Chewing the FAT

7/28/2021

Episode 3

Season 1, Ep. 3
In the third episode of Chewing the FAT, Phil and Adam host special guest Kevin Mansell to discuss training, certification and competence plus we run through some of the recent Digital Forensics industry news.For the third Forensic Faux Pas segment to air, special guest Kevin shares a couple of their embarrassing stories of things that went wrong from their days training days.Links for some of the content we discussed during the show:ETW on Windows 11 - Initial thoughtshttps://blog.tofile.dev/2021/07/01/windows11.htmlHansken - Digital Forensics as a Service?https://www.sciencedirect.com/science/article/pii/S2666281720300706https://www.forensicfocus.com/articles/automating-and-sharing-digital-forensics-knowledge-through-hansken/MSAB Ravenhttps://www.msab.com/raven/Resetting Your IoT Device Before Reselling It Isn't Enoughhttps://gizmodo.com/resetting-your-iot-device-before-reselling-it-isnt-enou-1847220178New blog from Josh - Find My & iCloud's Throne of Lies • iCloud location data lies! • Highlights importance of network isolation during seizure and possession of deviceshttps://thebinaryhick.blog/2021/06/25/apples-find-my-iclouds-throne-of-lies/Android Apps with 5.8 Million Installs Caught Stealing User's Facebook Passwordshttps://thehackernews.com/2021/07/android-apps-with-58-million-installs.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29ControlFhttps://www.controlf.net/This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800.
6/9/2021

Episode 2

Season 1, Ep. 2
In the second episode of Chewing the FAT, Phil and Adam host special guest Heather Mahalik to discuss SANS coming together with the leading industry vendors to produce a validation guide plus we run through some of the recent Digital Forensics industry news.For the second Forensic Faux Pas segment to air, special guest Heather shares a couple of their embarrassing stories of things that went wrong from their early days plus some great stories from our listeners.Links for some of the content we discussed during the show:The State of Android Health Data (Part 1) – Garminhttps://thebinaryhick.blog/2021/05/22/the-state-of-android-health-data-part-1-garmin/Rabbit Hole from CCL (Alex Caithness)https://uploads-ssl.webflow.com/5f02f2c93eab87a6ea84e2f3/60364c14ce5f0e240b78de9c_RabbitHole_DD_2021.pdfMSAB partner with Detego:https://www.forensicfocus.com/news/detego-joins-forces-with-msab-in-strategic-digital-forensics-partnership/#:~:text=Detego%C2%AE%20Joins%20Forces%20With%20MSAB%20In%20Strategic%20Digital%20Forensics%20Partnership,-17th%20May%202021&text=Detego%2C%20global%20leaders%20in%20rapid,in%20mobile%20device%20digital%20forensics.Should encryption be curbed to combat child abuse?https://www-bbc-co-uk.cdn.ampproject.org/c/s/www.bbc.co.uk/news/business-57050689.ampImpacts of COVID 19 on the risk of online child sexual exploitation:https://www.arts.unsw.edu.au/sites/default/files/documents/eSafety-OCSE-pandemic-report-salter-and-wong.pdfMicrosoft and UK government make it easier for public sector to use Azure:https://news.microsoft.com/en-gb/2021/05/11/microsoft-and-uk-government-make-it-easier-for-public-sector-organisations-to-use-the-azure-cloud/Heather's link to DFIR Summit:https://www.sans.org/event/digital-forensics-summit-2021Six Steps to Mobile Validation – Working Together for the Common GoodA joint effort with collaboration from across several major DF vendors resulted in a joint standards paper being released by SANS shortly afterwards, promoting good practice.https://www.sans.org/blog/six-steps-to-successful-mobile-validation-paper/Signal Story:Original claim and reply posted in Dec 2020, about "breaking signal encryption"https://signal.org/blog/cellebrite-and-clickbait/21st April 2021, posted new blog outlining vulnerabilities in Cellebrite software.https://signal.org/blog/cellebrite-vulnerabilities/Cellebrite response:https://www.cellebrite.com/en/our-mission-remains-clear/We would like to say a special thanks to the EU Formobile Project for supporting and helping fund this project. Without their support we would not have been able to get this off the ground.You can visit the Formobile website at:https://formobile-project.eu/This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800.
5/6/2021

Episode 1

Season 1, Ep. 1
In the first ever episode of Chewing the FAT, Phil and Adam introduce themselves, run through some of the recent Digital Forensics industry news, and share their thoughts on some recently published digital evidence guidance. For the first Forensic Faux Pas segment to air, Phil and Adam share a couple of their embarrassing stories of things that went wrong from their days in the lab.Links for some of the content we discussed during the show:ACPO - https://library.college.police.uk/docs/acpo/digital-evidence-2012.pdfISO 17025 - https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/912389/107_FSR-C-107_Digital_forensics_2.0.pdfForMobile - https://formobile-project.eu/COP Report - https://www.college.police.uk/article/consultation-extracting-data-electronic-devices-releasedCTF Twitter - https://twitter.com/ChewintheFATPodDFIR Twitter # - https://twitter.com/hashtag/dfirForensic Discord Server - https://discord.com/invite/JUqe9EkJosh Hickman - https://thebinaryhick.blog/Heather Mahalik- https://www.cellebrite.com/en/ios-location-artifacts-explained/Jessica Hyde, Magnet Forensics - https://www.magnetforensics.com/blog/ways-to-share-in-dfir/Oleg Afonin, Elcomsoft - https://blog.elcomsoft.com/2021/02/ios-recovery-mode-analysis-reading-ios-version-from-locked-and-disabled-iphones/MSAB - https://www.msab.com/2020/09/17/super-fast-iphone-extraction-times/Belkasoft - https://belkasoft.com/forensic_extraction_of_data_from_mobile_apple_devicesPhill Moore, ThisWeekin4n6 https://thisweekin4n6.com/Android Triage - https://www.andreafortuna.org/2021/04/10/android-triage-a-really-useful-forensic-tool-by-mattia-epifani/Autospy - https://www.cybertriage.com/2021/our-100-unbiased-4cast-awards-nominations/Alexis Brignoni, Realm - https://abrignoni.blogspot.com/search?q=realmMagnet Forensics, Chromebook Acquisition Assistant - https://www.magnetforensics.com/resources/magnet-chromebook-acquisition-assistant/We would like to say a special thanks to the EU Formobile Project for supporting and helping fund this project. Without their support we would not have been able to get this off the ground. You can visit the Formobile website at: https://formobile-project.eu/This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800.