Magnet AXIOM Cyber 7.8: Higher Resolution Timestamps, Enhancements to Email Explorer and Teams Data Collection!

We’re excited to announce that the latest version of Magnet AXIOM Cyber is now available!

In this release, we’ve made several enhancements to streamline your workflow and uncover insights faster, including:

  • Higher Resolution Timestamps With Millisecond Precision
  • New Markup Viewer for Email Explorer
  • Team Client Credential Authentication

We’ve also updated and added to our artifact support (updates are at the end of this blog.)

Check out the release notes here for a complete summary of all updates made in this release.

Upgrade to AXIOM Cyber 7.8 within the AXIOM Cyber interface or through the Customer Portal

Haven’t tried AXIOM Cyber yet? Request your free trial here.

Higher Resolution Timestamps With Millisecond Precision

In any investigation, digital forensic examiners must address key questions, including the pivotal “when” and “how.” Precise timestamps play a vital role in answering these questions, whether by constructing timelines, correlating events, or connecting relationships between various actions and users.

But when some events occur at machine speed, a lot can happen in just one second!

A screenshot of the AXIOM Timeline view showing millisecond precision of events.

Now, millisecond-precise timestamps are supported throughout Magnet AXIOM and Magnet AXIOM Cyber as well as all artifacts where millisecond data is available, such as in Timeline, Connections, and log entries. Ultimately this enables you to quickly analyze chronologically sorted artifacts with improved accuracy.

To learn more about this enhancement, check out the blog post “Improve Investigation Accuracy With Higher Timestamp Resolution” and check out an interactive demo here:

New Markup Viewer in Email Explorer

In the 2023 State of Enterprise DFIR Report, business email compromise was identified as one of the top three ways that organizations were becoming a victim of a data breach. This happens when an attacker pretends to be a trusted contact or entity to trick recipients into clicking malicious links in an email to either expose sensitive information (such as login credentials) or to install malware.

With the new Markup Viewer in Email Explorer, you can easily view the header and HTML or XML source code of an email to quickly uncover malicious URLs due to a phishing, or business email compromise, attack. The Markup Viewer preview card is supported for all email artifacts that have an HTML or XML source. 

Teams Client Credentials Authentication

We’re building on our cloud acquisition capabilities with an enhancement to our Teams collection workflow! Now, you can authenticate and access data with client credentials from Teams, in addition to Microsoft 365. If your organization’s data access control policy prohibits the use of an account’s username and password to authenticate and access data, upgrade now and use client credentials instead to meet your organization’s security, privacy, and compliance policies while collecting the comprehensive cloud data you need for your investigations.

Also, we’ve improved the overall ease of use and speed of the workflow. Now, you can acquire multiple accounts at once (as opposed to creating separate cases for each collection) resulting in significant time savings as the number of users or custodians involved in your investigation increases. Additionally, you can expect faster download speeds (less throttling) with this method of authentication, and we’ve improved the UX.

Client credentials are configured in Azure and can be set up with read-only access with the option to choose what data can be accessed. You can also set client credentials to expire if governance rules require time-limited access to data. Learn how to set up client credentials in Azure in our knowledge base article “Sign in to Microsoft using Client Credentials” (Support Portal login required.)

New and Updated Artifacts 

This release includes new and updated artifacts to recover important data from SEGB v2 databases in iOS 17 and new artifacts to support drone forensics:

New Artifacts 

  • Discord Channels and Servers (Android)
  • DJI Flight Logs (iOS & Android)
  • Spotlight Searches (iOS)

Updated Artifacts 

  • iMessage/SMS/MMS (iOS)
  • Telegram Messages and Users (iOS)

Get Magnet AXIOM Cyber 7.8 Today!  

Download AXIOM Cyber 7.8 over at the Customer Portal or upgrade within the application. 

Haven’t tried AXIOM Cyber yet? Request your free trial here.

The post Magnet AXIOM Cyber 7.8: Higher Resolution Timestamps, Enhancements to Email Explorer and Teams Data Collection! appeared first on Magnet Forensics.


More Posts

July 12, 2024 Weekly Wireless Wrap-Up

Good afternoon from Washington, DC!  Below you will find this week’s Wireless Wrap-Up; your update on the wireless telecommunications regulatory landscape, important wireless decisions, and more!  Here is your wrap-up: