Walking the Android (time)line Part 2 – Using Android’s Device Personalization Services to timeline user activity

There was a purpose behind the above Tweet. When I was looking in my Android 10 image I actually found two features that were tracking my activity (there may be more - I haven’t finished looking yet). The first, Digital Wellbeing, had a UI and was fairly straight forward to test, so I decided to … Continue reading Walking the Android (time)line Part 2 – Using Android’s Device Personalization Services to timeline user activity

iOS 13 Images….ImageS…Now Available!

****UPDATE.  PLEASE READ**** It was discovered there was an issue with the original .tar files containing both images.  After a little additional testing, I was able to confirm the .tar files were not behaving correctly, which prevented them from being completely parsed.  But, they do contain the data.  They have now been fixed and can … Continue reading iOS 13 Images….ImageS…Now Available!

Walking the Android (time)line. Using Android’s Digital Wellbeing to timeline Android activity.

Each time I have created an Android image I have found something new. Google Assistant and Android Auto were results of Nougat and Oreo, and the changes I found in Google Assistant were a result of Android Pie. Android 10 is no exception. While poking around the OS during the data generation period I found … Continue reading Walking the Android (time)line. Using Android’s Digital Wellbeing to timeline Android activity.

Ryuk and GPOs and Powershell, Oh My!

‘Tis the season...for ransomware! Crooks, just like everyone else, are looking to make a little bit of extra money this holiday season so they can get their kids that GI Joe with the Kung-Fu grip (points for whoever gets the movie reference). Recently, I have been pushed to really pay attention to the Trojan/Ransomware landscape, … Continue reading Ryuk and GPOs and Powershell, Oh My!

Wickr. Alright. We’ll Call It A Draw.

Portions of this blog post appeared in the 6th issue of the INTERPOL Digital 4n6 Pulse newsletter.  I would like to thank Heather Mahalik and Or Begam, both of Cellebrite, who helped make the Android database portion of this blog post possible, and Mike Williamson of Magnet Forensics for all the help with the underpinnings … Continue reading Wickr. Alright. We’ll Call It A Draw.