Whitepaper » GMDSOFT

Mobile Forensic Investigation for Cyber Incident

With the growing number of voice phishing incidents, mobile forensic investigators need to be equipped with specialized knowledge and tools to effectively investigate these cases.

As such, staying up-to-date with the latest trends and techniques in mobile forensic investigation is crucial for investigators to successfully handle cyber incidents.

Our new tech report showcases how investigators can use MD-Series to obtain verifiable results and collect information from mobile devices that were involved in security incidents.

Malicious applications can be installed on mobile devices without the user’s knowledge, and such applications can steal personal information or manipulate the device as intended by the attacker.

In such cases, traces of the incident can be found in the application installation and execution results, system logs of the device, and download history of the files.

Be sure to check it out to stay informed on the latest developments in mobile forensic investigation.

Submit your inquiry to get the full version of the tech report!

Deep dive into “Metadata”

Metadata : EXIF

Metadata describes the content of data. Metadata may be modified or deleted when sending files to an application or uploading files to a website. Metadata is used to sort and search data quickly, but it also serves as an essential artifact to trace users’ behaviors from a digital forensic perspective.

We will use MD-RED and analyze EXIF that contains information about the camera maker, camera model, software (Build version and iOS version), original and meta-changed time, and location a photo was taken.

This whitepaper will help you to understand the concept of Metadata and the structure of how data is stored in EXIF.

Contents

About Metadata
The Structure of EXIF and Analysis
EXIF Location in File
MD-RED Analysis Results
Conclusion
Appendix

If you want to learn more about Metadata, leave your inquiry on the whitepaper.

Whitepaper – Finding Important Artifacts in Recycle Bin(iOS/Android)

Recycle Bin can become an important clue to the case. It might provide the trace of a trial to hide or to conceal a clue. This whitepaper focuses on the research of deleted files from various types of apps in iOS and Android. It will help you to understand Recycle Bin, how the analyzed result varies by app, device, and OS environment. Acknowledge of recycle bin, you can go one step further to discover meaningful data!

Contents

Introduction – What is Recycle Bin?
Case Study – iOS(Save Path, Analysis result) – Apps: Photos, Notes, Voice Memos, Files
Case Study – Android(Save Path, Analysis result) – Apps: Gallery, Voice Recorder, My Files, Contacts, Samsung notes, Messages

Conclusion
Appendix

Download Whitepaper – Recycle Bin(Preview version)

If you want to read the full version of the report, submit your inquiry!

Whitepaper – Data extraction and analysis of Samsung Secure Folder

Data extraction and analysis of Samsung Secure Folder

Secure Folder is a separate storage space within the device, protected by ‘Knox’—a security technology of Samsung.

By keeping sensitive data or personal contents and apps in Secure Folder, users can protect one’s personal data from being unintentionally exposed by external factors(e.g., attacks from malicious apps).

This whitepaper deals with data extraction and analysis of Samsung Secure Folder. Learn the extraction methods of Samsung Secure Folder which varies with the model, OS version, and security patch level by MD-NEXT. Find out how you can discover meaningful data from the analyzed result by MD-RED.

White paper – ‘Factory Reset(iOS, Android)’

In this whitepaper, you can find the definition of Factory Reset, how its method differs by OS and device environment, and why mobile forensic investigators should understand important meanings of Factory Reset, and lastly how MD-RED analyzes the log of Factory Reset.

This is the preview version of the white paper, and if you want to find out the full version please contact our team.

sales@gmdsoft.com