SANS Digital Forensics and Incident Response Blog: Tag - iOS

TIME IS NOT ON OUR SIDE WHEN IT COMES TO MESSAGES IN IOS 11

BLOG ORIGINALLY POSTED SEPTEMBER 30, 2017 HEATHER MAHALIK This is going to be a series of blog posts due to the limited amount of free time I have to allocate to the proper research and writing of an all-inclusive blog post on iOS 11. More work is needed to make sure nothing drastic is missing … Continue reading TIME IS NOT ON OUR SIDE WHEN IT COMES TO MESSAGES IN IOS 11


A Technical Autopsy of the Apple - FBI Debate using iPhone forensics

The technical basics of the case is that FBI is trying to compel Apple Inc. to help create a new capability installed on the suspect's iPhone that would enable with the following degraded security mechanisms: Allow the FBI to submit passcode "electronically via the physical device port" Will not wipe underlying data after 10 incorrect … Continue reading A Technical Autopsy of the Apple - FBI Debate using iPhone forensics


High Tech Crime Investigators Conference 2011 Report, Anonymous Promises Retaliation, DigiNotar Dies

The 25th High Technology Investigators Conference was held last week near Palm Springs California last week. Your SANS Forensic blogger attended the event, along with over 500 fellow lethal, and aspiring lethal, forensicators. Information security events like BlackHat, DefCon and RSA drawing thousands. It's more difficult to really get to know one's colleagues at those … Continue reading High Tech Crime Investigators Conference 2011 Report, Anonymous Promises Retaliation, DigiNotar Dies


Digital Forensics Case Leads: Viva Las Vegas Forensics at BlackHat, SecurityBSidesLV, and DefCon

The 103 degree heat hits you in the face like a baseball bat. Some people say that 103 degrees (in the shade) is "no big deal", because, as they continue, "it's a dry heat." Yea, well, my oven is a dry heat, and I don't stick my head in it. But that is exactly the … Continue reading Digital Forensics Case Leads: Viva Las Vegas Forensics at BlackHat, SecurityBSidesLV, and DefCon


iPhone Forensics white paper

We (viaForensics) have released an updated version of our free white paper on iPhone Forensics. The paper reviews specific software and techniques that analysts and investigators can use to recover the vast amount of information stored on Apple's iPhones. Ok, that's from our press release but this audience doesn't need that. So here is some additional background on the white paper!

First, it is a huge endeavor to generate this white paper but the interest is quite high so we saw it through. We reviewed 13 different tools and provide our thoughts on each as forensic analysts who regularly analyze smart phones. There are plently of screen shots, descriptions and the like. We'd love any feedback so if you can check it out and let us know, it would be most apprecaited.

This time around the tools were noticeably more

...