摘要:
Apple's iMessage encryption trips up feds' surveillanceInternal document from the Drug Enforcement Administration complains that messages sent with Apple's encrypted chat service are "impossible to intercept," even with a warrant.The DEA is not happy about Apple's iMessage 阅读全文
posted @ 2013-04-08 09:39 YiDiscovery 阅读(228) 评论(0) 推荐(0) 编辑
摘要:
电子数据取证软件厂商Guidance Software Inc近日将旗下著名计算机取证软件EnCase v7更新至 v7.06,此次更新有较大变动,其中加入了原SAFE版本中包含的部分功能同时推出免费证据获取工具EnCase Forensic Imager (模仿FTK Imager?)以下是EnCase v7.06更新Release Note:New Features Support for Macintosh Logical Volumes EnCase Enterprise now supports logical volumes for Macintosh systems. This 阅读全文
posted @ 2013-03-05 20:40 YiDiscovery 阅读(1429) 评论(0) 推荐(0) 编辑
摘要:
新闻参考:http://www.cnbeta.com/articles/228277.htmEvernote官方通告:謹親愛的 Evernote 用戶, Evernote 的資訊安全團隊稍早發現,並且立即封鎖了一個試圖侵入 Evernote 的可疑行為。但為了安全起見以及保護您的資料,我們目前決定採取密碼重設的方式。請各位用戶務必詳閱以下的內容與指示: 在我們的安全性調查報告中,所有資料皆表示您儲存於 Evernote 的任何資料沒有被第三方讀取、更改或遺失。同時,任何您用以支付 Evernote 專業版 或 Evernote Business 的帳款資料也沒有被取得資訊的跡象... 阅读全文
posted @ 2013-03-04 09:49 YiDiscovery 阅读(252) 评论(0) 推荐(0) 编辑
摘要:
澳大利亚电子邮件取证软件厂商Nuix近日更新了旗下的Nuix系列软件,版本号更新至4.2.0和4.2.1,由于Nuix采用自动识别操作系统语言,所以在中文操作系统中打开这两个版本的Nuix软件时,将可能出现界面报错,导致软件失去响应,只能强制结束进程。目前此问题可通过以下两种方式解决:1. 修改快捷方式,加入"-Duser.language=eng -Duser.country=UK "参数(不含引号)强制Nuix运行英文版本。2. 联系Nuix厂商或经销商,升级至目前最新的4.2.2 Preview3版本,如有需要可与博主联系升级。 阅读全文
posted @ 2013-02-27 15:48 YiDiscovery 阅读(296) 评论(0) 推荐(0) 编辑
摘要:
来源: GCN.com原文跳转:http://gcn.com/blogs/cybereye/2013/02/time-for-cold-war-response-china-cyber-spying.aspxChina's cyber spying: Time for a Cold War response?The Internet has created “a golden age for intelligence collection,” says James Lewis, a fellow at the Center for Strategic and International 阅读全文
posted @ 2013-02-27 15:26 YiDiscovery 阅读(179) 评论(0) 推荐(0) 编辑