computer forensics, computer forensics expert, mobile phone forensics, expert witness

News and events

Upcoming presentation on mobile phone forensics at PFIC2014

Dr Schatz will be presenting a seminar on the current state of the art in extraction of evidence from smartphones, at the Paraben Forensic Innovation Conference, Nov 12-14 2014, in Utah, USA. The seminar, titled "Smartphone Physical: The Current State of Play" covers the following:

This seminar will examine the current state of play in regard to the lowest level of acquisition and analysis of Android and iOS smart phones. Focusing on the theory of operation underlying open source and commercial tools, rather than the tools themselves, attendees of this this seminar will gain an understanding of the techniques currently employed for acquisition and analysis, and the corresponding limitations and opportunities in forensic practice.

Presentation on Ransomware Incident Response at AusCERT2014

On 13 May 2014, Dr Schatz was was honoured to present at the AusCERT2014 Online Crime Symposium at the Gold Coast, Australia. In this seminar he addressed the challenges of responding to incidents involving Ransomware, from the perspective of a private sector incident responder.

We’d like to thank the AusCERT program committee for inviting us to this forum and allowing us to share our perspectives.

The AusCERT Cybercrime Symposium is a closed, invitation only event, targeted at Government, law enforcement and private sector personnel involved in the development of policies or strategies for e-security or e-government, or who have responsibility for investigations either within their own organisations or for the broader community.

Android mobile phone forensics training at SYSCAN 2014

Over the period 31 March – 2 April 2014, Dr Schatz delivered a three day training course titled “Android Forensic Analysis in Depth” along side the Symposium on Security for Asia Network (SyScan) conference in Singapore.

The training covered forensic acquisition and analysis of Android based mobile phones and tablet devices. In this course the participants worked their way through the various methods of gaining access to data in phones, including logical via file and forensic acquisition applications, and physical, via rooting and JTAG. Students then moved on to learning a range of techniques for interpreting the content of such acquisition, addressing issues such as locked phones, and encryption. The culmination of the course was a half day practical session solving a mock-case.