Oxygen Forensics Introduces Sony MTK Dump And Face Search Capabilities

by

Oxygen Forensic Detective 13.3 is now available! Extract evidence from locked Sony MTK devices, acquire Tinder and OkCupid cloud data, analyze application activity in Timeline, conduct face searches, and more.

Sony MTK Dump

Oxygen Forensic® Detective 13.3 implements a new extraction method entitled “Sony MTK Dump”. This method allows investigators to bypass the screen lock and create a full physical dump of Sony devices based on MTK chipsets with Full Disk Encryption (FDE). If Secure Startup is enabled, investigators can use the built-in brute force module to find the user passcode. Supported devices include Sony XA1, Sony L1, Sony L2, and Sony L3.

New Method for Qualcomm Devices

This update also offers a new method of file system extraction for Android devices based on Qualcomm chipsets. If a device is unlocked and has Security Patch Level (SPL) no later than February 2020, investigators can apply a built-in exploit to gain temporary root rights and perform file system acquisition. This method covers multiple devices based on over 25 variations of Qualcomm chipsets running Android OS 7-9.

Video Recordings

In version 12.5, we introduced the ability to make screenshots of Android data via our OxyAgent. Oxygen Forensic® Detective 13.3 enables video recordings in a semi-automated or manual mode. Please note that apps preventing a screen capture (e.g., Telegram, WickreMe, VIPole) are not supported with this new upgrade to OxyAgent.

Search for Similar Faces

Oxygen Forensic® Detective provides investigators with a wide range of built-in analytical and time-saving features. With the release of Oxygen Forensic Detective version 13.3, investigators can conduct searches for specific faces in one or more extractions. To do this, open the Search section and navigate to the Face Sets tab. From there, investigators can create a unique set of reference images by uploading photos of people whom they need to identify in the extraction. Investigators can also adjust the percentage of resemblance. The higher the threshold, the more accurate the results will be. Once the search has completed, investigators will see the search results along with all detailed information (age, emotion, resemblance, etc.) within the interface.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Application Activity Analysis

Application activity analysis is often vital for malware detection. With this in mind, we have introduced a new tab, “Application activity”, in the Timeline section. It allows investigators to gain quick insights into the activity of applications extracted from Apple iOS and Android devices as well as computers.

Tinder and OkCupid Cloud Data

The updated Oxygen Forensic® Cloud Extractor brings support for two popular dating apps – Tinder and OkCupid.

Authorization in the Tinder cloud is supported via phone number or Google account. If 2FA is enabled, an investigator will need to enter a code received to the connected email address or phone number. Evidence sets will include the account details, chats, contacts, and matches.

Access to OkCupid is possible via phone number, login/password, or token extracted from Apple iOS and Android devices. If 2FA is needed to proceed, an investigator will need to enter a code received to the connected phone number. OkCupid cloud extraction will contain the account details, chats, contacts, files, and other available data.

New Computer Artifacts

The updated Oxygen Forensic® KeyScout now allows investigators to collect user data from several new apps: Zello, Discord, Element Messenger, and VIPole. Moreover, using the KeyScout, investigators can import and parse file system ZIP archives made from Windows, macOS, or Linux computers. Additionally, we have added the ability to search and collect computer artifacts by most common file extensions. Check the required file extensions in the Settings/Files tab in KeyScout for additional information. Lastly, we have added full support for macOS Big Sur v 11.1.

Support for WiGLE Service

Location information is key to solving many crimes. This release brings support for WiGLE, which allows investigators to receive geo coordinates from extracted MAC addresses. To use this service, register on the WiGLE website and enter the received API token in the Options/Geo Settings menu in Oxygen Forensic® Detective. Once that is complete, investigators will be able to receive geo information in the Wireless Connections section.

Wish to try a new version? Ask for a fully-featured demo license.

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Read more on all these stories at https://www.forensicfocus.com/news/digital-forensics-round-up-april-17-2024/ #digitalforensics #dfir

Read more on all these stories at https://www.forensicfocus.com/news/digital-forensics-round-up-april-17-2024/ #digitalforensics #dfir

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_wY4_T8IUuxY

Digital Forensics News Round Up, April 17 2024 #digitalforensics #dfir

Forensic Focus 17th April 2024 5:30 pm

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-april-12-2024/

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-april-12-2024/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_DTjUBPIzVNs

Forensic Focus Digest, April 12 2024 #digitalforensics #dfir

Forensic Focus 12th April 2024 2:31 pm

Join Si and Desi for another episode of the Forensic Focus Podcast. This week, they discuss the lack of transparency and potential misrepresentation in the cybersecurity industry, particularly regarding the use of open-source tools by companies and the questionable interpretation of data and statistics in marketing and advertising. The conversation also delves into the implications of relying on computer systems and algorithms to make important decisions, such as in the case of the Post Office scandal in the UK and the Centrelink repayment debacle in Australia. They emphasize the importance of human oversight, critical thinking, and considering the human impact of such decisions, rather than blindly trusting the outputs of computer systems. 00:00 – The state of the digital forensics industry 02:30 – Desi’s talk at BSides Brisbane 05:30 – Sweaty Cyber Advice and Strongman 09:40 – Companies integrating open source software 23:00 – Advertising, statistics and logical fallacies 28:00 – The Post Office scandal and computer accountability 49:00 – Security, compliance and regulations 56:00 – Closing thoughts Show Notes Hardly Adequate YouTube - https://www.youtube.com/@hardlyadequate Oxfordshire’s Strongman & Strongwoman - https:\oxfordshire.rocks\ CPS, Computer Records Evidence - https://www.cps.gov.uk/legal-guidance/computer-records-evidence Your Logical Fallacyis - https://yourlogicalfallacyis.com/ British Post Office Scandal - https://en.wikipedia.org/wiki/British_Post_Office_scandal The Guardian, Robodebt Scandal - https://www.theguardian.com/australia-news/2023/mar/11/robodebt-five-years-of-lies-mistakes-and-failures-that-caused-a-18bn-scandal Tyler Vigen, Spurious Correlations - http://www.tylervigen.com/spurious-correlations Forensic Focus Discord - https://discord.gg/97zKvTXHeS

Join Si and Desi for another episode of the Forensic Focus Podcast. This week, they discuss the lack of transparency and potential misrepresentation in the cybersecurity industry, particularly regarding the use of open-source tools by companies and the questionable interpretation of data and statistics in marketing and advertising.

The conversation also delves into the implications of relying on computer systems and algorithms to make important decisions, such as in the case of the Post Office scandal in the UK and the Centrelink repayment debacle in Australia. They emphasize the importance of human oversight, critical thinking, and considering the human impact of such decisions, rather than blindly trusting the outputs of computer systems.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_LtdulCL39AU

Cyber Scandals And When (Not) To Trust Computers

Forensic Focus 10th April 2024 6:40 pm

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles

Alex Beddard, Investigator, Chainalysis
Interviews

Alex Beddard, Investigator, Chainalysis

ByForensic FocusApr 18, 2024
Digital Forensics Round-Up, April 17 2024
News

Digital Forensics Round-Up, April 17 2024

ByForensic FocusApr 17, 2024
Magnet Forensics Announces Magnet One, A Revolutionary Platform For The Pursuit Of Justice
News

Magnet Forensics Announces Magnet One, A Revolutionary Platform For The Pursuit Of Justice

ByMagnetForensicsApr 16, 2024
UPCOMING WEBINAR – Fireside Chat: Navigating The Cloud – Expert Insights On Emerging Cloud Threats And Complexities
News

UPCOMING WEBINAR – Fireside Chat: Navigating The Cloud – Expert Insights On Emerging Cloud Threats And Complexities

ByCado SecurityApr 16, 2024
Maltego Acquires PublicSonar And Social Network Harvester To Propel Vision Of An All-in-One Investigation Platform
News

Maltego Acquires PublicSonar And Social Network Harvester To Propel Vision Of An All-in-One Investigation Platform

ByForensic FocusApr 15, 2024
Filip Kachnic, Business Development Manager, Eyedea Recognition Ltd
Interviews

Filip Kachnic, Business Development Manager, Eyedea Recognition Ltd

ByForensic FocusApr 15, 2024