Welcome to this year's conference!
Short Message Service (SMS) has long been the cornerstone of mobile messaging, allowing users to send short text messages over cellular networks. With the advent of smartphones and the demand for richer communication experiences, Rich Communication Services (RCS) has emerged as a successor to SMS, promising a more interactive and dynamic messaging platform. There are 421 million Global Monthly Active Android users and 1.2 billion Android Ready Devices using or capable of using RCS. However, now iOS and Android can communicate via this method, what challenges does this pose for forensic examiners?!
Domestic abuse has found a new battleground: technology. Abusers are exploiting every device imaginable, turning everyday technology into a weapon. In this presentation, I'll expose how cameras, cell phones, cars, and more are being used to control and abuse victims, making it harder than ever to escape and find safety.
Matt Danner, owner of Monolith Forensics, will walk you through the forensics of a case related to the alleged theft of high value company data. This case is a real whodunit - a riddle, wrapped in a mystery inside an enigma, and stuffed into a paradox.
If you want to deep dive into disk, file system, and operating system forensics with a side of good old fashioned detective work - this is the talk for you.
While many investigators are familiar with popular apps and their potential evidentiary value, there's a vast universe of niche apps that can hold valuable, often overlooked, data. In this session, we'll delve into the world of niche apps, exploring their unique functionalities and the data they can reveal. From fetish apps to data-hiding tools, we'll provide a fresh perspective on where to look for evidence in your investigations.
The LEAPPs (Logs, Events, And Preferences Parsers) have become essential tools for digital forensic investigators tasked with extracting and analyzing data from mobile devices, digital search warrant returns, and vehicles. This talk will give the community a preview of the new reporting format called LAVA (LEAPPs Artifact Viewer Analyzer.) LAVA will make working with parsed data from the LEAPPs easier and more efficient.
Open Source Intelligence (OSINT) investigations hinge on the ability to capture and document information accurately and efficiently as it is discovered. This presentation will guide attendees through the critical practices of documenting OSINT findings to ensure that every piece of information is preserved and verifiable. The presentation will also address structuring documentation to create a clear audit trail and ensuring data integrity through timestamps and digital hashes.
Aircraft, remote, and mobile device lets investigators connect the dots from app to aircraft. In this session, we'll discuss ways of analyzing drone apps to tie them to an aircraft or vice versa.
Telegram is approaching one billion users. An increasing number of users reside in the United States. This presentation explains why Telegram is a super platform for criminal activity and crypto currency "plays." The presentation falls into four sections. The first section presents a ransomware operation targeting individuals who are trying to purchase stolen credit cards. A diagram of the operation makes the capabilities of the Telegram platform clear. The second section presents an overview of the more than 100 functions and services of the Telegram platform. The key point is that Telegram has had a cadence of innovations over the past 11 years. Functionality of the Telegram platform is three times that of Instagram, Signal, and WhatsApp. In addition, the organization of the Telegram distributed architecture is presented and the command-and-control services identified. The third part of the presentation presents information about the Dubai-based One Network (TON Foundation) and the new TONsocial organization. The Foundation manages the blockchain and crypto activities, and the TONsocial entity is designed to build a global social media network similar to VKontakte, the Russian Facebook, just integrated with the Telegram Messenger application. The final part of the presentation presents probable development vectors identified by my research team with brief comments about the impact on US law enforcement, intelligence professionals, and money laundering investigators.
Arc is a “new” browser published by The Browser Company. It was first released for macOS and iOS on April 19, 2022, and Windows on April 30, 2024. While (obviously!) not one of the big four browsers, it is important to be aware of the different platforms available for people to access the internet so that “no evidence is left behind.”
This presentation will introduce you to the Arc Browser and its associated data structures. We will break down the data structures and the relationships between the SQLite databases, XML files, pList files, and more. This presentation will provide you with a resource for later reference when you encounter this browser in evidence.
This presentation will cover the epidemic of "swatting". Understanding the "troll culture" leading to the swatting phenomenon. Evolving trade-craft involving swatting will be covered, as well as investigatory avenues for swatting. Real world cases will be covered.
The true potential of AI in digital forensics is only just beginning to be realised. At Semantics 21, we were the first to release an AI capable of detecting CSAM media, and we leverage AI in multiple solutions to locate CSAM victims, transcribe police audio and video interviews, and even perform offline location detection without GPS a world-first innovation in forensic technology. AI won’t replace human examiners, but examiners who harness AI will certainly set the benchmark. Join our session to explore both the benefits and the challenges of AI in forensics, with real-world examples from the global leaders in AI-driven forensic solutions.
The LEAPPs (Logs, Events, And Preferences Parsers) have become essential tools for digital forensic investigators tasked with extracting and analyzing data from mobile devices, digital search warrant returns, and vehicles. This talk will give the community a preview of the new reporting format called LAVA (LEAPPs Artifact Viewer Analyzer.) LAVA will make working with parsed data from the LEAPPs easier and more efficient.
This presentation delves into the critical importance of early case assessment (ECA) in mobile device extractions. By understanding the case context and potential evidence, investigators can prioritize their analysis and maximize the efficiency of their efforts.
The presentation will cover key topics such as case context, evidence identification, prioritization techniques, and case examples. By understanding the nature of the case, investigators can identify key data points and anticipate potential challenges. Through effective prioritization, they can streamline their analysis and focus on the most relevant information. The presentation will also include real-world case studies to illustrate the application of ECA principles and demonstrate how early assessment can lead to more efficient and effective investigations. Additionally, the presentation will emphasize the importance of adhering to forensic standards and procedures, documenting all steps and findings, and minimizing the risk of data contamination or loss.
How does AI fundamentally work? In this presentation we'll explore various AI models and workflows and take a deep dive into each of their strengths, weaknesses, and significant issues. With AI everywhere it is important you know how it works...and even more so, when it doesn't. We'll use real world examples as we navigate AI solutions and how they can be leveraged with collected data sets.
Despite being overshadowed by social media giants, Reddit is an underrated gem in the realm of OSINT. Reddit stands out for its vast assortment of third-party tools that grant access to previously deleted content. With millions of daily active users, Reddit provides valuable information for effective OSINT gathering.
In this session, we will explore tips and tricks for Reddit OSINT, including overviews on: finding communities of interest, finding details about users, and navigating Reddit subreddits.