Call Log Artifacts can be vital. This article will explore call log timestamps within iOS as they are typically parsed and establish a simple and beneficial parsing change which expands the usefulness of call log timestamps and call durations.

https://sqlmcgee.wordpress.com/2022/11/30/maximizing-ios-call-log-timestamps-and-call-duration-effectiveness-will-you-answer-the-call/

:acongablob: :acongablob: :acongablob: :acongablob:
#DFIR #DigitalForensics

@gsuberland @malwaretech Ditto. The article made a subscriber out of me.

@stark4n6 looking forward to them. :hamsterdance:

Working on some new #ALEAPP parsers, embedded #JSON in #SQLite is fun #mobileforensics

@malwaretech thank you for your thoughtful and interesting article. Just subscribed.

@paulasadoorian True.

@troyhunt

Perhaps you have seen the reasons now, after another 10 days.

I've left because I do not wish to provide content to support a platform (and owner) that is enabling hate and ignorance. As Moby posted in his departure from Twitter "Twitter has become a cesspool of racism, anti-semitism, disinformation, and dimwitted alt-right hate"

I have been appalled at some of what I'm seeing. Plus, issues such as gutting the teams doing child protection and stopping

(continued next post)

@forens1cgrl that's awesome! :dance_cool_doge: :rainbowdance:

The truth about Linux, macOS and Windows.

@tes maybe because someone boosted now something that happened hours ago?

@arossp yes. Plus some of those features had a cost, at least last time I looked.

@DopeGhoti @scott_stanton mastominator?

@jeffw @jerry just take the spaces between the semicolons and the word and - > : donor : = :donor:

Please be patient with the current style of the #blog. I wanted to get something up quickly, so I started with a freely available and minimal design. I'll make constant tweaks and enhancements as I go and learn more about Jekyll. It'll never be great, because I suck at design.

As a reminder, the APFS #DFIR Advent series starts Thursday! I've got the first two entries written with 22 more to come.
https://jtsylve.blog/post/2022/11/27/APFS-Advent-Challenge-2022

What idiot called that little narc Elf on the Shelf and not Police Navidad?

@gsuberland Big wallet. LOL! ​That is something to be proud of :1000:​

@DFIR_abrignoni This is how John McAfee squirmed out of his purported $1M bug bounty payout on that stupid hardware wallet. Signing keys were kept in memory and weren't expunged. Someone tipped him off so they purposefully drained the batteries on the devices they shipped to security testers, which meant they couldn't claim (under the bounty's very specific rules, of course) even though it was totally vulnerable in practice.

@gsuberland Wow. Today I learned. That was super lame but not surprising of course.

It still happens...
#DFIR #DigitalForensics #DFIRlife