Making complex data simple and compelling
From digital device to digital evidence
Unlock your vehicle's digital evidence potential
Forensic Analysis and Enhancement
Investigating and analyzing financial records
Gain access to the online accounts of deceased loved ones
Clear, precise evidence for a messy world
Expert reports to suit your specific needs
We can locate people anywhere
Stop worrying and learn the truth
Prevent, Detect, Respond To Cyberattacks
First response is crucial. Every minute counts.
The first response is critical to reduce liability
Detection & Removing Spyware Services
Reduce your electronic risk from digital transmittals
Find out who you are really talking to
Experienced, Confidential Services
Swift, professional incident response
Complicated cases require compelling digital facts
Find, recover and document digital evidence
Bring solid evidence before a judge
Cases can be investigated using Social Media
Divorce, custody battles, and other
Win the most important battle of your life
Everything you need
Effective Expert Witness in Court
Evidence shows who is telling the truth
Subpoena power yields strong evidence
Digital evidence can build a strong defense
Go to court with compelling digital evidence
Here is the best paper from DFRWS USA 2016 by Andrew Case and Golden G. Richard III.
Major advances in memory forensics in the past decade now allow investigators to efficiently detect and analyze many types of sophisticated kernel-level malware. With operating systems vendors now routinely enforcing driver signing and integrating strategies for protecting kernel data, such as Patch Guard, userland attacks are becoming more attractive to malware authors, as evidenced in the notorious Crisis malware. We therefore turn our attention to improving memory forensics techniques for analysis of malware in userland. In this paper, we focus on new methods for detecting userland malware written in Objective-C on Mac OS X. As the paper illustrates, Objective-C provides a rich set of APIs that malware can use to manipulate and steal application data and to perform other malicious activities. Our novel memory forensics techniques deeply examine the state of the Objective-C runtime inside of targeted processes, identifying a number of suspicious activities, from keystroke logging to pointer swizzling. We then examine our techniques against memory samples infected with malware found in targeted OS X attacks.
Use this link to read full article.
Save my name, email, and website in this browser for the next time I comment.
Speak to a Specialist Now
Get Help Now