Oxygen Forensic Detective Supports Parrot Drones And Uncovers BlaBlaCar Trips

Oxygen Forensics has released an update to its flagship product, Oxygen Forensic® Detective, introducing advanced features to support Parrot drone flight logs extracted from either an installed mobile app and even a physical dump along with the exclusive ability to extract and parse BlaBlaCar and CoverMe data.

ENHANCED DRONE FORENSICS

The nefarious use of recreational drones is already a part of many of today’s news stories. Keeping this in mind, we’ve introduced two new features in our robust drone forensics module – extending our support to now include Parrot drones and detailed parsing of DJI drone flight logs.

Parrot drone support. Our prior releases have supported data parsing from FreeFlight Pro, the official piloting mobile app for Parrot drones. However, the new version now delivers an ability to import and parse Parrot’s flight logs extracted from either an installed mobile app and also a drone physical dump. Now investigators can see geo coordinates containing timestamps and metadata that includes: altitude, velocity, ground speed, Wi-Fi signal, battery level, current satellite numbers, and more. The extracted flight history can be visualized with our built-in Maps.

DJI drone flight logs. The ability to import DJI drone logs has been a part of Oxygen Forensic Detective, but with this release, our JetEngine module will also support these valuable logs. Investigators now will be able to import DJI log flight logs and parse additional technical data, like drone acceleration, gyroscope and temperature details to name a few.BLABLACAR DATA EXTRACTION


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

BlaBlaCar is the world’s leading long-distance carpooling service, connecting drivers with empty seats to people that will be traveling the same direction. As of June 2018, BlaBlaCar indicated they have 60 million members in 22 countries and over 18 million travelers every quarter.

It is stated this revolutionary way to travel offers a new way of socialization by creating a new type of community. Nevertheless, BlaBlaCar drivers and users have been victims of serious crimes including murder, kidnapping, and sexual assault.

Looking to help investigators in combating this criminal activity we’ve introduced to our users the exclusive ability to extract and parse BlaBlaCar data from mobile devices and cloud services in Oxygen Forensic Detective 11.2. Now investigators can gain access to all available BlaBlaCar data including trips, travelers, chats, cars, reviews and even account details. This valuable information can be extracted from both Apple iOS and Android mobile devices or from the associated cloud service via login/password or token which can be located and extracted from the mobile device or on a PC using our innovative KeyScout and Oxygen Forensic Detective.

FILE SECTION FOR A CASE

In many cases, an investigation requires the analysis of several devices collectively. In the 11.2 release, we’ve introduced to investigators the ability to analyze file systems of several extractions in a single view within the Oxygen Forensic JetEngine. To view several file systems, simply switch to the case and select the Files section within the main program screen. A fantastic feature for today’s large digital investigations! We’ve also redesigned, and integrated the Plist Viewer within the Files section allowing quick access and analysis of these key files within the iOS file system.

What is even better, investigators can now merge similar contacts in the Contacts section both manually or automatically. The updated JetEngine also supports deleted data recovery from EXT3\4 dumps from the file system journal. For a full list of enhancements please go to the WhatsNew file.

APPLE HEALTH DATA

Apple Health consolidates all the health data from iPhone, Apple Watch and third-party apps and is pre-installed on the iPhone 6S and newer models. Many of today’s news stories tell of health data from smart watches or mobile devices successfully used as evidence in criminal trials. Activity and heart rate measurements automatically stored in the Apple Health app could play a significant role in the solving of many violent crimes.

Oxygen Forensic Detective currently supports Apple Health extraction from the Apple iPhone, but with the 11.2 release investigators can also acquire Health data from the cloud account via login/password or token. The cloud data includes all the details about the user’s activity, sleep, nutrition, and mindfulness as well as the list of paired devices and account information.

COVERME MESSENGER DECRYPTION

CoverMe is a mobile application that offers military-grade encryption protection for calls, messaging and all private information to include photos, videos, call logs and contacts. The app takes all of these data types and hides them within the vault. Extracting and examination the evidence from this app can be a monumental task for any investigator.

We are pleased to announce with the release of Oxygen Forensic Detective 11.2 the data from CoverMe can be recovered. Oxygen Forensic Detective now offers an industry-first solution to the parsing and decryption of all the data securely stored in CoverMe app – contacts, private and group chats, calls, vault data, login history, notifications, logs, and cache.

EXTENDED EDL METHOD

We first introduced our EDL screen lock bypass method almost a year ago. Since that time we’ve added support for over 500 Android devices based on the Qualcomm chipset – the biggest numbers in the industry!

Version 11.2 allows investigators to conduct physical extractions of any Android device based on the following chipsets: Qualcomm MSM8909, MSM8916, MSM8952. Previously, investigators had to select the exact device model which was often a tedious task. Now investigators simply select the device’s chipset to begin the extraction. Moreover, we’ve added the ability to decrypt physical dumps with the known password for Android devices based on MSM8909 chipset.

Leave a Comment

Latest Videos

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. 

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools.

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_7QiFTiuY7Vw

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

Forensic Focus 22nd March 2023 11:44 am

Throughout the past few years, the way employees communicate with each other has changed forever.<br /><br />69% of employees note that the number of business applications they use at work has increased during the pandemic.<br /><br />Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.<br /><br />Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.<br /><br />Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.<br /><br />With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.<br /><br />Join Monica Harris, Product Business Manager, as she showcases how investigators can:<br /><br />- Manage multiple cloud collections through a web interface<br />- Cull data prior to collection to save time and money by gaining these valuable insights of the data available<br />- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box<br />- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee<br />- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 20th March 2023 11:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...