Mastering iOS Forensics

 

Editor’s Word

Dear Readers,

Today, I'd like to inform you of the changes we have planned for you. Our magazine will be available in more formats starting in March. You can now publish your work directly on our websites. I know how important it is for you to select the best publication for your work, which is why we've introduced these new features. There are two choices: Official and Blog. Our blog is OPEN for contributions. Your article must, of course, be OFFICIAL if you want it to appear both on the blog and in the magazine. Our editors evaluate each article in close collaboration with you to make sure that the message is delivered with the impact that each article merits. Feel free to email me if you have any questions or would like more information.
Furthermore, our staff is always looking for qualified instructors to collaborate with. We provide information security professionals with the opportunity to share their knowledge and expertise online through our courses. You're more than welcome to talk about it if you're interested. You can get in touch with us via email or the website's contact form.
I sincerely hope that you found the information I provided to be helpful. This time, all of the articles' details can be found below.
Email me at [email protected] if you would like to.

Enjoy your day.
Ewa & eForensics Mag Team

---

With this issue, there is no PREVIEW. You will be able to read 3 selected articles when the articles become available online in the OFFICIAL section soon.

---

Table of Contents

Analyzing Mobile iOS Apps with VirusTotal Enterprise Online and macOS Ventura Locally
Israel Torres
Welcome back, Israel Torres continues your educational journey analyzing mobile malware applications. This time, he will download and take apart a mobile iOS .ipa sample to analyze what can be found using a couple of different approaches. In this article, he’ll be hunting mobile malware using VirusTotal Enterprise (VTE) Online, and analyzing a mobile malware sample found using the tools in the latest version of Apple macOS Ventura.

An Overview of iOS Extraction Methods
Oleg Afonin
Mobile forensics is a complex subject. Many forensic vendors are completely opaquefoggy about which devices and which OS versions they support, what acquisition methods are available, what kinds of data can be extracted with each, and what are the consequences. Oleg Afonin’ll try to solve the mystery by discussing the various extraction methods available for Apple smartphones, tablets, and IoT devices.

iPhone Forensics
Kate Libby
Have you ever wondered what happens to all that data you interact with on your iPhone? Where does all that data go or a better question should be, where did this data come from? Since the early 2000’s few devices have garnered the cult following as the iPhone has since its debut. Trending upwards in demand supply chain suggests according to a few sources that are as many iPhones in the world as there are leaves on the ground, you should take that with heavy speculation and a serious grain of salt, however, according to one source there are more than 2.24 billion iPhones in existence, now that is a lot of data being transmitted. More details Katy Libby presents in her article.

How to Protect Systems Against Phishing Attack Vulnerabilities on iOS Platforms
Rhonda Johnson
With the growing threat of cyber-attacks, the security of personal data has become more important than ever. One of the most prevalent security issues today is phishing, which can be a significant threat to mobile devices, including iOS operating systems. However, with the advent of neural networks, there is hope for preventing and identifying phishing in iOS operating systems. Read what Rhonda Johnson prepared for you.

Rooting Androids for Forensics
Amber Schroader
When you look at the different imaging options for Android devices you cannot ignore the value of getting root. Root-level access will allow you more access to the data of the device. If you have read the prior article about logical imaging with Android devices in forensics you probably noted that App access can be very limited. This obstacle is not there when the root is acquired. Once you understand root you might wonder how it can be used in smartphone forensics and still be considered as a forensic method.

How Deepfake Works?
Pubudu Priyanga Liyanage, Chirath De Alwis, Shameen Samarawickrema, Buddhi Nayani Perera
Deepfake is a technique that involves using deep learning algorithms to create realistic video or audio content that appears to show someone saying or doing something they never actually did. Creating a deepfake usually involves two steps: first, training a deep learning model on large datasets of real footage, and second, using that model to generate new content

The Lockbit 3 Black Forensics Analysis – Memory Forensics Modern Approach
Paulo Pereira, PhD
Memory Forensics is one of the greatest developments in the history of digital forensic analysis. In fact, it's a turning point in forensic investigation methodology. The turning point came with the development of tools for memory capture (for different operating systems) and tools that extract data from the memory image, such as Volatility and Rekall (officially discontinued).

OSINT Investigation on a Mobile App or Service
Jeff Minakata
There are times when we may need to perform an OSINT investigation on a mobile app or service. While we can, for example, attempt an investigation on our own personal phone (not a good idea) or buy a burner phone, the overall functionality would be greatly limited. In this article, Jeff Minakata will be looking at using an Android-emulated phone on a computer to leverage both the mobile device side and still retain the ability to use a number of useful OSINT tools at the same time, along with some basic OSINT preparation for our mobile device investigation.

Brazilian Electronic Ballot Box
The Pillar of Democracy in Brazil
Paulo Pereira and Regis Picanço
This article written by Paulo Pereira and Regis Picanço results from research into the sources of official institutions that coordinate the Brazilian electoral system. It is not a political or ideological manifestation from the authors but rather an alternative point of view in defense of the democratic system, guided by the main official and public sources, which any citizen, Brazilian or not, can consult at any time.

How to Better Prepare for a Memory Forensics Investigation
Bunde Collins
Memory forensic is an investigative technique that involves finding and, extracting raw forensic artifacts from the computer RAM (Monnappa, K. A. 2018). The RAM stores valuable information about the runtime status of a system. Hence acquiring a memory dump is crucial in revealing important information during an investigation exercise. It provides details on the existing network connection, registry hive modifications, process handles, loaded modules as well as kernel drivers among others. Read more in the article written by Bunde Collins.

Data for Sale
The Commoditization of Personal Information in a Controlled Society
Wilson Mendes
With the increasing digitization of information and communication, huge amounts of data are generated and collected every second. These assets can be in the form of numbers, images, video, audio, or any type of data that can be digitized and used for a variety of purposes, from market analysis to preventing threats to cybersecurity. Groups that are able to collect and use this data accumulate power and influence. These groups can be businesses, government organizations, or even individuals. In this article, Wilson Mendes'll explore clusters of cybercrime-related data, how they operate, and how information security has become a critical concern for users.