In this episode of the Forensic Focus podcast, Si and Desi recap the 18th International Conference on Cyber Warfare and Security (ICCWS). Desi shares his top picks of the best talks, which explore a range of topics, from forensic investigations on Github breaches and blockchain forensics to deepfake technology and network forensics on submarines. They also take a look at LockBit ransomware investigations and examine whether or not there has been a resurgence in 'script kiddies'. Show Notes: ICCWS 2024 program: https://docs.google.com/spreadsheets/d/1u_ajyuxeZ5Hi-989nw50KxI5tTMnKPylhg47fVTp9pk ICCWS 2023 papers (including book): https://papers.academic-conferences.org/index.php/iccws

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

In this episode of the Forensic Focus podcast, Si and Desi explore the cutting-edge technology of deepfake videos and image manipulation. In addition to discussing the latest technological developments and efforts being made to detect manipulated media, they also examine the associated legal and ethical implications. Show notes: Boris Johnson image - https://www.theguardian.com/politics/2023/jan/10/spot-the-difference-boris-johnson-appears-scrubbed-from-photo-posted-by-grant-shapps Deep Fake Neighbour Wars - https://m.imdb.com/title/tt21371376/ Stalin image - https://www.history.com/news/josef-stalin-great-purge-photo-retouching Nvidia eye contact AI - https://www.polygon.com/23571376/nvidia-broadcast-eye-contact-ai and https://www.youtube.com/watch?v=xl87WTDrReo Birthday problem - https://en.wikipedia.org/wiki/Birthday_problem Same frightening woman in AI images - https://petapixel.com/2022/09/09/the-same-frightening-woman-keeps-appearing-in-ai-generated-images/ Inherent mysogeny of AI portraits - https://www.theguardian.com/us-news/2022/dec/09/lensa-ai-portraits-misogyny Midjourney - https://www.midjourney.org/ Deepfake porn legality - https://www.theverge.com/2022/11/25/23477548/uk-deepfake-porn-illegal-offence-online-safety-bill-proposal and https://www.technologyreview.com/2021/02/12/1018222/deepfake-revenge-porn-coming-ban/ AIATSIS - https://aiatsis.gov.au/cultural-sensitivity Fake tiger porn story - https://www.dailydot.com/unclick/tiger-porn-britain-law/ Group photo with no blinking - https://www.countrylife.co.uk/comment-opinion/curious-questions-group-photo-179102 Emma Watson deefake audio - https://www.thetimes.co.uk/article/ai-4chan-emma-watson-mein-kampf-elevenlabs-9wghsmt9c Domestika - https://www.domestika.org/en/courses/981-introduction-to-interviewing-the-art-of-conversation Investigative Interviewing - https://www.amazon.co.uk/dp/0199681899?ref=ppx_pop_mob_ap_share Forensic Focus events calendar - https://www.forensicfocus.com/events/ Si Twitter - https://twitter.com/si_biles

In this episode, Si and Desi talk to Matt Suiche from Magnet Forensics about the rise of e-crime and info stealers. They look at the latest shifts in how cybercriminals are operating, with a lot of ransomware gangs now moving towards hacking, stealing, extortion and leaking documents, rather than blindly encrypting files.   They also examine the importance of memory forensics in trying to detect active threats within a network, and how ChatGPT – a chatbot launched by OpenAI in November last year – could be leveraged to create functioning malware. Want to hear more from Matt? You can check out Matt's presentation "Know When to Seek Help for Memory Loss" at both the Magnet Virtual Summit and the Magnet User Summit in 2023 (register at magnetvirtualsummit.com or magnetusersummit.com).   Show notes: dumpIT - http://www.toolwar.com/2014/01/dumpit-memory-dump-tools.html comae - https://www.comae.com/dumpit/ Matt’s wiki - https://en.wikipedia.org/wiki/Matt_Suiche VMWare acquires CloudVolumes - https://blogs.vmware.com/euc/2014/08/cloudvolumes.html Vitali Kremex - https://twitter.com/vk_intel?lang=en ChatGPT - https://openai.com/blog/chatgpt/ Magnet Virtual Summit - https://magnetvirtualsummit.com/ Magnet User Summit - https://magnetusersummit.com/

Just like your current holiday shopping for last minute presents a lot of the good stuff has gone off the shelves already. You reach to the back and find the toy nobody really wanted but it’s the thought that counts, you stare down at Si and Desi’s Holiday Special 2022 podcast.  Please join these two as they lament over the year that was, discuss all the things they didn’t do but promise they will do them next year, query whether putting a NAS in the storage of a roller door is a good idea, and finally arrive at what they’re looking forward to bringing you in the new year.  Show Notes: Arduino PLC IDE - https://docs.arduino.cc/software/plc-ide Mycroft Mark II (open source Alexa) - https://www.kickstarter.com/projects/aiforeveryone/mycroft-mark-ii-the-open-voice-assistant Christa’s new blog - https://christammiller.com/ Si’s holiday reading - https://amzn.to/3iJyGrR Desi’s holiday reading -  https://inteltechniques.com/ Strange event for the end of the year - https://www.reuters.com/world/europe/25-suspected-members-german-far-right-group-arrested-raids-prosecutors-office-2022-12-07/ Si’s wishful thinking - https://www.youtube.com/watch?v=GXnRgXclLd0 Si’s list to do before the EOY - https://intrepidcamera.co.uk/products/intrepid-4x5-camera Desi’s list to do before EOY - https://www.wired.com/story/how-to-reset-your-phone-before-you-sell-it/ “Cleaning your office” - https://www.manfrotto.com/uk-en/vintage-collapsible-1-5-x-2-1m-ink-sage-ll-lb5720/ Conference recorder - https://amzn.to/3UBmre5 Desi’s blog - https://www.hardlyadequate.com/

The investigation of child exploitation is a delicate balance between rescuing children, ensuring perpetrators are correctly identified, and safeguarding investigator mental health. This week on the Forensic Focus podcast, Christa and Si are with Cyacomb, talking digital forensics with: Jeffrey Bell, Customer Success Manager; Alan McConnell, Head of Customer Success; and Brandon Gardner, Program Manager.

As digital forensics decentralizes, shifting more responsibilities from lab to field personnel, tools that can manage the evidence from different user groups are ever more important. In this episode, Christa and Si talk with Andrew Lister, Managing Director at Detego Global, about interoperability between field and lab. They discuss Detego’s significant post-pandemic growth, what it is about interoperable frontline and lab tools that other solutions miss, and the biggest challenges when adapting a military field tool to more regulated environments. To read Andy's previous interview with us, visit https://www.forensicfocus.com/interviews/andy-lister-global-business-development-director-detego.

This week, Christa and Si talk with Cyacomb's Graham Little and Mike Burridge about the technology it takes to identify child sexual abuse and terrorist imagery, on both devices and the online world. The balance between public safety and privacy is discussed, along with challenges faced by both social media providers preventing imagery from being shared, and law enforcement investigating the perpetrators. Also described: technological challenges and what they mean for investigations and prosecutions, including the need for training and education of users; and new developments coming from Cyacomb.

In this episode, Detective Lee Bieber of the Plantation Florida Police Department and the FBI's Crimes Against Children and Human Trafficking Task Force in Miami talks with podcast host Christa Miller about his background, the trends he's noticed in criminal use of digital technology, and the artifacts that make up the elements of a statutory crime. Also discussed: putting digital artifacts together into a picture using various forensic tools, and the tool that helps him most in his investigations.

You can’t put a price on bants! Friends and enemies welcome as this week Christa, Si, and Desi recap HTCIA and DFRWS. Deep dive into ticket prices and accessibility. Wonder whether there is innovation in the vendor space. Consider running their own virtual Forensic Focus conference in 2023. They briefly touch on neurodiversity, potential guests, and we all get treated to Si’s long preamble and and slightly shorter outro. Show Notes: DFRWS APAC 2022 Program - https://dfrws.org/apac-2022-program/ BSides AUS - https://www.bsidesau.com.au/ BSides UK - https://www.securitybsides.org.uk/# HTCIA - https://htcia.org/ Heather Mahalik’s talk on verifying evidence CYACOMB Prioritizing time sensitive investigations with Rapid Digital Triage - Alan McConnell Hansken Forensics - https://www.hansken.nl/ Velociraptor - https://www.rapid7.com/products/velociraptor/ Sydney Declaration IAFS 2023 - https://iafs2023.com.au/sydney-declaration/

This week, Si and Christa talk with James Eichbaum, global training manager at MSAB, about: The technical and procedural challenges that students bring to class that inform R&D and, in turn, training.The importance of training to thorough, forensically sound examinations, as well as to educating managers and other stakeholders on why thoroughness is important.As well, the need and ability for examiners to be able to articulate their own processes in a rapidly changing field.Training for different levels of personnel, from frontline officers all the way up to the lab.How the COVID-19 pandemic affected training course design and delivery.Some of the new things to look out for in both products and training from MSAB. Show Notes: Our previous interview with James: https://www.forensicfocus.com/interviews/james-eichbaum-global-training-manager-msab/ Our interview with Matthew Sorell on mobile device forensics: https://www.forensicfocus.com/podcast/university-of-adelaides-dr-matthew-sorell-on-evidentiary-health-data-at-dfrws-apac-2022/ The FORMOBILE project: https://www.formobile-project.eu/ MSAB training: https://www.msab.com/training-overview/

In this episode, Desi and Si talk with Alex Tilley, who's part of the counter threat unit at Secureworks, as a followup to Alex's presentation on the history of financial cybercrime. Show Notes: The business club writeup from 00:18:25 https://www.secureworks.com/research/evolution-of-the-gold-evergreen-threat-group Fast-flux and round robin DNS Anti-money laundering legislation https://www.oaic.gov.au/privacy/other-legislation/anti-money-laundering#:~:text=The%20Anti%2DMoney%20Laundering%20and,sector%2C%20gambling%20sector%2C%20remittance%20( Operation Tovar https://www.secureworks.com/blog/operation-tovar-dell-secureworks-contributes-to-efforts-targeting-gameover-zeus-and-cryptolocker SMBiT Pro - Presenting Gold Coast end of October https://www.smbitpro.org/ ISACA - CBR Conference https://engage.isaca.org/canberrachapter/events/eventdescription?CalendarEventKey=29ea5d1c-5ee0-4bd7-b4ce-e591603ba8b3&CommunityKey=43346d1e-8e11-443a-bfa6-93582a92ad0f&Home=%2Fmelbournechapter%2Fevents%2Fcalendar

In this episode, Steve Slater, Head of Digital Forensics at Devon and Cornwall Police in the United Kingdom, gives Christa and Si an overview of implementation the new Rape and Serious Sexual Offence protocol: How digital forensics technology supplements a victim-centred, team approachDifferences between victim and suspect acquisition processesWhat goes into balancing victim care with a forensically sound data collectionHow the protocol continues to adapt to the times: not just in terms of technology, but also in recruiting representative personnel and supporting their mental healthPandemic-era processes and procedures Further reading: https://www.cps.gov.uk/cps/news/metropolitan-police-service-and-crown-prosecution-publish-review-r-v-allan https://ico.org.uk/

Following on their "unsupervised" discussion, this week Si and Desi focus on training and certification, including: Steps and missteps in commercial and government efforts to close the cyber skills gap through training and professional developmentThe value of perspectives from different fields to digital forensics and incident responseThe shortcomings of certifications as measures of proficiency, and the need to teach a foundation of how to learn, not just pass certification examsAlternatives to certifications, such as chartered professionals, CTFs and coursework with practical elementsThe need for mentors to help develop professionals CyberCX Academy announcement: https://news-events.cybercx.com.au/cybercx-academy-launched-to-help-solve-cyber-skills-crisis Marketing fail: UK government criticised for ‘crass’ ad advising ballerina to retrain in IT: https://www.netimperative.com/2020/10/13/marketing-fail-uk-government-criticised-for-crass-ad-advising-ballerina-to-retrain-in-it/ Distant Traces and Their Use in Crime Scene Investigation: https://www.forensicfocus.com/webinars/distant-traces-and-their-use-in-crime-scene-investigation/ Australian Cyber Collaboration Centre: https://www.cybercollaboration.org.au/ dfrws.org

In this episode, Si and Christa talk with Martino Jerian, founder and CEO of Amped Software, about: Some of the misunderstandings around digital video and image evidence and how this can affect justice proceedingsTechnical challenges associated with evidentiary integrity and authenticity of data which is based on complex mathematicsThe need for better trained, qualified analysts in multiple dimensions of multimedia forensics, including file formats, processing, and metrology specialismsAs well, the need for awareness-building among nontechnical stakeholders in policymaking

In this episode recorded in July, Si and Desi take advantage of Christa's absence to pepper up their speech (but only just a bit). Content warnings aside, this week their free-form conversation discusses: Public speaking, whether giving evidence on the stand, presenting to stakeholders following an incident response, or delivering training materialsThe relative benefits of unscripted interactions vs. scripted material, depending on audienceHow pandemic-driven modalities affected speaking delivery (and even job interviews) in terms of nonverbal (body) language, with and without camerasPresentation material creation toolsThe need for, and difficulty of, getting good feedback There's also a preview of their upcoming conversation on training and certification.

Si and Christa talk with Pablo Lopez Aguilar-Beltran about Project LOCARD, its purpose, and how it all go started, including: Why blockchain could be the foundation for improving international cooperation while maintaining compliance with privacy and other legal requirementsChallenges associated with standardizing any platform across borders, as well as fostering implementation and participationThe need for better digital evidence literacy among lawyers and judges, even as the digital aspects of crime accelerate past governments' abilities to legislate and enforce laws

In this episode, co-hosts Desi, Si, and Christa compare and contrast the concerns and pressures of the DFIR world vs. other industries. Starting with burnout as a function of increases in both cyber incidents and online crime, we also discuss: - The risks of backfilling gaps in cyber without computer science fundamentals. - More work and fewer resources leading to backlogs, which factor in burnout and resignations as well as actions like the UK barristers' strike. - The importance of mentorship, representation, and manager training to facilitate strong team dynamics and mitigate risks.

In this episode, Desi, Si, and Christa talk with Dr. Sorell about health data as a source of evidence in criminal investigations, as well as a sneak peek of what to expect at Sorell's student-led workshop and Rodeo competition at the upcoming DFRWS-APAC conference. Some of the technical vagaries, including GPS, time zone, and Apple updates, that can affect both investigations and workshop planning are discussed, along with the importance of other disciplines (geekery) to digital forensics beyond digital forensics.

In this episode, University College Dublin's Prof. Liliana Pasquale, program director for the new Master of Science in Cybersecurity, talks with Christa Miller about how the program came to be, some of the modules and the way they're structured, and what makes this program stand out from others. Also discussed is the need for a balance between academic research and practitioner perspectives, how "soft" skills lay a foundation for more technical skills, and the program's major advantages to prospective students.