Join us for an engaging session where we'll recap recent events and activities before diving into the latest research, cutting-edge tools, and exciting updates!

Tune in as we explore groundbreaking research conducted by emerging stars in the DFIR community. We'll delve into the testing of data stored in iOS Unified Logs, focusing on driving and motion states—this is sure to be fascinating. Discover the newly documented multi-user/multi-account functionality, such as Samsung's Dual Messenger, uncovered by a newcomer to digital forensics. Stay informed about enhancements and new capabilities for tools like UFADE.

We'll also ponder the implications of significant market acquisitions, such as Thoma Bravo's, and discuss their potential impact on the digital forensics field.

Additionally, learn about Android's innovative anti-theft features designed to thwart device thieves, which will also have implications for forensic investigations.

This episode is packed with insights you won't want to miss!

Notes-
iOS Unified Logs - Driving and Motion States
https://www.ios-unifiedlogs.com/post/ios-unified-logs-driving

Thoma Bravo Announces a Cash Offer to Acquire Cybersecurity Leader Darktrace
https://www.thomabravo.com/press-releases/thoma-bravo-announces-a-cash-offer-to-acquire-cybersecurity-leader-darktrace

Magnet One
https://www.magnetforensics.com/products/magnet-one/

UFADE Updates
https://github.com/prosch88/UFADE/

Android’s Theft Protection Features Keep Your Device and Data Safe
https://blog.google/products/android/android-theft-protection/

CCL Updates
https://github.com/cclgroupltd/ccl-segb

Brian Hempsteads Work on the Session Application
https://www.linkedin.com/posts/bhempstead_a-guide-for-session-app-sqlite-database-navigation-activity-7196877311659446272-zebu

Phil Hagen YouTube Channel
https://www.youtube.com/@PhilHagen

VMware Fusion Pro: Now Available Free for Personal Use
https://blogs.vmware.com/teamfusion/2024/05/fusion-pro-now-available-free-for-personal-use.html
https://unexploredterritory.tech/074-newsflash-vmware-workstation-and-fusion-licensing-changes-did-i-hear-free/

Live from the International Association of Computer Investigative Specialists (IACIS) with special guest Bill "the phone wizard" Aycock!!


Notes:
Three New SANS Posters
https://www.sans.org/posters/ios-third-party-apps-forensics-reference-guide-poster/
https://www.sans.org/posters/android-third-party-apps-forensics/https://www.sans.org/posters/dfir-advanced-smartphone-forensics/

New Release of Mushy
https://doubleblak.com/app.php?id=Mushy

Blue Crew Forensics
https://bluecrewforensics.com/2022/03/07/ios-app-intents/

Navigating the complexities of digital forensics can be daunting, but this week we've got your back with the exploration of Magnet Forensics' Axiom version 8, and its transformative Mobile View feature. As your hosts we're not just sharing tech updates; we're discussing the impact these tools have on our work and how they shape the narratives we construct.

When it comes to the integrity of an investigation, the devil is in the details—and in the documentation. We delve into the craft of forensic reporting, dissecting why an analyst's narrative is just as critical as the raw data pulled from tools. From the subtleties of crafting a timeline to the nuances of articulating the relevance of each artifact, we've got the insights that will assist you on your report writing journey.

Finally, join us for a celebration of the community spirit that fuels this field, illustrated by new blogs and newly supported artifacts in the LEAPPS. We also look at the growing significance of vehicle forensics in investigations. And because we all need a good chuckle, don't miss our 'meme of the week' segment. It's an episode brimming with expertise, but not without its moments of laughter because finding joy in our work is paramount. Come for the knowledge, stay for the camaraderie, and enhance your forensic acumen with us.

Notes-
Job Alert- Upcoming Openings at the New York State Police
https://troopers.ny.gov/civilian-employment

Capture the Flags
Hexordia
https://www.hexordia.com/spring2024-weekly-ctf-challenge
Oxygen
https://oxygenforensics.com/en/training/events/ctf-apr-19-2024/
Belkasoft
https://belkasoft.com/belkactf6/info

Mobile View and Copilot in Magnet Axiom
https://www.magnetforensics.com/blog/bring-your-mobile-evidence-to-life-with-the-new-mobile-view-in-magnet-axiom/
https://www.magnetforensics.com/blog/identify-deepfakes-and-quickly-surface-evidence-with-new-ai-tools-in-magnet-axiom/

DeRR.p. Investigating Power Events on Samsung Devices
https://thebinaryhick.blog/2024/04/07/__trashed/

Peer Review Checklist
https://www.hexordia.com/blog-1-1/gc0vnvj80ogwx724ovu7avzwvjl742

What's the Buz: Forensic Analysis of Buz for iOS
https://laurora4n6.wixsite.com/aurora4n6/post/what-s-the-buz

What's New with the LEAPPS?
https://www.stark4n6.com/2024/04/splitwise-on-ios.html

In mobile forensics, with each update brings new challenges and opportunities. Join us as we dissect the latest iOS 17.4 impacts, including the nuances of SQLite databases and the advent of write-ahead logs in Advanced Logical extractions. Our episode is brimming with insights that could change the way you approach data extraction and parsing.

The forensic landscape is ever-evolving, and this episode isn't shy about the hurdles we face, or the workarounds that keep us ahead. Discover how matching forensic work environments with devices' native operating systems and utilizing tools like Christian Perter's and Lionel Notari's for Logical and Unified Log extraction can streamline your investigative processes.

Building a personal brand in digital forensics isn't just about notoriety; it's about cultivating a reputation that commands respect and opens doors. This episode celebrates those who contribute to the community, from the creation of new parsers to the latest features in FTK 8, and how these actions bolster not just your standing but the entire field. We explore the unique journeys that shape our professional identities and share laughter over common forensics foibles. It's an episode that champions growth, community, and the personal touch that makes all the difference in a technical world.

Notes-
A Gift From Apple:
https://www.msab.com/blog/apple-deleted-data-itunes-backups/

UFADE Universal Forensic Apple Device Extractor:
https://github.com/prosch88/UFADE

iOS Unified Logs tool:
https://www.ios-unifiedlogs.com/blog

FTK LevelDB Support:
https://www.exterro.com/ftk-product-downloads

What's New with the LEAPPS?
https://github.com/abrignoni

Unlock the secrets of advanced forensic analysis with us! We reveal essential training classes that every digital sleuth needs to stay ahead in an ever-changing tech landscape. Sign-on to be enlightened by experts in the captivating world of data structures through Hexordia's class and IACIS's comprehensive course. But it's not all about the classes; we're also sending a must-read book your way to sharpen that detective wit you pride yourself on.

Get ready to explore the controversial yet fascinating realm of facial recognition with our introduction of Exponent Faces, a X-Ways Forensics X-Tension. Whether it's identifying suspects or navigating the ethical minefields of biometric data, we're weighing in with all the expertise you could hope for.

Finally, journey with us as we dissect the pivotal role of soft skills and community support for forensic examiners, you'll find this episode is not just about the tech—it's about the people behind the screens who make justice possible. Join us, where knowledge is power and staying updated is as crucial as the evidence itself.

Notes:
IACIS Advanced Mobile Device Forensics
https://www.iacis.com/training/amdf-advanced-mobile-device-forensics/

DFIR Investigative Mindset-Brett Shavers
Book release March 22, 2024- 1/2 price for one week!

Facial Recognition in DFIR
https://www.apiforensics.com/blogs/announcing-exponent-faces.asp
https://abcnews.go.com/Business/controversy-illuminates-rise-facial-recognition-private-sector/story?id=96116545

Google Chrome Platform Notification Analysis
https://www.sans.org/blog/google-chrome-platform-notification-analysis/

The Digital Forensic Practitioner Survey (DFPulse2024)
https://bit.ly/dfpulse

What's New with the LEAPPs?
https://github.com/abrignoni

Embark on a journey through both history and the cutting-edge world of digital forensics with us as we pay homage to the brilliant Dr. Gladys West, whose work underpins the GPS technology we take for granted today. In celebration of Black History Month, we draw inspiration from Dr. Martin Luther King Jr., discussing how we can all contribute to the fight against enduring societal challenges. Our conversation is a testament to the power of empathy and action in fostering societal change, spotlighting the often overlooked breadth of achievements by historical figures like Dr. West and Dr. King.

Unravel the complexities of iOS location and Unified Log analysis through our educational talk on the recent breakthroughs highlighted by experts like Ian Whiffin and Lionel Notari. Discover the new feature from Magnet Axiom. The Animated Map Routes feature provides an additional facet for courtroom presentation.

We wrap up with a deep appreciation for the significance of training and expertise in digital forensics, engaging with the thoughts presented by Shafik Punja in his 'Bullshit Hunting: Digital Forensics Edition' article. The discussion traverses the critical role of proper forensic training and tools, the ethical responsibilities that accompany our work, and the profound impact that our industry has on legal outcomes and lives.


Notes-

The Cyber Social Hub- Daily Digital Investigator Episodes
https://podcast.cybersocialhub.com/

Belkasoft's Free Android Forensics Class
https://belkasoft.com/android-forensics-training

Apple Maps - Visited Location?
https://www.doubleblak.com/blogPost.php?k=mapssync

iOS Unified Logs - WiFi and AirPlane Mode
https://www.ios-unifiedlogs.com/post/ios-unified-logs-wifi-and-airplane-mode

Animated Map Routes in Magnet Axiom
https://www.youtube.com/watch?v=fyPrJKLhD9k

8 Log Files You Can Collect from iOS and Android Devices
https://www.magnetforensics.com/blog/8-log-files-you-can-collect-from-ios-and-android-devices/

Candidate Examiner's and Training Programs
https://www.bullshithunting.com/p/bullshit-hunting-digital-forensics

Sources of Error in Digital Forensics
https://www.sciencedirect.com/science/article/pii/S2666281724000027

Discover the intersection of digital innovation and forensic expertise as we celebrate and honor the incredible legacy of computing pioneer Mark Dean during Black History Month. With a salute to unsung heroes like Johann, who fuel the open-source tools we rely on, this episode is a tribute to the collaborative spirit that propels digital forensics forward.

Peek behind the curtain of the Photos SQLite database with insights from the Forensic Scooter blog, uncovering the depths of data crucial to forensic investigations. We explore how metadata comparison can reveal content manipulation, the importance of distinguishing between cloud and device media origins, and the crafty skills required to validate findings in a world where AI is becoming a pivotal tool. This episode isn't just about the tools we use; it's about the critical thinking and validation skills necessary to ensure AI assists rather than misleads.

Fasten your seatbelt as we navigate the evolving landscape of vehicle forensics and tackle the challenges posed by encryption in new vehicle modules. Reflect on how data from vehicle systems can be leveraged in accident reconstruction and criminal investigations, emphasizing the need to stay ahead of technological advancements. Wrapping up, we delve into the latest from the LEAPPs framework and the implications of Android's multi-user support, underscoring the episode's commitment to sharing knowledge that keeps the digital forensics community at the cutting edge.

Notes-
Black History Month Notable Contributor to Digital Forensics-Mark Dean
https://web.eecs.utk.edu/~markdean/

Device Set-up – Transferring data to new iPhone & Effects to Photos.sqlite
https://theforensicscooter.com/2024/02/04/device-setup-transferring-data-to-new-iphone-effects-to-photos-sqlite/

Dissecting the Android WiFiConfigStore.xml for Forensic Analysis
https://blog.digital-forensics.it/2024/02/dissecting-android-wificonfigstorexml.html

AI Generated Imagery
https://us5.campaign-archive.com/?u=a5a2a1131e612711f02b96e2c&id=81d1b025e7

Magnet Idea Lab-Project Goose
https://magnetidealab.com/projects/project-goose/

Vehicle Forensics
How to access logical files in a QNX partition- https://www.youtube.com/watch?v=8SAZthXjT5s

The LEAPPS
https://github.com/abrignoni

Embark on an enlightening path as we meld the celebration of Black History Month with the dynamism of mobile forensics. This episode is a tribute not only to the past but a clarion call for the future, as we honor Annie Easley, the trailblazing NASA computer scientist, while also navigating the rapidly evolving landscape of digital investigation tools. As your guides, we unravel the intricacies of open-source forensics tools, and the necessity of test devices, ensuring your knowledge remains at the forefront of technological advancements.

With a constant eye on professional growth, we're excited to share information about upcoming conferences, training and opportunities to sharpen your digital forensic skills. We share our experiences, opening doors for you to learn and grow right beside us. Our conversation takes a stimulating turn as we discuss the Rabbit R1, a new AI gadget that promises to redefine app interaction and its implications for data privacy. As we dissect the nuances of AI in fingerprint analysis, we invite you to journey with us through the maze of modern forensics, where even the uniqueness of fingerprints is called into question.

As we wrap up, our passion for the subject matter shines through with the introduction of cutting-edge features in mobile forensics updates, and the vital role of resource management in our field. We laugh over the meme of the week but also reflect on the serious undertones it brings to the prioritization of forensic cases. Closing the session, we express our heartfelt gratitude for the engagement and support that fuels our podcast, leaving you with an anticipation for deeper discussions and discoveries in the episodes to come. Join us, and together, let's shape the narrative of digital forensics and its rich connection to history and innovation.

Notes-
Honoring Annie Easley-Black History Month Feb 2024
https://elective.collegeboard.org/annie-easley-computer-science-pioneer

Testing and Validation
https://www.hexordia.com/blog-1-1/unlock-rooting-pixel6a
https://blog.d204n6.com/2020/08/setting-up-testing-lab-of-ios-and.html

Paraben Forensic Innovation Conference
https://pfic-conference.com/

Free Android Training from Belkasoft
https://belkasoft.com/android-forensics-training

Cellebrite Case to Closure Summit and Awards
https://global-c2c-summit-2024.cventevents.com/event/ec371a30-107d-4ce4-8bad-44e331148339/summary
https://cellebrite.com/en/c2c-summit-digital-justice-awards/

Magnet Virtual Summit/Capture the Flag
https://magnetvirtualsummit.com/
https://magnetvirtualsummit.com/capture-the-flag/

Rabbit R1
https://www.theverge.com/2024/1/9/24030667/rabbit-r1-ai-action-model-price-release-date

AI- Fingerprints Unique or Maybe Not?
https://www.cnn.com/2024/01/12/world/fingerprints-ai-based-study-scn/index.html

Layoffs Due to AI
https://www.theverge.com/2024/1/14/24038397/google-layoffs-just-the-beginning

Hidden Gem in iOS 17
https://www.linkedin.com/posts/luca-cadonici-41299b4b_ios-ipados-passcode-activity-7152770642168160257-VJ7C

Android Auto Reboots
https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/

The LEAPPS
https://github.com/abrignoni