)
)
)
)
){kind=logo}
08:30 AM
-
Meeting Room 104/105This session provides hands-on instruction in using open-source tools for mobile and digital forensics. Attendees will gain practical experience acquiring, parsing, and analyzing data from both Androi …
-
Meeting Room 206/208It began in the late 1980's with the emergence of personal computers using spreadsheet software to build huge end-user ad hoc desktop applications without the involvement or approval of the Informatio …
-
Meeting Room 202/204The spreadsheet of doom—that sprawling tracker of timelines, observables, and case notes—remains the backbone of incident response at top firms. AI should help here. Often it doesn't. This session sha …
-
Ballroom CeCall and vehicle connectivity modules store critical forensic data generated during vehicle operation and emergency events. This presentation examines how such data can be extracted and analyzed in …
-
Ballroom BDigital investigations do not slow down because of a lack of data. They slow down because of too much of it. This hands‑on lab shows participants how to precisely filter investigator‑relevant data fro …
-
Meeting Room 106/107The goal of this session is to educate law enforcement about the Snapchat application and ways to work with the Snapchat Law Enforcement Operations team. This session will cover what data might be ava …
-
Ballroom AAs modern smart devices and applications continue to implement stronger security controls, password and passcode recovery has become an increasingly critical and often time-sensitive component of digi …
.jpg)
09:30 AM
-
Meeting Room 106/107Case study involving a husband and wife, Alexandria Stevens and Michael Taylor, who produced CSAM with the wife's 7 year old sister, attempted with her minor brother as well, and solicited children on …
-
Meeting Room 202/204This session explores how AI-powered deepfakes can alter faces, voices, and messages, featuring real demo of what current tools can create. This session will share how deepfakes can be used to deliver …
-
Ballroom AThis study examines the accuracy and reliability of geolocation data from iOS and Android devices, with a focus on its forensic and legal significance. For iOS and Android, location data is tested aga …
-
Digital evidence volumes continue to expand while investigative teams and legal stakeholders operate across jurisdictions, time zones, and disciplines. The result is often fragmented: separate tools, …
10:30 AM
-
Ballroom CIoT devices are everywhere and causing potential chaos with the data they collect and store. With risks to digital security and information sharing they are becoming a prime suspect in digital eviden …
-
From Fragmented Signals to Convictions: Solving a Cross-Border Murder Through Fused Digital EvidenceMeeting Room 202/204Attendees will learn how cloud-based criminal analytics enabled investigators to correlate communications, movements, and digital identities; reconstruct timelines across borders; and expose hidden co …
-
Meeting Room 206/208As investigations span physical devices, removable media, and legacy data, maintaining a defensible digital chain of custody is increasingly complex. This session examines practical, process-driven be …
-
Meeting Room 106/107This session will cover human trafficking trends in crypto, highlighting the forced labor behind many crypto scams, covering a case study of CSAM and live streaming abuse in the Philippines, and highl …
-
Ballroom ASession details in progress.
11:20 AM
-
Ballroom BFor many years, recovering deleted files was considered a routine outcome of physical extraction in mobile forensics. However, Android’s encryption model has evolved significantly — from Full Disk Enc …
11:30 AM
-
Meeting Room 202/204This session provides responders with an in-depth analysis of the evolving ransomware threat landscape, examining how major ransomware groups have adapted their TTPs over the past year. Drawing from …
-
Ballroom CDigital investigations are evolving faster than most traditional forensic tooling can adapt. In this session, we’ll explore why modern investigators benefit from adopting developer-style tools—includi …
-
Meeting Room 106/107This session examines how digital exploitation and trafficking investigations are shaped by investigative tradecraft influenced by registry-based and monitoring systems. It will explore how reliance o …
-
Ballroom ASession description in progress
-
Meeting Room 206/208An in-depth look into the investigation of TD Bank. Agents will discuss where it started, typologies the bank failed to catch, and AML areas that were the bank was criminally non-compliant. The presen …
02:00 PM
-
Meeting Room 202/204Open-source information is increasingly distorted by synthetic content, false identities, and deceptive digital activity. This session teaches practical methods to validate OSINT data in investigatio …
-
Meeting Room 206/208As the crypto industry strives for legitimacy, a shadow economy persists. This session uses blockchain data to uncover how criminal syndicates obfuscate capital flows. We reveal over 32,000 annual "tr …
-
Ballroom CTest points have long been used in mobile forensics to place devices into specific operational modes for acquisition and analysis. This session will provide a deep dive into test points, focusing on h …
-
Meeting Room 106/107This session provides law enforcement with an overview of the Roblox platform, its safety and parental control features, and how to work effectively with Roblox to obtain timely responses to lawful re …
-
What does the Magnet Verify team do after revolutionizing media authentication with a novel, patented approach to file structure analysis? They continue to research and innovate to find yet another ne …
-
Ballroom ASession details in progress.
03:30 PM
-
Meeting Room 206/208In today's digital age, the impact of cybersecurity breaches on organizations can mirror the profound effects of personal loss, leading to what can be described as 'cyber grief.' This session explores …
-
Ballroom CThe era of “many hands” in digital forensics has arrived, with investigations spanning multiple agencies, devices, and stakeholders. Live collaboration is now essential—but true collaboration requires …
-
Meeting Room 202/204AI that once required data centers and specialized expertise can now be spun up in a bedroom or back office using entirely free tools. This has opened the door to a wave of misuse: deepfake harassmen …
-
Meeting Room 106/107In 2024 the NC SBI Computer Crimes Unit along with more than 40 local, county and federal law enforcement agencies conducted a multi-agency operation known as “Operation Winter Guardian”. This operati …Speakers
-
Ballroom AAs mobile devices increasingly limit the availability of persistent network artifacts, volatile memory has become a critical, yet underutilized source of evidential data. This session explores how MAC …
-
Ballroom ASession details in progress.
