How Detego Helped Airport-Based Counterterrorism Units Speed Up Investigations With Rapid Data Extraction and Triage Tools

The Background 

Our client* is one of the busiest airports in London and handles close to 30 million passengers each year. Used by a large number of the region’s budget airlines, the airport facilitates travel to over 200 destinations in &hell… Continue reading How Detego Helped Airport-Based Counterterrorism Units Speed Up Investigations With Rapid Data Extraction and Triage Tools

How Human Factors Confound and Enrich Digital Forensics: The November-December Research Roundup

Human complexity lies at the heart of so much of digital forensics – both the artifacts that offer insights into people’s motives, means, and opportunity to commit wrongdoing, and the investigations that reveal them.

Our research roundup for the end… Continue reading How Human Factors Confound and Enrich Digital Forensics: The November-December Research Roundup

Launching the Binalyze Forensic Investigation Suite

Steve: Good afternoon, good morning, good evening, depending on where you are in the world. Thank you for joining us again on this webinar. It’s to review our release version 2.1 and also to launch a new solution that … Read more The… Continue reading Launching the Binalyze Forensic Investigation Suite

Detego secures US Patent for Red-Amber-Green alert technology in its Innovative Triage Solution

Detego Global, the creator of Detego, the acclaimed Unified Digital Investigations Platform, has secured a patent in the United States for the company’s Red-Amber-Green alert technology – further enhancing its computer forensics offerings w… Continue reading Detego secures US Patent for Red-Amber-Green alert technology in its Innovative Triage Solution

Work Smarter, Not Harder — Optimize Your System for Faster Forensic Processing

Holli Hagene: Hi everyone. Thank you for joining us today. My name is Holli Hagene, and I’d like to welcome you to today’s webcast. We’ll get started in just a minute, but I wanted to provide a few reminders. All … Read m… Continue reading Work Smarter, Not Harder — Optimize Your System for Faster Forensic Processing

Industry Roundup: Mobile Field Triage Solutions

The ability to collect digital evidence in the field — away from a forensic laboratory — has long been a need in corporate, private, and law enforcement investigations.

That’s only accelerated over the past decade, as more people’s mobil… Continue reading Industry Roundup: Mobile Field Triage Solutions

Hunting injected processes by the modules they keep

A relatively recent post showed how Metasploit’s Meterpreter module made some noise on endpoints when the migrate command was used to move the agent code into a legitimate process, spoolsv.exe in our example.

One of the things we saw in that post was … Continue reading Hunting injected processes by the modules they keep

Analyzing an Instance of Meterpreter’s Shellcode

In my previous post on detecting and investigating Meterpreter’s Migrate functionality, I went down a rabbit hole on the initial PowerShell attack spawned by and Excel macro. In that payload was a bit of shellcode and I mentioned that I’d like to retur… Continue reading Analyzing an Instance of Meterpreter’s Shellcode