AirDrop Artifacts and More in Magnet AXIOM 3.9!
Magnet AXIOM 3.9 is now available! Update within AXIOM or download AXIOM 3.9 over at the Customer Portal today. In addition to performance and quality of life improvements, AXIOM 3.9 includes updated AirDrop artifacts, rebuilt desktops for Windows, and more.
If you haven’t tried AXIOM yet, request a free 30-day trial here.
Mac Support in AXIOM Continues with More AirDrop Artifacts
With the recent releases of both AXIOM 3.8 and 3.9, we’ve added additional Mac support to parse the unified log for entries surrounding the use of AirDrop. You can review these AirDrop artifacts on both computer and mobile evidence sources.
Whether your macOS/iOS case is based on intellectual property theft from an organization and identifying how that data was exfilled, or a criminal investigation tracking contraband on devices, AirDrop should be investigated as a potential source of how that data was moved.
Go in-depth on what you can get from the AirDrop in this how-to document.
Rebuilt Desktop
Rebuilt Desktops is a new artifact that allows users to view an approximation of what a given Windows user’s desktop looks like, including wallpapers, monitor configurations, and icon positioning—without having to virtualize the image.
Many examiners, as part of their court preparation, will virtualize images in an effort to show non-technical stakeholders the look and feel of someone’s Windows environment. While this is powerful when it comes to painting a clear picture of possible intent of a suspect, virtualizing an image often requires additional software and time. The Rebuilt Desktops artifact aims to help provide a visual reference without the need of virtualizing the entire suspect machine.
Read more about it in this blog.
Sync Tags Between Artifacts and File System
In AXIOM 3.9, you now have the ability to sync tags applied to items between the filesystem and artifacts explorer. You can perform an export for all tagged artifacts and files and include those tagged files from the filesystem in reports. Check out this how-to video to learn more:
In addition, we’ve also updated AXIOM to automatically attempt BitLocker ClearKey when detected.
New Artifacts
- Tumblr (Android)
- GroupMe (iOS/Android)
- Rebuilt Desktops (Windows)
- AirDrop (iOS)
- McAfee Logs (Windows)
- Windows Defender Logs (Windows)
Artifact Updates
- Installed Applications (iOS)
- Significant Locations (iOS)
- Knowledge C (iOS)
- Call Logs (iOS)
- VK (iOS/Android)
- Wickr Me (iOS)
- Yahoo! Webmail (iOS)
- Skype (iOS)
- Tinder (iOS)
- Signal (Android)
- TextNow (Android)
- TextFree (iOS/Android)
- Snapchat (Android)
- Recycle Bin (Windows)
- Pictures (Windows)
- Carved Videos (Windows)
- Chrome Extensions (All Platforms)
- DHCP Server (Windows)
- Prefetch Files (Windows)
- User Accounts (iOS)
Get Magnet AXIOM 3.9 Today!
If you’re already using AXIOM, download AXIOM 3.9 over at the Customer Portal. If you want to see how AXIOM 3.9 can help you find the evidence that matters, request a free trial today!