Magnet AXIOM 4.2 and Magnet AXIOM Cyber 4.2 from Magnet Forensics are now available for download! AXIOM 4.2 brings AFF4 support, the ability to ingest Skype Warrant Returns, and new WhatsApp data collection options, along with customized Targeted Locations and support for Office 365 Unified Audit Logs in AXIOM Cyber 4.2.
If you haven’t tried AXIOM yet, request a free 30-day trial here.
AFF4 Forensic Container Support
AFF4 (Advanced Forensics File format 4), an open source format designed for the storage of digital evidence and data, is now supported in AXIOM 4.2—including support for ingesting and processing AFF4 Physical Images.
The AFF4 format offers several advantages including:
- Vendor agnostic
- Open-source: Proof that AFF4 is 100% forensically sound
- Multiple factors of compression: Can configure algorithms to balance space vs. speed
- Block hashing: AFF4 images allow for extremely fast verification via the use of block hashing
- Metadata: Configurable and fully customizable, allowing vendors to add more metadata as they prefer
For more information on AFF4, read this blog from Jessica Hyde.
Ingest Skype Warrant Return Data
AXIOM 4.2 can now ingest Skype Warrant Return data, in addition to our existing Warrant Return support for Apple, Google, Facebook, Instagram, and Snapchat. AXIOM will parse chat contents, as well as information about the target account into artifacts for examiners
For more information, check out this blog from Tarah Melton.
Easily Collect WhatsApp Data
WhatsApp continues to be one of the most popular messaging platforms in the world. This feature is designed to help you acquire WhatsApp data from mobile devices that are unlocked and connected to a network.
AXIOM will present the you with a QR code which must be scanned from the WhatsApp application on a mobile device containing the messages to be collected. From there, you will be presented with a list of conversations and can choose which messages to be acquired and processed within AXIOM.
The device doesn’t need to be physically connected for data collection, nor you need to keep the device – AXIOM automatically captures the selected conversations.
For more information, watch a how-to video from Tarah Melton:
Review Categorized Media by Source
The Media Categorization summary now also includes a section that summarizes the media found in the case per evidence source. The categorized media is summarized for each category based on the case.
In situations where multiple media evidence items might be across different sources, you can now easily see what media was found where.
New in Magnet AXIOM Cyber: Customize Targeted Locations
Locations can consist of one or more paths to a specific file or all contents of a folder. Paths are normalized to support collection on both Windows and Mac and support a wildcard for the user directory.
Check out Trey Amick’s blog to learn more how to customize Targeted Locations.
AXIOM Cyber: Office 365 Unified Audit Logs
Magnet AXIOM Cyber will now offer the ability to import and parse Microsoft Unified Audit log files generated using the Microsoft Security and Compliance Center (MSCC).
AXIOM Cyber: Full RAM Collection Performance Improvements
Magnet AXIOM Cyber will now collect full RAM 40-60% faster (depending on the amount of RAM being collected).
New Artifacts
- Windows Credentials (Windows)
- Microsoft Edge (iOS)
- Duck Duck Go (Android)
- Private Photo Vault (Android)
- RDP Bitmap Cache (Windows)
Artifact Updates
- Zoom (Windows/Android/iOS) (Learn more in this blog from Tarah Melton)
- Photos (iOS)
- Tinder (Android)
- Signal (iOS)
- Shellbags (Windows)
- Houseparty (iOS)
- Burner (Android)
- Discord (iOS)
- TextFree (iOS/Android)
- Android Messages (Android)
- Messenger (iOS)
- Google Duo (Android)
- Best Secret Folder (iOS)
- KnowledgeC (iOS)
Get Magnet AXIOM 4.2 and Magnet AXIOM Cyber 4.2 Today!
If you’re already using AXIOM, download AXIOM 4.2 or AXIOM Cyber 4.2 over at the Magnet Forensics Customer Portal. If you want to try AXIOM 4.2 or AXIOM Cyber 4.2 for yourself, request a free trial today!
