In this video, Belkasoft discusses new features of Evidence Center version 9.0 such as new reporting, deduplication, PhotoDNA, NTFS compression, macOS system configuration analysis and other features added to the new major release.

In this video Aliaume Leroy from Bellingcat talks about open source investigation/verification tools and presents a number of real life examples of its usage:

The Windows registry is an essential source of evidence when performing a wide range of examinations. In a recent talk (ZeroNights, 2017), Maxim Suhanov described various problems with popular tools used to parse offline registry hives and to recover deleted data. You can find the slides here.

Smartphones are constantly changing and the course is forced to evolve. FOR585 has been updated and includes 7 new labs, new sections and bonus material for students interested in smartphones that aren’t common to all parts of the world, but really matter to some. A glimpse of the new sections in FOR585 will be provided in this webcast to include …

Heather Mahalik and Sarah Edwards shared their fresh presentation from SANS DFIR Summit on extracting forensic artifacts from Apple Continuity. You can find the slides here.

Here is a nice presentation by Safaa Hraiz on BTRFS forensic analysis:

Here is Vladimir Katalov’s, Elcomsoft CEO, presentation from HITB Security Conference 2017 about iCloud syncing and two-factor authentication: