We’re gearing up for our first webinar of 2018, “How the Onset of Security Apps is Impacting Investigations” on January 30. Jessica Hyde, our Director of Forensics, will look into vault and security apps including file managers, cleaning apps, private browsers and app locks. In addition to a focus on Cheetah Mobile apps, she will explore the types of artifact evidence apps like these can leave behind and what you should be aware of as an investigator when dealing with these apps.
If you just can’t wait until January 30 to watch a Magnet Forensics webinar, you can always watch a webinar from our recorded archive. Throughout 2017, we hosted a lot of great sessions — featuring illuminating Q&As — that helped shed light on (among many other things) Connections in AXIOM, mobile forensics (particularly Android Marshmallow), and AXIOM Cloud.
We thought we’d take this opportunity to look back on the five most popular webinars we hosted. Feel free to click on a title of your choice to view a recording.
Learn how to link common artifacts together and see the connections between different artifacts and pieces of evidence. Gain insight into how users interact with their content by replicating the data’s journey. Begin by looking at a file, and then understand the path the file took throughout the user’s activity – where did it originate, how was it shared, how else was it accessed, at which times it was accessed, what else was accessed at the same time? In this webinar, Jessica takes you through these elements of attributing actions to users.
Every day new mobile applications are launched. Often these apps contain chat functions or other functionality that can be crucial evidence in a case. However, even after an investigator becomes aware of them, commercial forensic tools don’t always immediately enable parsing and carving for the data from these apps . In this webinar, Jessica explores new methods for discovering and parsing data from these unsupported applications. Learn how to test, find, parse, and script to obtain forensic evidence in new applications using a physical forensic image.
Android’s Marshmallow OS has its own set of unique challenges, including full disk encryption. During this recorded webinar, our trainer Christopher Vance looks at ways to acquire images and work through an examination of devices running this OS. He also discusses the different ways to obtain an image of an Android device – chip-off, JTAG, bootloader exploits, rooted imaging, backups and APK injections.
New encryption and privacy features on smartphones makes data recovery tricky for digital forensic professionals. Tayfun Uzun, Product Manager at Magnet Forensics, shares insights into different recovery methods for smartphones. Learn about exploits, bootloader flashing and recovery flashing. Tayfun also demonstrates Magnet AXIOM’s ability to physically image over 650 Samsung devices and walk through the data structure of the most popular mobile operating systems.
With the onset of countless connected devices, apps, and media, the need for storage and access to stored data grows every day. The answer seems to be: The Cloud! Cloud services for both enterprises and consumers can contain a multitude of evidence in civil and criminal cases alike. So, whether for corporations or for law enforcement, forensic examiners need a better sense of what can be accessed and how to efficiently process the volumes of data.
Tayfun discusses the most popular types of cloud services and their implications for evidence acquisition and examination. He also looks at how apps utilize the cloud and how to make connections between cloud app usage and computer evidence. Finally, he demonstrates how our Magnet AXIOM Cloud quickly sorts, filters, and makes sense of cloud application data.