FBI got data from a locked iPhone 11 using GrayKey: how does this tool work?

The recent deadly shooting last month at a naval air station in Pensacola, Fla., brought in the spotlight the issue of iOS security: attorney General William P. Barr requested Apple to provide access to two phones used by the killer.

Continue reading “FBI got data from a locked iPhone 11 using GrayKey: how does this tool work?”

What’s new in Volatility 3?

In last years, the way that operating systems are developed, deployed, and maintained evolved quickly.
Similarly, the skillsets of memory analysts and their preferred work flows have changed to meet a world with increasingly large volumes of complex data.
In order to address these challenges, the Volatility development team has developed an entirely new version of the framework.

Continue reading “What’s new in Volatility 3?”

Some thoughts about Windows 10 “Timeline” forensics artifacts

Today i’ll talk you briefly about the Windows 10 “Timeline“: a feature that can come in handy during a forensic analysis.
How to access it and how to analyze it?

Continue reading “Some thoughts about Windows 10 “Timeline” forensics artifacts”