Chewing the FAT

Phil Cobley & Adam Firman

Chewing the FAT is a Digital Forensics and Cyber Investigations video podcast written and presented by Firmsky (Adam Firman) and Cobbers (Phil Cobley) where they discuss and explore past or future developments impacting on the industry. With recent industry news bulletins, special guest interviews from the field, and a casual, fun approach to all things DFIR, this podcast will help keep practitioners and enthusiasts engaged and up-to-speed on this fast paced and ever changing discipline. Hosted on Acast. See acast.com/privacy for more information.

Episodes

  1. 04/26/2022

    Episode 12

    In the final episode of Chewing the FAT, Phil & Adam discuss bringing Chewing the FAT to a close, plus we run through some of the recent Digital Forensics industry news. Phil & Adam also introduce their new podcast Forensics Reformatted where you can continue to be conscious of time. SANS - Truth about USB and Disk Drive serial numbers  https://www.sans.org/blog/the-truth-about-usb-device-serial-numbers/     Github - DFIR Community Book  https://github.com/Digital-Forensics-Discord-Server/CrowdsourcedDFIRBook/     Github - Control-F - MIFT (newly open sourced tool)  https://github.com/controlf/mift     New(ish) Command Line tools for Linux  https://jvns.ca/blog/2022/04/12/a-list-of-new-ish--command-line-tools/  Examining A Malware-Infected Android Phone. This Android Is Not Alright.  https://thebinaryhick.blog/2022/04/09/examining-a-malware-infected-android-phone-this-android-is-not-alright/     The Unified Cyber Ontology Transitions to Linux Foundation  https://cyberdomainontology.org/2021/12/07/UCO-transitions-to-LF.html    Magnet Summit 2022  https://twitter.com/hashtag/MagnetSummit2022?src=hashtag_click     [Air]Tag You're It! - Chris Vance @cScottVance  https://blog.d204n6.com/2022/04/airtag-youre-it.html     GalliumOS - A fast and lightweight Linux distro for ChromeOS devices  https://galliumos.org     What's the Buzz - Bumble on iOS - Kevin Pagano  https://www.stark4n6.com/2022/04/whats-buzz-bumble-on-ios.html  CWA: Article link  https://www.cencenelec.eu/news-and-events/news/2022/eninthespotlight/2022-04-12-for-mobile/    Download link  https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/cwa17865_2022.pdf  Forensics Reformatted - The new show: https://anchor.fm/4n6reformatted Hosted on Acast. See acast.com/privacy for more information.

    45 min

  2. 04/01/2022

    Episode 11

    In episode number 11 of Chewing the FAT, Phil & Adam discuss Finding Flags and Pulling Pints with special guest Kevin Pagano! plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Due to the amount of news and links please view the description on our YouTube Page for full links: Chewing the FAT - YouTube Formobile: https://formobile-project.eu/ Hosted on Acast. See acast.com/privacy for more information.

    1h 26m

  3. 03/02/2022

    Episode 10

    In episode number 10 of Chewing the FAT, Phil & Adam discuss Formobile & Forensic Freebies with special guest Phil Cobley! plus we run through some of the recent Digital Forensics industry news along with the Faux Pas.   Due to the amount of news and links please view the description on our YouTube Page for full links: Chewing the FAT - YouTube Formobile: https://formobile-project.eu/   Hosted on Acast. See acast.com/privacy for more information.

    1h 19m

  4. 02/04/2022

    Episode 9

    In episode number 9 of Chewing the FAT, Phil & Adam discuss ribbons, RabbitHoles and rock with special guest Alex Caithness plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Alex Caithness: Shouty Band  Sailing Stones | LongFallBoots (bandcamp.com) RabbitHole: RabbitHole | CCL Solutions Group CCL GitHub: https://github.com/cclgroupltd Music: Oscillator Sink - YouTube INDUSTRY NEWS: Microsoft Mitigate Record Breaking 3.47 Tbps DDoS on Azure Customers: https://thehackernews.com/2022/01/microsoft-mitigated-record-breaking-347.html Using Graphics Card Fingerprints to Identify Web Users: https://thehackernews.com/2022/01/your-graphics-card-fingerprint-can-be.html DFIR Artifact Museum - Andrew Rathbun Github: https://github.com/AndrewRathbun/DFIRArtifactMuseum Android ABX - Binary XML - Alex Caithness (with Alexis Brignoni and Josh Hickman): https://www.cclsolutionsgroup.com/post/android-abx-binary-xml Android 12 - Snooping on Android 12's Privacy Dashboard - Josh Hickman: https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard/ Android Airtags - Josh Hickman: https://thebinaryhick.blog/2022/01/08/androids-airtags-oof/ FireFox on Android - Kevin Pagano: https://www.stark4n6.com/2022/01/firefox-on-android-cookies-permissions.html Intro to Windows Registry Artifact Analysis - TryHackMe Walkthrough - TryHackMe (Joshua James - DFIR Science): https://tryhackme.com/room/windowsforensics1 Decrypting Secret Calculator Vault - The Incidental Chew Toy: https://theincidentalchewtoy.wordpress.com/2022/01/27/decrypting-secret-calculator-photo-vault/ Please see YouTube for all other links: Hosted on Acast. See acast.com/privacy for more information.

    1h 13m

  5. 12/21/2021

    Episode 8

    In episode number 8 of Chewing the FAT, Phil & Adam discuss turning up and following through with special guest Andrew Rathbun plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Featured topics: Andrew Rathbun section: Connect with me: https://twitter.com/bunsofwrath12 https://www.linkedin.com/in/andrewrathbun/ Digital Forensics Discord Server https://aboutdfir.com/a-beginners-guide-to-the-digital-forensics-discord-server/ AboutDFIR https://aboutdfir.com Andrew’s Current GitHub Projects: https://github.com/AndrewRathbun/VanillaWindowsRegistryHives https://github.com/AndrewRathbun/VanillaWindowsReference https://github.com/nasbench/EVTX-ETW-Resources https://github.com/AndrewRathbun/DFIRRegex https://github.com/AndrewRathbun/DFIRMindMaps https://github.com/AndrewRathbun/DirectoryOpus-DFIRConfig https://github.com/AndrewRathbun/EventTranscript.db-Research KAPE Related GitHub Repositories: https://github.com/AndrewRathbun/Awesome-KAPE https://github.com/AndrewRathbun/KAPE-EZToolsAncillaryUpdater https://github.com/EricZimmerman/KapeFiles https://github.com/EricZimmerman/SQLECmd https://github.com/EricZimmerman/evtx https://github.com/EricZimmerman/RECmd https://github.com/AndrewRathbun/ForensicImageKAPEOutput Digital Forensics Discord Server GitHub Repositories: https://github.com/Digital-Forensics-Discord-Server/GitHubLearningPlayground https://github.com/Digital-Forensics-Discord-Server/LawEnforcementResources https://github.com/Digital-Forensics-Discord-Server/DFIRGlossary ----------------------------- Open Source Digital Forensic Conference: https://www.osdfcon.org/ Using ArtEx to conduct an extraction of a jailbroken iPhone - Ian Whiffin: https://doubleblak.com/blogPosts.php?id=26 Log4j - Rob Berends: https://www.linkedin.com/feed/update/urn:li:activity:6876120706095058944 Log4j: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html SANS Cyber Threat Intelligence Conference: Join us for the FREE Virtual Cyber Threat Intelligence Summit 2022! Logo-ls A new GitHub repo that combines the Linux LS CMD with logos and icons: https://github.com/Yash-Handa/logo-ls?utm_source=tldrnewsletter Josh Hickman, The Binary Hick - Android 12 Image: https://thebinaryhick.blog/2021/12/17/android-12-image-now-available/ Kevin Pagano - Stark4N6 - Forensic4Cast Nominations: https://www.stark4n6.com/2021/12/my-2022-forensic-4cast-awards.html Forensic4Cast Nomination Page: https://docs.google.com/forms/d/e/1FAIpQLScX-pt0uo9_0GUv-AG-ty7Ya8bZzdRlW8-eP3oABHCsSCQrGQ/viewform FORMOBILE: https://formobile-project.eu/ Hosted on Acast. See acast.com/privacy for more information.

    1h 30m

  6. 11/19/2021

    Episode 7

    In the seventh episode of Chewing the FAT, Phil & Adam discuss Mental Health and Working within Digital Forensics plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Featured topics: Sarah Edwards - Apple Pay & Wallet: https://objectivebythesea.com/v4/talks/OBTS_v4_sEdwards.pdf Josh Hickman iOS 15 Powered off tracking and remote wipe & XML Binary findings: https://thebinaryhick.blog/2021/10/27/ios-15-powered-off-tracking-remote-bombs/ https://twitter.com/josh_hickman1/status/1456730376030859265 Ian Whiffin - Geofences & Metadata Adjustment: https://www.doubleblak.com/m/blogPosts.php?id=22 https://www.doubleblak.com/m/blogPosts.php?id=23 Frida & Use case by Christine Fossaceca: https://objectivebythesea.com/v4/talks/OBTS_v4_cFossaceca.pdf https://frida.re DFIR Science - Joshua James: https://dfir.science/2021/11/WIN-100USD-and-PRIZES-Nov-DFIR-Dev.html https://www.youtube.com/watch?v=mM4rbFh4rqg&feature=youtu.be https://swag.dfir.science/listing/DFIR-Stickers-IDFE?product=661 iOS 15 Notes: https://support.apple.com/en-gb/guide/iphone/iphe4d04f674/ios Alex Caithness at CCL: https://github.com/cclgroupltd Alexis Brignoni - all the LEAPPs https://abrignoni.blogspot.com/ R:pple Suicide Prevention: https://www.ripplesuicideprevention.com/ FORMOBILE:  https://formobile-project.eu/ Hosted on Acast. See acast.com/privacy for more information.

    1h 3m

  7. 10/28/2021

    Episode 6

    In the sixth episode of Chewing the FAT, Phil & Adam host special guest Alexis Brignoni l to discuss Coding, Community, & Collaborations plus we run through some of the recent Digital Forensics industry news along with the Faux Pas. Digital Evidence & the Crime Scene Paper by Graeme Horsman, exploring the concept of devices being "Digital witnesses", & methodologies & theories regarding scene examination. https://reader.elsevier.com/reader/sd/pii/S1355030621001295?token=FC1BB7A6B9AD84CDC4B95A9700B00F080FB2220C608BA7EAFB46FA280387E70EC79D7B05C0F9C42CF5D0D370218EAFAC&originRegion=eu-west-1&originCreation=20211013063720   Microsoft releases Linux version of Sysadmin https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-linux-version-of-the-windows-sysmon-tool/amp/   Samsung Power Off Reset Logs & iOS Tracking Kevin Pagano, who produces the Start.me! While doing the Cellebrite CTF there was a question on Samsung phone battery life, & Kevin created a parser for ALEAPP to parse the power off log files. https://www.stark4n6.com/2021/10/samsung-power-off-reset-logs.html?m=1 https://www.stark4n6.com/2021/10/restore-log-tracking-ios-update-history.html   Encouraging different perspectives in Digital Forensics https://www.forensicfocus.com/articles/encouraging-different-perspectives-in-digital-forensics-september-research/   AFF4 Evidential Containers - explained by Magnet https://www.forensicfocus.com/webinars/the-aff4-evidence-container-why-and-whats-next/   Recognizing people in photos through private on-device machine learning - Apple https://machinelearning.apple.com/research/recognizing-people-photos   Brignoni on Teaching and Learning Python https://www.forensicfocus.com/podcast/alexis-brignoni-on-teaching-and-learning-python-why-its-important-and-whats-involved/   Brignoni Blog & YouTube https://abrignoni.blogspot.com https://www.youtube.com/c/AlexisBrignoni Hosted on Acast. See acast.com/privacy for more information.

    1h 10m
  8. Episode 5

    09/21/2021

    Episode 5

    In the fifth episode of Chewing the FAT, Phil and Adam host special guest Tom Farrell QPM l to discuss Online child safety and available automated protection systems plus we run through some of the recent Digital Forensics industry news.   For the fifth Forensic Faux Pas segment to air, special guest Tom shares a great story of ensuring your spoof address is actually spoofed!   Links for some of the content we discussed during the show: The Binary Hick - Josh Hickman - Detecting Android Factory Reset https://thebinaryhick.blog/2021/08/19/wipeout-detecting-android-factory-resets/ ProtonMail - iOS application decryption - Matthew Regnery https://xperylab.medium.com/protonmail-forensic-decryption-of-ios-app-8e9ae9f50953 Apple delays plays to scan your iCloud - BBC https://www.bbc.co.uk/news/technology-58433647.amp To m's response to Apples delay - SafeToNet   https://safetonet.com/en-gb/2021/08/24/apple-continue-to-raise-eyebrows/ ForMobile This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800. https://formobile-project.eu/ Hosted on Acast. See acast.com/privacy for more information.

    1h 2m
  9. Episode 4

    08/17/2021

    Episode 4

    In the forth episode of Chewing the FAT, Phil and Adam host special guest Josh Hickman l to discuss Images, Imaging, and Inevitable Investigation Issues plus we run through some of the recent Digital Forensics industry news.   For the forth Forensic Faux Pas segment to air, special guest Josh shares a great story of when he joined Kroll.   Links for some of the content we discussed during the show:   Forensics Start Me Page (DFIR Resource Links) by Kevin Pagano   https://start.me/p/q6mw4Q/forensics   Digital Forensic Research Workshop - CTF   https://dfrws.org/dfrws-2021-challenge/   Windows 365   https://windowsreport.com/windows-365-high-demand/   Apple to scan iPhones for child sex abuse images   https://www.bbc.co.uk/news/technology-58109748>   https://www.apple.com/child-safety/   Josh Hickman Blog   https://thebinaryhick.blog/ Kroll & KAPE https://www.kroll.com/en/insights/publications/cyber/kroll-artifact-parser-extractor-kape ForMobile This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800. https://formobile-project.eu/ Hosted on Acast. See acast.com/privacy for more information.

    1h 15m
  10. Episode 3

    07/28/2021

    Episode 3

    In the third episode of Chewing the FAT, Phil and Adam host special guest Kevin Mansell to discuss training, certification and competence plus we run through some of the recent Digital Forensics industry news. For the third Forensic Faux Pas segment to air, special guest Kevin shares a couple of their embarrassing stories of things that went wrong from their days training days. Links for some of the content we discussed during the show: ETW on Windows 11 - Initial thoughts https://blog.tofile.dev/2021/07/01/windows11.html Hansken - Digital Forensics as a Service? https://www.sciencedirect.com/science/article/pii/S2666281720300706 https://www.forensicfocus.com/articles/automating-and-sharing-digital-forensics-knowledge-through-hansken/ MSAB Raven https://www.msab.com/raven/ Resetting Your IoT Device Before Reselling It Isn't Enough https://gizmodo.com/resetting-your-iot-device-before-reselling-it-isnt-enou-1847220178 New blog from Josh - Find My & iCloud's Throne of Lies • iCloud location data lies! • Highlights importance of network isolation during seizure and possession of devices https://thebinaryhick.blog/2021/06/25/apples-find-my-iclouds-throne-of-lies/ Android Apps with 5.8 Million Installs Caught Stealing User's Facebook Passwords https://thehackernews.com/2021/07/android-apps-with-58-million-installs.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29 ControlF https://www.controlf.net/ This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800. Hosted on Acast. See acast.com/privacy for more information.

    1h 29m
  11. Episode 2

    06/09/2021

    Episode 2

    In the second episode of Chewing the FAT, Phil and Adam host special guest Heather Mahalik to discuss SANS coming together with the leading industry vendors to produce a validation guide plus we run through some of the recent Digital Forensics industry news. For the second Forensic Faux Pas segment to air, special guest Heather shares a couple of their embarrassing stories of things that went wrong from their early days plus some great stories from our listeners. Links for some of the content we discussed during the show:The State of Android Health Data (Part 1) – Garmin  https://thebinaryhick.blog/2021/05/22/the-state-of-android-health-data-part-1-garmin/    Rabbit Hole from CCL (Alex Caithness)  https://uploads-ssl.webflow.com/5f02f2c93eab87a6ea84e2f3/60364c14ce5f0e240b78de9c_RabbitHole_DD_2021.pdf    MSAB partner with Detego:  https://www.forensicfocus.com/news/detego-joins-forces-with-msab-in-strategic-digital-forensics-partnership/#:~:text=Detego%C2%AE%20Joins%20Forces%20With%20MSAB%20In%20Strategic%20Digital%20Forensics%20Partnership,-17th%20May%202021&text=Detego%2C%20global%20leaders%20in%20rapid,in%20mobile%20device%20digital%20forensics.    Should encryption be curbed to combat child abuse?  https://www-bbc-co-uk.cdn.ampproject.org/c/s/www.bbc.co.uk/news/business-57050689.amp    Impacts of COVID 19 on the risk of online child sexual exploitation:  https://www.arts.unsw.edu.au/sites/default/files/documents/eSafety-OCSE-pandemic-report-salter-and-wong.pdf    Microsoft and UK government make it easier for public sector to use Azure:  https://news.microsoft.com/en-gb/2021/05/11/microsoft-and-uk-government-make-it-easier-for-public-sector-organisations-to-use-the-azure-cloud/    Heather's link to DFIR Summit:  https://www.sans.org/event/digital-forensics-summit-2021 Six Steps to Mobile Validation – Working Together for the Common Good  A joint effort with collaboration from across several major DF vendors resulted in a joint standards paper being released by SANS shortly afterwards, promoting good practice.   https://www.sans.org/blog/six-steps-to-successful-mobile-validation-paper/ Signal Story: Original claim and reply posted in Dec 2020, about "breaking signal encryption" https://signal.org/blog/cellebrite-and-clickbait/   21st April 2021, posted new blog outlining vulnerabilities in Cellebrite software. https://signal.org/blog/cellebrite-vulnerabilities/ Cellebrite response:  https://www.cellebrite.com/en/our-mission-remains-clear/ We would like to say a special thanks to the EU Formobile Project for supporting and helping fund this project. Without their support we would not have been able to get this off the ground. You can visit the Formobile website at: https://formobile-project.eu/ This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800. Hosted on Acast. See acast.com/privacy for more information.

    1h 11m
  12. Episode 1

    05/06/2021

    Episode 1

    In the first ever episode of Chewing the FAT, Phil and Adam introduce themselves, run through some of the recent Digital Forensics industry news, and share their thoughts on some recently published digital evidence guidance. For the first Forensic Faux Pas segment to air, Phil and Adam share a couple of their embarrassing stories of things that went wrong from their days in the lab. Links for some of the content we discussed during the show: ACPO - https://library.college.police.uk/docs/acpo/digital-evidence-2012.pdf ISO 17025 - https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/912389/107_FSR-C-107_Digital_forensics_2.0.pdf ForMobile - https://formobile-project.eu/ COP Report - https://www.college.police.uk/article/consultation-extracting-data-electronic-devices-released CTF Twitter - https://twitter.com/ChewintheFATPod DFIR Twitter # - https://twitter.com/hashtag/dfir Forensic Discord Server - https://discord.com/invite/JUqe9Ek Josh Hickman - https://thebinaryhick.blog/ Heather Mahalik - https://www.cellebrite.com/en/ios-location-artifacts-explained/ Jessica Hyde, Magnet Forensics - https://www.magnetforensics.com/blog/ways-to-share-in-dfir/ Oleg Afonin, Elcomsoft - https://blog.elcomsoft.com/2021/02/ios-recovery-mode-analysis-reading-ios-version-from-locked-and-disabled-iphones/ MSAB - https://www.msab.com/2020/09/17/super-fast-iphone-extraction-times/ Belkasoft - https://belkasoft.com/forensic_extraction_of_data_from_mobile_apple_devices Phill Moore, ThisWeekin4n6 https://thisweekin4n6.com/ Android Triage - https://www.andreafortuna.org/2021/04/10/android-triage-a-really-useful-forensic-tool-by-mattia-epifani/ Autospy - https://www.cybertriage.com/2021/our-100-unbiased-4cast-awards-nominations/ Alexis Brignoni, Realm - https://abrignoni.blogspot.com/search?q=realm Magnet Forensics, Chromebook Acquisition Assistant - https://www.magnetforensics.com/resources/magnet-chromebook-acquisition-assistant/ We would like to say a special thanks to the EU Formobile Project for supporting and helping fund this project. Without their support we would not have been able to get this off the ground. You can visit the Formobile website at: https://formobile-project.eu/ This project has received funding from the European Union's Horizon 2020 - Research and Innovation Framework Programme, H2020-SU-SEC-2018, under grant agreement no. 832800. Hosted on Acast. See acast.com/privacy for more information.

    50 min
  • 12 Episodes

About

Chewing the FAT is a Digital Forensics and Cyber Investigations video podcast written and presented by Firmsky (Adam Firman) and Cobbers (Phil Cobley) where they discuss and explore past or future developments impacting on the industry. With recent industry news bulletins, special guest interviews from the field, and a casual, fun approach to all things DFIR, this podcast will help keep practitioners and enthusiasts engaged and up-to-speed on this fast paced and ever changing discipline. Hosted on Acast. See acast.com/privacy for more information.

Information

  • Creator
    Phil Cobley & Adam Firman
  • Years Active
    2021 - 2022
  • Episodes
    12
  • Rating
    Clean
  • Copyright
    © Phil Cobley and Adam Firman
  • Show Website
    Chewing the FAT