Executing Windows Command Line Investigations by Hosmer, Bartolomie & Pelli

by Scar de Courcier on October 30, 2018October 30, 2018

I met Chet Hosmer at DFRWS in Providence, Rhode Island, earlier this year. Over lunch I explained my upcoming digital forensics book to him, and he was very supportive. When I arrived back in England a copy of one of his books was waiting for me, along with an encouraging note.

Well, the DFIR book project has taken a backseat over the last few months due to me taking on a new psychology of religion research project, but maybe it’ll come back. In the meantime I thought I’d take a look at Chet’s book and write a quick review of it. (more…)

Interviews with digital forensics practitioners

by Scar de Courcier on October 11, 2018October 11, 2018

In one of my day jobs, I edit Forensic Focus, which includes writing articles, interviewing key industry figures, and spending far too much of my life at conferences.

Recently I’ve interviewed a few people about their areas of forensic expertise, so I thought I’d share them here in case you missed them. (more…)

Review: Analyze DI Pro From Griffeye

by Scar de Courcier on September 13, 2018September 13, 2018

Those of you who know about my work in digital forensics will probably be aware that I got into the field because I’m very passionate about child protection, so anyone who champions that cause is someone I’m probably going to like. Magnet Forensics has been doing this for years, but recently I became aware of Griffeye, whom I somehow hadn’t heard of before.

A while ago they asked me to review their Analyze DI Pro solution as part of my work over at Forensic Focus, so I did. (more…)

SQLite Forensics by Paul Sanderson

by Scar de Courcier on June 26, 2018June 26, 2018

SQLite forensics is an important part of many digital forensic investigations. Most smartphones and computer operating systems use SQLite, with each device often including hundreds of databases. Despite this extreme proliferation, SQLite forensics is often overlooked in conversations about current trends in digital forensics. Paul Sanderson’s book attempts to redress the balance and bring attention to the importance of SQLite forensics. (more…)

Some Of My Favourite Digital Forensics Books

by Scar de Courcier on June 14, 2018June 14, 2018

I read a lot. I write a lot. I work a lot. Sometimes these things coincide. One of the ways they coincide is through writing books about my day job, for which I also read books other people have written.

Here are a few of my favourite digital forensics books I’ve read over the past few years, which I’d recommend if you’re looking for relevant reading material. (more…)

Mobile Forensics – Advanced Investigative Strategies by Oleg Afonin & Vladimir Katalov

by Scar de Courcier on May 10, 2018May 10, 2018

Mobile forensics is a growing subsection of digital forensic investigation. With the proliferation of devices, applications and operating systems available nowadays, it’s increasingly becoming a vital and complex field. The skillset needed to accurately acquire evidence from mobile devices may seem dauntingly wide-ranging, especially when so many of us are dealing with backlogs in the first place. How are we supposed to keep up to date with this ever-evolving challenge?

Luckily we have books like this to help us out. (more…)

How Do Criminals Communicate Online?

by Scar de Courcier on May 8, 2017May 8, 2017

Flashpoint, a business intelligence agency specialising in the deep and dark web, recently published a report on the economy of criminal networks online. The report looks not only at where criminals go to communicate on the internet, but also how their communications are structured, and the ways in which online communication has changed the criminal landscape.

Far from the kind of jack-of-all-trades portrayed in TV dramas, today’s cybercriminals structure their operations much like a business, each person having their own specialisms and reporting to the people above them. This helps to ensure that every member of the network takes on tasks that don’t overwhelm them, and often also ensures that the level of communication is kept to a minimum. Each party is only in contact with the level directly above, thus decreasing the likelihood of breaking up the entire network if a single individual’s identity is uncovered by law enforcement.

Read the full article on ForensicFocus

John Patzakis on how a new Federal Rule of Evidence will affect digital investigators

by Scar de Courcier on January 9, 2017January 9, 2017

The other day I interviewed John Patzakis, Executive Chairman at X1 Discovery, about an article he’s written about a new amendment to Federal Rule of Evidence 902.

Subsection (14) will come into play this December, and will mean that all electronic data will be required to be “self-authenticating”.

(more…)

“How Do You Fit It All In?” Like This.

by Scar de Courcier on May 30, 2016May 30, 2016

People have always asked me how I manage to fit all the various things I do into my life. In the past, the answer was that I was a workaholic who could get by on four hours’ sleep a night.

Nowadays, however, I’m in my late twenties, and while that means I’m still young (right? RIGHT?!), it also means I’ve started making those little noises when I get out of chairs or bend to pick something up, and also that going to bed at a reasonable hour instead of stumbling drunkenly through the streets of Dalston at 3am seems like a perfectly good nighttime pursuit.

(more…)

The Challenges of Investigating Live Streamed Child Sexual Abuse

by Scar de Courcier on May 2, 2016May 2, 2016

A nice cheerful topic to start us off on a Monday morning.

I wrote a thing for Forensic Focus about how it’s quite difficult to investigate the live streaming of child sexual abuse online, but how we should do it anyway.

(more…)

Five Things I Have Learned In Five Years As An Investigator

by Scar de Courcier on February 29, 2016February 29, 2016

Tomorrow, the 1st of March 2016, marks my five-year anniversary as an investigator. I set up my first investigation business when I was still working at my old job (with their permission), and I’ve been through several iterations since.

Now, five years in, I’ve settled into my investigative identity. Here are some of the things I’ve learned along the way.

(more…)

Six Things That Will Happen To You When You Become A Private Investigator

by Scar de Courcier on January 18, 2016January 18, 2016

Some parts of becoming a private investigator are weirder and more confusing than others. I suspect that some of the experiences listed below have something to do with being a young, female, alternative-looking person, although considering that I have no other point of reference, I might be wrong about that.

I became a private investigator three years ago, and six things have stood out repeatedly over the years, so I thought I’d share them.

(more…)