CyberSocialCon 2024 Agenda
Tuesday, December 10
10AM ET
Welcome & Introduction
Kevin DeLong, Founder, Cyber Social Hub
Welcome to this year's conference!
10:30AM ET
Rich Communication Services - How Can You Tell?
Adam Firman, Tech Evangelist, MSAB
Short Message Service (SMS) has long been the cornerstone of mobile messaging, allowing users to send short text messages over cellular networks. With the advent of smartphones and the demand for richer communication experiences, Rich Communication Services (RCS) has emerged as a successor to SMS, promising a more interactive and dynamic messaging platform. There are 421 million Global Monthly Active Android users and 1.2 billion Android Ready Devices using or capable of using RCS. However, now iOS and Android can communicate via this method, what challenges does this pose for forensic examiners?!
11:30AM ET
Tech Abuse Investigations
Joe Seanor, Investigator, Cyber Private Investigations
Domestic abuse has found a new battleground: technology. Abusers are exploiting every device imaginable, turning everyday technology into a weapon. In this presentation, I'll expose how cameras, cell phones, cars, and more are being used to control and abuse victims, making it harder than ever to escape and find safety.
12:30PM ET
Sponsor Spotlight - Belkasoft
Elena Chertova, Belkasoft Knowledge Team
1PM ET
An employee stole millions of dollars worth of company data... or did they...
Matt Danner, Owner & Founder, Monolith Forensics
Matt Danner, owner of Monolith Forensics, will walk you through the forensics of a case related to the alleged theft of high value company data. This case is a real whodunit - a riddle, wrapped in a mystery inside an enigma, and stuffed into a paradox.
If you want to deep dive into disk, file system, and operating system forensics with a side of good old fashioned detective work - this is the talk for you.
2PM ET
Unique Apps & Data Sources Hiding Evidence
Amber Schroader, CEO, Paraben Corp.
While many investigators are familiar with popular apps and their potential evidentiary value, there's a vast universe of niche apps that can hold valuable, often overlooked, data. In this session, we'll delve into the world of niche apps, exploring their unique functionalities and the data they can reveal. From fetish apps to data-hiding tools, we'll provide a fresh perspective on where to look for evidence in your investigations.
3PM ET
LEAPPing into the Future: How LAVA is Heating Up Open Source Digital Forensics
Alexis Brignoni & James Habben, iLEAPP & LAVA
The LEAPPs (Logs, Events, And Preferences Parsers) have become essential tools for digital forensic investigators tasked with extracting and analyzing data from mobile devices, digital search warrant returns, and vehicles. This talk will give the community a preview of the new reporting format called LAVA (LEAPPs Artifact Viewer Analyzer.) LAVA will make working with parsed data from the LEAPPs easier and more efficient.
Wednesday, December 11
10AM ET
Effective Documentation in OSINT Investigations: Strategies for Capturing and Preserving Data
Ritu Gill, Open Source Intelligence Analyst, OSINT Techniques
Open Source Intelligence (OSINT) investigations hinge on the ability to capture and document information accurately and efficiently as it is discovered. This presentation will guide attendees through the critical practices of documenting OSINT findings to ensure that every piece of information is preserved and verifiable. The presentation will also address structuring documentation to create a clear audit trail and ensuring data integrity through timestamps and digital hashes.
11AM ET
Drone Forensics: Making the connection.
Davis Grier, Director of Engineering, V2 Forensics
Aircraft, remote, and mobile device lets investigators connect the dots from app to aircraft. In this session, we'll discuss ways of analyzing drone apps to tie them to an aircraft or vice versa.
12PM ET
Sponsor Spotlight - Truxton Forensics
Dave Ryberg, Director of Sales, Truxton Forensics
12:30PM ET
Sponsor Spotlight - Techno Security & Digital Forensics Conference
Jennifer Salvadori & Allison Dowd, Techno Security
1PM ET
Telegram: A Super Platform for Crime and Crypto
Stephen E. Arnold & Erik Arnold, Arnold Information Technology
Telegram is approaching one billion users. An increasing number of users reside in the United States. This presentation explains why Telegram is a super platform for criminal activity and crypto currency "plays." The presentation falls into four sections. The first section presents a ransomware operation targeting individuals who are trying to purchase stolen credit cards. A diagram of the operation makes the capabilities of the Telegram platform clear. The second section presents an overview of the more than 100 functions and services of the Telegram platform. The key point is that Telegram has had a cadence of innovations over the past 11 years. Functionality of the Telegram platform is three times that of Instagram, Signal, and WhatsApp. In addition, the organization of the Telegram distributed architecture is presented and the command-and-control services identified. The third part of the presentation presents information about the Dubai-based One Network (TON Foundation) and the new TONsocial organization. The Foundation manages the blockchain and crypto activities, and the TONsocial entity is designed to build a global social media network similar to VKontakte, the Russian Facebook, just integrated with the Telegram Messenger application. The final part of the presentation presents probable development vectors identified by my research team with brief comments about the impact on US law enforcement, intelligence professionals, and money laundering investigators.
2PM ET
A Forensic Examination of the Arc Browser
Justin Tolman, Forensic SME and Evangelist, Exterro
Arc is a “new” browser published by The Browser Company. It was first released for macOS and iOS on April 19, 2022, and Windows on April 30, 2024. While (obviously!) not one of the big four browsers, it is important to be aware of the different platforms available for people to access the internet so that “no evidence is left behind.”
This presentation will introduce you to the Arc Browser and its associated data structures. We will break down the data structures and the relationships between the SQLite databases, XML files, pList files, and more. This presentation will provide you with a resource for later reference when you encounter this browser in evidence.
3PM ET
Swatting: Tradecraft & Real World Case Studies
Keven Hendricks, Investigator, Ubivis Project
This presentation will cover the epidemic of "swatting". Understanding the "troll culture" leading to the swatting phenomenon. Evolving trade-craft involving swatting will be covered, as well as investigatory avenues for swatting. Real world cases will be covered.
Thursday, December 12
10AM ET
AI in Forensics: Empowering Examiners, Not Replacing Them
Tom Oldroyd, Director of Strategy and Sales, Semantics 21
The true potential of AI in digital forensics is only just beginning to be realised. At Semantics 21, we were the first to release an AI capable of detecting CSAM media, and we leverage AI in multiple solutions to locate CSAM victims, transcribe police audio and video interviews, and even perform offline location detection without GPS a world-first innovation in forensic technology. AI won’t replace human examiners, but examiners who harness AI will certainly set the benchmark. Join our session to explore both the benefits and the challenges of AI in forensics, with real-world examples from the global leaders in AI-driven forensic solutions.
11AM ET
Topic Coming Soon!
12PM ET
Sponsor Spotlight - OSINT Liar
Dan Cardin, OSINT Liar
12:30PM ET
Break
1PM ET
Essential Early Case Assessment for Mobile Device Extractions
Rich Frawley, Director of Training, ADF Solutions
This presentation delves into the critical importance of early case assessment (ECA) in mobile device extractions. By understanding the case context and potential evidence, investigators can prioritize their analysis and maximize the efficiency of their efforts.
The presentation will cover key topics such as case context, evidence identification, prioritization techniques, and case examples. By understanding the nature of the case, investigators can identify key data points and anticipate potential challenges. Through effective prioritization, they can streamline their analysis and focus on the most relevant information. The presentation will also include real-world case studies to illustrate the application of ECA principles and demonstrate how early assessment can lead to more efficient and effective investigations. Additionally, the presentation will emphasize the importance of adhering to forensic standards and procedures, documenting all steps and findings, and minimizing the risk of data contamination or loss.
2PM ET
AI Solutions in Forensics and Legal Technologies: The Good, the Bad, and the Ugly
Brian McHughs, Co-founder & CEO, Indexed I/O
How does AI fundamentally work? In this presentation we'll explore various AI models and workflows and take a deep dive into each of their strengths, weaknesses, and significant issues. With AI everywhere it is important you know how it works...and even more so, when it doesn't. We'll use real world examples as we navigate AI solutions and how they can be leveraged with collected data sets.