The Virginia Department of Forensic Science (DFS) is seeking a qualified or trainee candidate to perform Digital & Multimedia evidence analyses, with a focus on mobile and computer device analysis, at the Central Regional Laboratory, located in Richmond, Virginia.

https://www.jobs.virginia.gov/jobs/forensic-scientist-digital-multimedia-evidence-central-laboratory-cf449-richmond-virginia-united-states

If anyone has questions beyond the information that is available in the posting, please feel free to reach out to me. I would love the opportunity to discuss the details of the position with anyone who is interested.

#digitalforensics #computerforensics #mobileforensics #dfir

#computerforensics #civilrights #independentjournalism

This is quite interesting. It appears to be a #TempeAZ Police Sergeant trying to obtain a forensic image of the phone of a crime victim, who has filed a report over a cop assaulting him. This investigating officer tells the victim, who is a citizen journalist, and a well-known cop-watcher, that she needs his phone in order to verify that the video hasn't been "doctored". (cont)

https://vid.puffyan.us/watch?v=w4DRvY2tK8k

Man, I love old #forensicsfiles episodes. Lol. #computerforensics

For those of you interested in learning how to use X-Ways Forensics, there are still a few seats left in the March 06-09 training course taking place in the Washington, DC/Baltimore area:

https://www.x-ways.net/training/washington_area.html

#digitalforensics #computerforensics #mobileforensics #dfir

Resoundingly, the poll showed that most don't use X-Ways Forensics for anything other than analyzing traditional, computer-based storage devices.

So, WHY don't you use it for data from other sources (e.g., mobile phone extractions, chip dumps, etc.)?

#DFIR #digitalforensics #mobileforensics #computerforensics

#DFIR SQLite Query Tip: when converting timestamps with millisecond precision, consider using the "strftime" function instead of "datetime".

The "strftime" function includes the "%f" substitution that allows for fractional seconds (SS.SSS) to be displayed. This can be very helpful if wanting to be very precise when determining timeline activity.

https://www.sqlite.org/lang_datefunc.html

Keep in mind that if your query requires dividing by an integer by another integer (e.g. converting Apple CFAbsoluteTime, 18-digit, nanosecond precision timestamps), you will need to use the "CAST AS FLOAT" operator in order to avoid rounding issues, e.g.:

strftime('%m-%d-%Y %H:%M:%f', CAST([table].[field] AS FLOAT) / 1000000000 + 978307200, 'unixepoch')

Bonus points if you can explain WHY I am dividing by 1000000000 and adding 978307200 in the above example. Consider the value represented by [table].[field] to be an Apple CFAbsoluteTime, 18-digit, nanosecond precision timestamp.

#digitalforensics #mobileforensics #computerforensics

#DFIR SQLite Query Tip: try using the "IFNULL" function in your queries to clearly identify truly empty (blank) values in a source database - for example, you could output "[NULL]".

Doing this can help avoid confusion about why a value is blank in a query's output.

#digitalforensics #mobileforensics #computerforensics

#DFIR SQLite Query Tip: when converting/interpreting values (e.g. "0" = "False" or "No"), I recommend including the original values in the output.

This not only shows transparency in your work; but is helpful when verifying converted/interpreted values when you don't have access to the query.

For example, you could output both the original and converted/interpreted fields/values so they are adjacent, or include both values in the same cell (e.g. "0 [No]", or use the "||" concatenation operator).

#digitalforensics #mobileforensics #computerforensics

Is TAILS still any good?
It's been a few years since I tried it. Just curious if it is still popular.

https://tails.boum.org/news/version_5.7/index.en.html

#privacy #infosec #opsec #cybersecurity #computerforensics

X-Ways Software just released X-Ways Forensics 20.7 SR-2. Check the release notes (https://www.x-ways.net/winhex/forum/messages/1/5390.html) for the details.

#digitalforensics
#mobileforensic
#computerforensics
#DFIR

In the event that anyone was still unsure, "...digital evidence examination rests on a firm foundation based in computer science."

"Digital Investigation Techniques: A NIST Scientific Foundation Review"
https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8354.pdf

#digitalforensics
#computerforensics
#mobileforensics
#dfir

X-Ways Software just released X-Ways Forensics 20.7 SR-1. Check the release notes (https://www.x-ways.net/winhex/forum/messages/1/5390.html) for the details.

#digitalforensics
#mobileforensic
#computerforensics
#DFIR

Since I’ve moved home to tech.lgbt it’s time for a new #introduction post!!

Hi! My name is Sylvia, Sylvie, Silvy, Silver or any variant of that. I’m 28 years old, a #non-binary #transgender #woman, #sapphic as fuck though I’ve always identified as some sort of #bisexual!

My interests include but are not limited to: #gaming, gender identity related topics, #technology (I went to college for #ComputerForensics, although I didn’t finish my minor classes), #music and #comics and #films.

X-Ways Forensics 20.7 SR-0 was just released.

https://www.x-ways.net/winhex/forum/messages/1/5390.html?1668539143

I'm excited to see that the "functionality of Excire Forensics is now included..."!

#dfir #digitalforensics #computerforensics #mobileforensics