GrayKey Integration And A New SQLite Viewer Come To Magnet AXIOM 3.1

by

The innovation of Magnet AXIOM 3.0 continues with the release of Magnet AXIOM 3.1—which is now available to download!

In this release, we’re excited to have developed our exclusive technology partnership with Grayshift by integrating the loading of GrayKey images directly within AXIOM. We’ve also introduced a new SQLite viewer to give you better access when reviewing SQLite databases. And we’ve brought support for 12 Chromium-based browsers on Android—leading to 90 new supported artifacts.

On top of these new features, we’ve continued to build on the great new features of AXIOM 3.0, with new Mac artifacts and further enhancements to Cloud acquisition (including Facebook Warrant Returns and public Twitter acquisitions), Timeline, and media categorization.

If you’re not already using AXIOM and want try AXIOM 3.1 for yourself, request a trial today.


Load GrayKey Images Directly Within AXIOM

Building on our exclusive technology and distribution partnership with Grayshift, AXIOM 3.1 brings integration with GrayKey devices, allowing you to connect and load images directly into AXIOM Process—eliminating the need to manually copy and load images.


This integration streamlines the process for selecting and loading GrayKey images. Once connected, you can see all images stored on the device, and pick the image components you want to process. AXIOM will look after loading the image from GrayKey to AXIOM. Plus, it will use the image hashes to validate that the files were correctly loaded. Once you’re done loading the GrayKey images, simply choose the image components for processing.


Check out this how-to guide on how to load GrayKey images with the new GrayKey integration within AXIOM.


Want to learn more about using AXIOM and GrayKey together in your iOS investigations? Join us and Grayshift for a live webinar on May 21 at 10:00AM & 2:00PMET. You can register here.

New in AXIOM 3.1: SQLite Viewer
The new SQLite viewer will give you greater flexibility in reviewing evidence so you can quickly and easily find the most relevant data. The new viewer includes the ability to:


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

– Quickly review table contents
– Filter on columns
– Search tables
– Execute custom SQL queries
– Export directly to .CSV and Excel files

The new SQLite viewer is launched when you select any .db or .sqlite file from the File System Explorer. It will allow you to stay within the context of AXIOM while enabling advanced search and review capabilities—speeding up your manual review and validation times.

Updates to Facebook Warrant Returns and Public Twitter Acquisitions
AXIOM 3.0 brought the ability to process Facebook Warrant Returns using AXIOM Cloud, as well as gathering data from public Twitter profiles. With AXIOM 3.1, we’re ensuring that you can get even more data from those sources.

Facebook Warrant Returns

Facebook Warrant Returns includes a lot of information about a suspect’s Facebook activity. This includes details on anything that they had posted to the platform. When working on Facebook Warrant Returns, we have added the ability to collect and display information on pictures and status updates posted by the user.

Twitter

If you’re looking to collect publicly available Twitter information, you now have better control over the information you want to acquire. Now you can decide to only collect:

– Tweets (all public tweets authored by or retweeted by the user)
– Who they’re following (account information for accounts that the user follows)
– Followers (account information for accounts that follow the user)

This update can greatly improve collection times—especially for accounts that have a large number of tweets, followers, or Twitter users that the suspect is following, which may not be relevant to the investigation.

Now Supporting 12 New Chromium-Based Browsers for Android
AXIOM 3.1 introduces support for 12 new Chromium-based Android browsers and 90 new artifacts including web history, downloads, bookmarks, search details and more!

There are many different Chromium-based browsers available to users that are popular in different regions and often advertise enhanced security or privacy capabilities. Each browser stores its own data including browser history, bookmarks, search history and other important artifacts that may be crucial to an investigation. With this added support, you will have more opportunities to identify critical evidence in your cases through artifacts. Here are the browsers now supported:

– Aloha
– Android Browser
– Brave
– Ecosia
– Iron Browser
– Kiwi Browser
– Lunascape
– Opera
– Sleipnir
– UC Browser
– Whale
– Yandex

Read more about our new artifacts supporting Chromium-based browser artifacts over on our blog, here.

Performance Improvements
As always, we’re working to continually improve the performance capabilities of AXIOM. With AXIOM 3.1, we have reduced that amount of data we store in the attachment database when carving videos from evidence files, reducing the amount of memory being used during processing, as well as the footprint of the case on disk. In a baseline 500GB case, the overall footprint on disk was reduced by 36%, from 227GB to 140GB.

Additionally, we’ve continued to refine the performance of the new Timeline view, introduced in AXIOM 3.0.

Support for Exporting Media in Project VIC JSON Version 2.0
AXIOM now supports exporting media in the Project VIC JSON version 2.0—in addition to the existing support for version 1.2 and 1.3. VICS 2.0 adds support for associating a number of additional attributes with media to support advanced investigative techniques. This will be helpful when you want to be able to leverage extended VICS data to better understand which media should be sent to Victim Identification teams for review.

New Artifacts
– Contacts (MacOS)
– Quicklook Thumbnails (MacOS)
– MacOS Keychain (MacOS)
– Recovery Accounts (MacOS)
– Mail.ru Agent (iOS & Android)
– Reddit (iOS)
– Gmail (iOS)
– Lyft (iOS)
– Android Browser (Android)
– MS Edge Chromium (Windows)
– VLC Player (Windows & MacOS)
– Facebook Warrant Return (Photos)
– Facebook Warrant Return (Status Updates)

Updated Artifacts
– Prefetch (Windows)
– Skype (Windows & Android)
– NTLM Hashes (Windows)
– Chrome (Windows & MacOS)
– KnowledgeC (iOS)
– Signal (iOS)
– Mail (iOS)
– Instagram (iOS)
– Gmail (Android)
– Telegram (iOS & Android)
– Tik Tok (iOS & Android)

Get Magnet AXIOM 3.1 Today!
If you’re already using AXIOM, download AXIOM 3.1 over at the Customer Portal. If you want to see how AXIOM 3.1 can help you find the evidence that matters, request a free 30-day trial today!

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi. Show Notes: A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234 YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/ Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools.

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_7QiFTiuY7Vw

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

Forensic Focus 22nd March 2023 11:44 am

Throughout the past few years, the way employees communicate with each other has changed forever.<br /><br />69% of employees note that the number of business applications they use at work has increased during the pandemic.<br /><br />Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.<br /><br />Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.<br /><br />Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.<br /><br />With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.<br /><br />Join Monica Harris, Product Business Manager, as she showcases how investigators can:<br /><br />- Manage multiple cloud collections through a web interface<br />- Cull data prior to collection to save time and money by gaining these valuable insights of the data available<br />- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box<br />- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee<br />- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 20th March 2023 11:00 am

As a hybrid working environment continues to be a way of life for many professionals, the way employees communicate has been altered as well. The scope and volume of data that needs to be collected and reviewed from computers, mobile devices and cloud applications is evolving. As the devices and collaboration platforms employees use changes, the approach to collecting data generated on emerging devices and platforms grows increasingly complex as a result. In a 2022 Endpoint Intelligence benchmark survey, only 65% of legal professionals are confident in their ability to collect relevant data from endpoints. Understanding this ever-changing collection landscape is essential for legal and litigation technology professionals as modern data increases in volume in discovery. Join Monica Harris, Product Manager at Cellebrite Enterprise Solutions for an educational discussion on the what, when, why and how of modern data collections for legal teams.

As a hybrid working environment continues to be a way of life for many professionals, the way employees communicate has been altered as well. The scope and volume of data that needs to be collected and reviewed from computers, mobile devices and cloud applications is evolving.

As the devices and collaboration platforms employees use changes, the approach to collecting data generated on emerging devices and platforms grows increasingly complex as a result. In a 2022 Endpoint Intelligence benchmark survey, only 65% of legal professionals are confident in their ability to collect relevant data from endpoints.

Understanding this ever-changing collection landscape is essential for legal and litigation technology professionals as modern data increases in volume in discovery.

Join Monica Harris, Product Manager at Cellebrite Enterprise Solutions for an educational discussion on the what, when, why and how of modern data collections for legal teams.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_jVTDS1UTTtA

We’re Not in Document Land Anymore: Modern Data Collections for Litigation Technology Professionals

Forensic Focus 6th March 2023 10:00 am

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Digital Forensics Round-Up, March 23 2023
News

Digital Forensics Round-Up, March 23 2023

ByForensic FocusMar 23, 2023
UPCOMING WEBINAR – Identifying And Triaging Security Risks In Your Organization
News

UPCOMING WEBINAR – Identifying And Triaging Security Risks In Your Organization

ByCellebriteMar 23, 2023
AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases
Podcast

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

ByForensic FocusMar 22, 2023
Tips And Tricks: Data Collection For Cloud Workplace Applications
Webinars

Tips And Tricks: Data Collection For Cloud Workplace Applications

ByCellebriteMar 20, 2023
ADF Solutions Offers Complimentary Mobile Forensics Training On March 22nd
News

ADF Solutions Offers Complimentary Mobile Forensics Training On March 22nd

ByadfsolutionsMar 16, 2023
Digital Forensics Round-Up, March 16 2023
News

Digital Forensics Round-Up, March 16 2023

ByForensic FocusMar 16, 2023
Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly