In modern criminal investigations, digital evidence—including emails, text messages, phone records, video footage, social media posts, and cloud-stored information—often holds more value than physical evidence. Artificial intelligence (AI) is rapidly transforming law enforcement and digital forensics, allowing police to process massive volumes of data, solve cases more quickly, and protect officers from exposure to traumatic … Continued
The digital forensics and incident response (DFIR) landscape is in the middle of a revolution, thanks to the adoption of cloud-based forensic solutions. Some of the transformative benefits of cloud-based tools may be familiar, but there are even more advantages that you may not know about yet. Below, we’ve gathered 10 benefits of cloud-based forensics … Continued
In this series, Chad Gish, CID/SISU Detective, Metropolitan Nashville Police Department will delve into some noteworthy cases in his 26-year career, focusing on investigations that were either completely solved or significantly aided by a critical piece of evidence—what he calls “that one artifact.” In some cases, physical evidence can be so limited that solving the … Continued
In digital forensics, Windows operating systems leave behind a wealth of forensic artifacts that can be invaluable in investigations. Among the key artifacts are ShimCache (Application Compatibility Cache) and AmCache (Application Activity Cache). These artifacts can provide valuable insights into program execution and file system interaction, often essential in piecing together an event timeline or … Continued
PowerShell is a powerful tool within Windows systems, widely used for administrative tasks, automation, and scripting. Unfortunately, due to its powerful scripting capabilities and default presence on Windows machines, it has also become a popular tool for malicious actors. PowerShell can be used in advanced attacks, including fileless malware, lateral movement within a network, and … Continued
Time is always critical when dealing with criminal investigations, but did you know that some iOS forensics evidence will be lost entirely if it isn’t extracted within a certain window of opportunity? To help avoid any lost data during mobile forensic data extraction, we have outlined the best iOS evidence sources to capture before expiration, … Continued
Remote Desktop Protocol (RDP) is a powerful tool for remote administration, but it can also be a gateway for attackers seeking unauthorized access. For digital forensics professionals, RDP artifacts are critical in tracing an intruder’s steps. In this blog, we will explore what RDP digital artifacts entail, where they are located, how they can be … Continued
Data exfiltration—the unauthorized transfer of data from a system—can result in severe damage to organizations, making it critical for forensic investigators to identify key digital artifacts that reveal how, when, and where the breach occurred. Tools such as Magnet Axiom Cyber, Magnet Axiom, and Magnet Nexus are essential in uncovering these critical pieces of evidence. These … Continued
About a year ago, we announced our partnership with the National Center for Missing and Exploited Children (NCMEC)—the largest and most influential child protection organization in the U.S. Over the past year, we have collaborated to build a new information-sharing solution to support ICAC investigators across the U.S. Today, we’re excited to launch the NCMEC … Continued
Join us for the DFIR event of the year. This is your chance to get hands-on training and hear about the newest innovations from Magnet Forensics
