Call logs, SMSes, emails, social networks communications and, of course, chats in instant messengers can give you a lot of important information in a course of a forensic investigation. Let’s see how one single chat product can be examined from different aspects, each of which gives one more – unique! – part of puzzle.
In our case, the suspect had Skype installed on his laptop and mobile device which were seized and investigated with Belkasoft Evidence Center 2017.
Read more: https://belkasoft.com/chat-forensics-2016
This article was inspired by an active discussion in one of the forensic listservs. Original post was asking on how to fight with an argument “This is not me, this is a malware”. The suspect was allegedly downloading and viewing illicit child photos and was denying that, explaining the fact of these photos’ presence by malicious software they presumably had. So how can you figure out whether or not the suspect’s computer has actually been subject to unauthorized activities?
Read entire article
iTunes backups are an invaluable source of digital evidence, however, they are protected with encryption. How to crack an encrypted backup and analyze its contents? Our new tutorial video will help you do that using Belkasoft Evidence Center! Watch on our YouTube channel in 720p (subtitles available): https://www.youtube.com/watch?v=TcqNiPyysTQ
Check out the full list of changes here: belkasoft.com/new
You can try the new version FREE! Just download a trial license from our website: belkasoft.com/get.
The thrird and final part of our SSD Forensics article is published! Interesting user cases and analytical overview, as well as some practical tips – read it here: belkasoft.com/ssd-2016-part3
If you missed the previous parts, you can find them on our website a long with a number of other publications: belkasoft.com/articles
We at Belkasoft are, as many others, excited about the 2016 Summer Olympics in Brazil. At the same time, it is time of high pressure, large workloads, and great responsibility for those who watch for the security of society. With this in mind, Belkasoft CEO Yuri Gubanov, who will be volunteering for the Games in Rio, has come up with a good idea how to help Brazilian Law Enforcement organisations ensure safety of the event.
Together with our partners in Brazil, Apura, we will be providing the Brazilian police with free licenses of our flagship digital forensic software – Belkasoft Evidence Center.
http://apura.com.br/belkasoft/
Second part of our latest article about SSD forensics is now out!
Part 2 talks about external SSDs and eMMC storages, and covers trimming of eMMC.
Read full article here: belkasoft.com/ssd-2016-part2
The new publication continues the series started with an article on SSD forensics we published in 2012. We investigated the issues of SSD self-corrosion, demystified trimming, garbage collection and data remapping. Two years later, we revisited the issue. Back then, manufacturers released innovations in quick succession. 3D TLC, bigger and faster drives, the end of compressing controllers and the introduction of self-encrypting SSD drives were all big news. Fast-forward to 2016, and we have abundance of cheaper SSD models with seemingly little changes on the high-tech battlefront.
In addition to 2.5-inch models, we have seen a new popular form factor used in super-slim ultrabooks, and a new type of solid-state memory introduced by Samsung and used in many mobile devices. On the lower end of the spectrum, we are seeing eMMC chips being used in low-end Windows tablets and subnotebooks, where these chips take place of traditional SSD drives. In this article, we will try to figure out what all this means for a forensic investigator.
Read the article on our website: belkasoft.com/ssd-2016
We finished year 2015 on a good note with the release of Belkasoft Evidence Center 2016. The new version of Evidence Center features massive updates and improvements in performance and usability, new features, and numerous other enhancements that made work with the product faster, smoother and more convenient than ever before.
To present renewed Evidence Center to our customers as well as to those who are not familiar with tthe product, we recorded a webinar. The webinar contains an introductory presentation about the product with a brief overview of its capabilities and a live demonstration of the product and its features, both pre-existing ones and those introduced in the latest release.
The webinar is available to watch free on Forensic Focus: Investigating Computer And Mobile Artifacts With New Belkasoft Evidence Center.
Try Belkasoft Evidence Center free! Download a full trial version at belkasoft.com/trial.
Digital investigator nowadays has access to a wide array of solid digital forensic tools. Some of them offer mobile forensics only, some help with computer or laptop analysis, some – like Belkasoft Evidence Center – support all types of devices, but the task flow and product logic is more or less fixed in every product. If an investigator faces an unusual task, it is hard to solve it within the workflow offered by a product. And unusual tasks are not that rare – we hear about them very often, just take a glance at various forensic forums.
In this article, we will discuss some real life stories that involved cases hard to solve with the standard workflow in Belkasoft Evidence Center:
- Good Employee, Bad Employee
- Bar Fight
- Digging Deep Inside Photos
However, it became possible with BelkaScript, a free built-in scripting module that allows users to write custom scripts to extend Evidence Center capabilities. Scripts can be used to automate some of the routine (for example, reporting or bonding together two operations) or to extend product’s functionality for a specific situation. But it most certainly does not end there as we will now show on real-life examples.
Continue reading →
Belkasoft Forensic: The Digital Evidence Blog 