As more details emerge from the horrible mass shooting in Parkland, Florida on February 14, 2018, one item of interest is a YouTube comment left on a channel created by a man named Ben Bennight of Mississippi. Mr. Bennight noticed a disturbing comment left by someone with the YouTube account name of “Nikolas Cruz”
Bring Your Own Device (BYOD) refers to allowing end users the ability to use their own personal mobile devices (e.g., phones, tablets, laptops, etc.) to conduct business instead of having a corporate device issued to them. BYOD is often seen as a cost savings and a step toward a “21st Century Workforce” by executives.
For my Master of Science Degree in Information Security and Assurance (MSISA) I wrote my thesis about the overall lack of standards, certifications, and accreditation in the digital forensics discipline (available here). This lack of rigor within our profession may very well jeopardize the credibility of our discipline.
Over the past decade that I have
Technology and digital evidence are at the forefront of nearly every criminal, civil, and corporate investigation in the world. For the past thirty years digital evidence such as computers, cellular phones, tablets, servers, GPS devices, gaming consoles, storage devices, and network infrastructure devices have been forensically analyzed and presented in legal proceedings. In many
Over the years the question of how to store digital forensic evidence has been raised many times. Forensic examiners often ask how to properly use a Storage Area Network (SAN) or Network Attached Storage (NAS) device in a digital forensic laboratory. Some of the main questions asked are: 1) How do you handle the
Developing a Business Justification
When I began investigating cyber crimes and seizing digital evidence, it was rare to seize more than ten items of digital evidence from a residential search warrant. Usually a suspect would have a desktop and laptop computer, a cellular phone, and some loose media like floppy disks or CDs. It was
Finding user accounts on a computer running the Windows Operating System (OS) is a standard part of a forensic examination. Local user accounts are found within the SAM Registry Hive, but what about computers connected to a domain?
During an examination, you may see a mismatch between accounts stored in the SAM Registry Hive and