|
|
|
|
摘要:
UPEK Fingerprint Readers: a Huge Security Hole August 28th, 2012 by Olga Koksharova Most laptops today ship with a fingerprint reader. Most likely, you have a laptop with one. Until very recent... 阅读全文
posted @ 2012-09-03 11:30 YiDiscovery 阅读(289) 评论(0) 推荐(0) 编辑
摘要:
E-discovery: 4 scenarios that call for computer forensics Computer forensics can recover hard-to-reach data, but is sometimes risky and expensive BY STEVEN HUNTER August 21, 2012 A working know... 阅读全文
posted @ 2012-08-29 09:00 YiDiscovery 阅读(232) 评论(0) 推荐(0) 编辑
摘要:
近日,计算机取证硬件厂商Tableau发布了目前市场上功能最为全面的一体化只读接口T35689iu Forensic Bridge。T35689iu具备SAS、SATA、FireWire、USB 3.0以及IDE等多种只读接口,与主机连接采用USB 3.0及火线(可选)接口。 阅读全文
posted @ 2012-08-28 11:40 YiDiscovery 阅读(1077) 评论(0) 推荐(0) 编辑
摘要:
原文跳转:http://www.computerworld.com/s/article/9230361/How_police_tracked_down_Steve_Jobs_stolen_iPads?taxonomyId=13&pageNumber=1IDG News Service -The digital breadcrumbs left behind when people use Internet-connected gadgets are what led California investigators to recover iMacs, iPads and other i 阅读全文
posted @ 2012-08-21 00:43 YiDiscovery 阅读(273) 评论(0) 推荐(0) 编辑
摘要:
近日,美国第六巡回上诉法院法官宣称,针对手机发射出的信号进行追踪可以认为类似于监视一个人在公共场所活动(if a device emits a trackable signal, following their location is similar to watching someone move about in a public space.),这样的表述可以认为是对于手机信号进行合法追踪的认可。更多跳转:http://www.policeone.com/police-products/police-technology/gps/articles/5916070-Appeals-cour 阅读全文
posted @ 2012-08-20 13:01 YiDiscovery 阅读(237) 评论(0) 推荐(0) 编辑
摘要:
近期没有怎么更新博客,主要是杂事较多无暇顾及,今天得闲,把近期在PGP上“阴沟翻船”的两件事记个流水账。事件1:操作系统为Windows 7 x64,对于系统磁盘进行了WDE全盘加密,方式为Passphrase,笔记本T410i,一直觉得原配500G不够用,于是买来一块光驱位磁盘架,另行安装一块500G,同样WDE加密,7月某日,闲来无事,突发奇想,将盘架500G磁盘拆下,替换为另一块硬盘计划安装Windows 8,由于都是HITACHI磁盘,在进行操作系统安装过程中不慎选择了笔记本原装硬盘的100M Windows 7系统分区,待发现开始安装已晚,强制停止安装,拆下系统盘,挂载另一台计算机, 阅读全文
posted @ 2012-08-18 22:33 YiDiscovery 阅读(1396) 评论(4) 推荐(0) 编辑
摘要:
近日,Guidance发布了计算机取证软件EnCase的v7.04.01版本,包括英文及中文语言,各位使用EnCase Forensic的用户可以及时进行更新。 阅读全文
posted @ 2012-07-09 22:31 YiDiscovery 阅读(647) 评论(0) 推荐(0) 编辑
摘要:
Forensic Computer Examiner Quick Reference Guide 是一款在iOS平台使用的计算机取证调查员快速参考手册,包含了计算机取证常用的表格和参考资料。 今日,Forensic Computer Examiner Quick Reference Guide在苹果App Store发布更新,新版本号为2.0 跳转至App Store: htt... 阅读全文
posted @ 2012-05-23 14:49 YiDiscovery 阅读(439) 评论(0) 推荐(0) 编辑
摘要:
俄罗斯著名密码破解产品厂商Passware 近日发布Passware Kit最新版11.7主要更新:支持对Microsoft Office 2007-2010文档密码的快速破解 (内存分析)PGP WDE(全盘加密)的快速破解(内存分析)支持对于Apple DMG磁盘镜像的密码恢复与EnCase软件集成原文跳转:http://www.lostpassword.com/news/pnl63.htm 阅读全文
posted @ 2012-05-22 17:50 YiDiscovery 阅读(985) 评论(0) 推荐(1) 编辑
摘要:
著名MAC OS取证产品厂商MAC Forensics Lab近日发布Mac Lock Pick 3.0版本。详情跳转:http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=product_info&cPath=12&products_id=2 阅读全文
posted @ 2012-05-22 16:09 YiDiscovery 阅读(545) 评论(0) 推荐(0) 编辑
摘要:
Oxygen Forensic Suite 2012 v.4.3 released Oxygen Software has updated Oxygen Forensic Suite 2012, the company’s flagship mobile forensic tool, offering investigators a greatly improved experience wit... 阅读全文
posted @ 2012-05-17 17:48 YiDiscovery 阅读(833) 评论(0) 推荐(0) 编辑
摘要:
WhatsApp ForensicsThose who follow this blog may have noticed few months ago a post that introduced WhatsApp Xtract: this script was able to display in an HTML document all the WhatsApp messages extracted from an iPhone. And those who follow the xda developers forum may have recently noticed a threa 阅读全文
posted @ 2012-05-16 19:18 YiDiscovery 阅读(1018) 评论(0) 推荐(0) 编辑
摘要:
本文原作者Jason Hale,所有权利归原作者所有。Windows 8 TypedURLsTimeAmanda Thomson posted a Windows 8 Forensic Guide last month that covers a variety of topics examiners can expect to encounter with this new operating system on the horizon. One of the new items in Windows 8 - existing at least in the Consumer Preview 阅读全文
posted @ 2012-05-16 19:15 YiDiscovery 阅读(418) 评论(0) 推荐(0) 编辑
摘要:
Paraben's Project-A-PhoneTM ICD-8000 is the latest version of its cell phone screen capture device that allows you to take pictures or videos of the screen of almost any cell phone and display it right on your computer. This model replaces the IDC-5200, the most popular image capturing device am 阅读全文
posted @ 2012-05-16 18:03 YiDiscovery 阅读(311) 评论(0) 推荐(0) 编辑
摘要:
每个人都有不能说的秘密,很多人都会采用数据擦除软件清除数据,而日本“Platform of Japan”公司的“Data Killer” 系列产品,利用强磁场瞬间清除硬盘数据,最多支持14块硬盘,或整台笔记本电脑。For when the police are knocking at your door and you have piles and piles of hard drives filled with stolen credit card info, CIA secrets, duck porn or pirated movies (take your pick) there co 阅读全文
posted @ 2012-05-16 17:54 YiDiscovery 阅读(758) 评论(0) 推荐(0) 编辑
摘要:
AIS, Inc. announces the availability of their newest software product, MacResponse LE™. MacResponse LE is designed to provide law enforcement with critical capabilities needed to reliably collect and analyze data from live computer systems running various versions of Mac OS X.MacResponse LE was deve 阅读全文
posted @ 2012-05-16 17:43 YiDiscovery 阅读(310) 评论(0) 推荐(0) 编辑
摘要:
Elcomsoft近日发布Elcomsoft Phone Password Breaker 1.84.1338。新版本支持获取iCloud上的iOS备份取证。 阅读全文
posted @ 2012-05-15 15:59 YiDiscovery 阅读(1016) 评论(0) 推荐(1) 编辑
摘要:
CelleBrite于近日正式发布手机取证设备UFED的1.1.9.7固件以及Physical Analyzer 3.0版本,主要更新如下:支持三星Galaxy SII家族手机以及Galaxy Note的物理获取,支持绕过锁屏密码或破解密码。更新对部分摩托罗拉Android手机的物理获取支持和文件系统获取。支持Android 3.X (Honeycomb)设备,支持Android4.0 (Ice Cream Sandwich),无需手机具备root权限。针对黑莓BBOS4-6,已知密码,可对物理获取的内容进行实时解密。支持iOS 5.1的物理获取和文件系统获取、实时解密和密码恢复(不含iPho 阅读全文
posted @ 2012-05-15 00:02 YiDiscovery 阅读(789) 评论(0) 推荐(0) 编辑
摘要:
计算机取证设备制造商Logicube公司近日发布公告,正式宣布即将推出针对山寨手机取证的支持。即将整合山寨手机取证功能的是该公司去年年底发布的新款手机取证设备CellXtract,本次整合采用了eDEC公司的Tarantula设备(即北京瑞源文德公司“狼蛛”手机取证设备),该设备能够有效获取采用联发科(MTK)、展讯(Spreadtrum)、英飞凌等厂商整合式移动终端方案的手机,当然,这类手机绝大多数就是我们所说的“山寨机”。至此,包括CelleBrite、Logicube在内的传统取证产品厂商均参与到了针对“山寨机”取证的竞争之中,料想在今后的1-2年内,国内的手机取证市场竞争必更加白热化。 阅读全文
posted @ 2012-05-13 02:51 YiDiscovery 阅读(407) 评论(0) 推荐(0) 编辑
摘要:
GSI于May 9,2012发布EnCase v7.04版本增加“备份”面板,可以对每个Case的具体Backup进行管理完善备份功能,支持任务备份、自动备份等多种方式File Carver优化Report TemplatesDisplay Additional FieldsiOS 5.0 and iOS 5.1 iPhone and iPad Device SupportInternet Explorer 9 History Updates SupportFirefox 8 History Updates SupportEvidence Processor 性能优化,主要针对keyword 阅读全文
posted @ 2012-05-11 09:48 YiDiscovery 阅读(664) 评论(0) 推荐(0) 编辑 |
|