RELEASE NOTES UFED PHYSICAL ANALYZER, UFED LOGICAL ANALYZER, Version 6.2 | May 2017 UFED READER (V 6.2), UFED CLOUD ANALYZER (V 6.0.1)
Total Page:16
File Type:pdf, Size:1020Kb
NOW SUPPORTING 22,179 DEVICE PROFILES 4,046 APP VERSIONS UFED TOUCH2, UFED TOUCH, UFED 4PC, UFED INFIELD, RELEASE NOTES UFED PHYSICAL ANALYZER, UFED LOGICAL ANALYZER, Version 6.2 | May 2017 UFED READER (V 6.2), UFED CLOUD ANALYZER (V 6.0.1) CHECK OUT OUR NEW VIDEO ON UFED 6.2! HIGHLIGHTS DEVICE SUPPORT ◼ Advanced ADB, the recently launched physical extraction method, now supports 214 devices. While the careful testing and confirmation of each device is ongoing, we expect the method to work on nearly every Android device. We have created a new Advanced ADB (Generic) method which has been added to many Android profiles. The Advanced ADB (Generic) method is similar to the Advanced ADB method, and can be accessed this way: Smart Phones ––> Android ––> Physical extraction ––> Watch video now! https://www.youtube.com/watch?v=PwHkxmiq_e4 Advanced ADB. ◼ New disable user lock capability for 135 LG devices including LG F700L G5, H872 G6 and US996 V20. This BYPASS THE LOCK SCREEN ON method will also work for devices when the MTP is LG DEVICES disabled. Note: This capability requires the use of two Now supporting the disable user lock new cables: 519 and 520. Click here for more details. capability for 135 LG devices. APPS SUPPORT 506 updated application versions NEW! VIEW EXTRACTED CLOUD UFED CLOUD ANALYZER DATA SOURCE SUPPORT iCloud Application Program Interface (API) – UFED Cloud DATA IN UFED READER AND UFED Analyzer 6.0.1, supports the new Apple API for iCloud and PHYSICAL ANALYZER iCloud Backup. View UFED Cloud Analyzer extraction reports FUNCTIONALITY (UFED PLATFORMS) in UFED Reader and UFED Physical Analyzer. ◼ View a list of extracted applications at the end of a file system Android backup extraction IMPROVED ACCESS TO ◼ Simple and secure access to all UFED platforms using Active Directory ADVANCED ADB! Advanced ADB (Generic) is now available on almost any Android profile. MICROSOFT SECURITY UPDATE Following Microsoft’s announcement of Critical Security EASY AND SECURE ACCESS TO Bulletin MS17-010, Cellebrite urges customers to install the available Microsoft security update on UFED Touch / ALL UFED PLATFORMS USING UFED Touch2 / UFED InField Kiosk platforms. ACTIVE DIRECTORY These packages are available on My.Cellebrite. • Log in using a single sign on (SSO) Please download and install the appropriate cpkg file • Access all UFED platforms with on your platform (prioritizing platforms that require a your Microsoft Windows Active network connection). Directory account. FUNCTIONALITY NEW! REVIEW EXTRACTED CLOUD DATA REPORTS WITH UFED READER AND UFED VIEW A LIST OF EXTRACTED APPLICATIONS AT THE END OF A FILE SYSTEM ANDROID BACKUP EXTRACTION PHYSICAL ANALYZER Once you have completed the file system extraction using Data extracted from the cloud, using UFED Cloud the Android backup method for Android devices, a pop up Analyzer, can now be viewed in UFED Reader as well as will appear presenting a list of applications that were exacted. UFED Physical Analyzer. With the mobile device still in your hands, you can see which applications were extracted and which were not. The UFED Reader is a light application that is used to view and share extraction reports with authorized personnel. The What’s this function good for? Well, if an application you tool has advanced capabilities allowing you to easily filter know contains critical case data you need as evidence, and and search through evidence. UFED Reader 6.2 can present it cannot be extracted, it is possible to perform another extracted data from the UFED Cloud Analyzer, providing extraction immediately. additional valuable case information. Presenting the cloud data in the UFED Reader and UFED Physical Analyzer can SIMPLE AND SECURE ACCESS TO ALL UFED PLATFORMS USING ACTIVE DIRECTORY ease the investigation by creating a smooth synergy between the mobile device and cloud data sources. ◼ Smooth access to all UFED platforms - Users can now use their Windows Active Directory account to login ◼ Permission management can be performed via the UFED Permission Manager standalone application, and you can quickly and easily login to UFED extraction products via your Windows Active Directory account. According to the database in the Active Directory, the permissions for each user are applied and identified by the group/profile the user belongs to. This is managed by the organization’s IT department, allowing tighter control on what users can do and have access to. DID YOU REGISTER FOR ADVANCED ADB EXTRACTION CABLES? If you did, great! We will be sending to you the new extraction cables 519, 520, as well as any new future cables. You do not need to register again. If you have not yet registered, don’t worry! You can still register for them and all new future cables by following the instructions below: ◼ Update or approve your shipping address in MyCellebrite https://cellevault-mng.cellebrite.com/userM FORENSIC DEVICE PROFILES v.6.2 Total odify?newCableCampaign=true&cable=501,508 Logical extraction 125 9340 ◼ Register your UFED device/dongle (if not Physical extraction* 140 5168 already registered) ◼ If you have more than one UFED license, please File system extraction 115 5150 make sure they are all listed under your account in Extract/disable user lock 26 2521 MyCellebrite, and you will receive all 4 cables per any Total 406 22,179 UFED license ◼ The cables will be shipped to users with a valid license, The number of unique mobile devices to the updated address in My.Cellebrite - free of charge with passcode capabilities is 4,172 *Including GPS devices Cellebrite Release Notes | UFED v 6.2 | May 2017 | 2 iOS: UPDATED APPS SOLVED ISSUES 219 UPDATED Apps The following issues have been resolved: Aliwangwang 4.1.1, 4.1.3, 4.1.5 ◼ Fail to extract MMS data during Logical extraction when Any.DO 4.4.0, 4.7.0, 4.8.1 target is PC (using cable U-441). ASKfm 4.2.23, 4.3.1, 4.4.2 ◼ Hash verification issues for extraction of Android devices via Advanced ADB method (with micro SD card) Badoo 4.57.3, 4.57.4, 5.3.0 Baidu Maps 9.7.5 ◼ Inconsistent tag labels selection when opening a save session (pas) file. BeeTalk 2.5.42 ◼ Failed extraction process of the Samsung Galaxy S5360 Blendr 4.63, 5.3.0 device via UFED Touch2. Booking.com 13.6, 13.9.1, 14.1 ◼ A decoding issue when opening a physical extraction of Chatous 3.81, 3.8.6 Samsung GT-E1200i Keystone 2 device. Chrome 56.0.2924.79, 57.0.2987.137, 58.0.3029.83 ◼ Fail to decode Talkatone app version 5.5.3 for Ctrip 4.4.1, 4.6.0, 4.6.1 Android. Ctrip (Chinese) 7.1.2, 7.2, 7.3.2 ◼ Fail to decode Facebook Messenger app version Dropbox 40.2, 44.2 113.0.0.21.70 and 108.0.0.17.68 for Android. Endomondo 17.2.0, 17.3.0, 17.4.0 ◼ Duplicated image files in folder view are now Evernote 8.1, 8.2 presented. Expedia 9.1, 9.6, 17.16 UI localization issues in Korean, Chinese and German in ◼ Facebook 80, 86, 89 UFED platforms. Facebook 105, 111, 115 ◼ Fail to perform physical extraction (BTL) of Alcatel Messenger 4060A device while the device is locked with a Firefox 6.1, 7.3 pattern lock. Flipboard 4.0.2, 4.0.6, 4.0.10 Foursquare 10.3.1, 10.4, 10.5 Garmin Connect 3.15, 3.16.1, 3.17 Glide 5.3.6 KNOWN ISSUES Gmail 5.0.170312, 5.0.170326, Google App 23, 24.1, 25 Cloud data in UFED Reader – In this version, the UFED Google Docs 1.2017.10200 Reader presented most of the cloud data. In the future, Google Drive 4.2017.05204, 4.2017.10207 additional data will be supported. Google Maps 4.29.0, 4.30.0 Google Translate 5.8.0, 5.9.0 Google+ 6.6.1 Grindr 3.2.1, 3.5.0, 3.6.0 GroupMe 5.7.0, 5.8.0 Hangouts 14.6.0, 15.0.0 OTE HERE Maps 2.0.15, 2.0.18, 2.0.20 FOR US hike messenger 4.9.1, 4.10.0 Hot or Not 4.59.0, 4.63, 5.3.0 Hushed 3.9.3, 3.10.0 ICQ 6.13.1, 6.13.3, 6.13.4 imo 7.0.52, 7.0.59, 7.0.65 Inbox 1.3.170312, 1.3.170326 Instagram 10.8, 10.14, 10.18 InstaMessage 2.7.1, 2.7.3 > Click to vote Kakao Story 4.3.2, 4.4.0 KakaoTalk 6.0.3, 6.1.5, 6.2.1 Keeper 10.6.2, 10.6.3 Kik Messenger 11.6.1, 11.13.0, 11.15.0 LINE 7.1.3, 7.2.1 LinkedIn 9.1.17, 9.1.22, 9.1.26 Mail.Ru 7.8.1, 7.9.2 Meet24 1.7.48, 1.7.49 MeetMe 11.8.0, 12.0.0, Cellebrite Release Notes | UFED v 6.2 | May 2017 | 3 iOS: UPDATED APPS (CONT...) ANDROID: UPDATED APPS MeowChat 5.0.5 272 UPDATED Apps Navitel Navigator 9.8.2 µTorrent® 3.36 Nike+ Run Club 5.4.1 - Torrent Odnoklassniki 6.10.2, 6.13, 6.14.1 Downloader Omegle 4.2.0 AntiVirus Security 5.9.4.1 (AVG) One Drive 8.9, 8.12 Any.DO 3.4.29.3 ooVoo 3.1.4, 3.1.6 AppLock 2.22.2 Pinterest 6.19, 6.22, 6.24 ASKfm 4.2.2, 4.3.1, 4.3.3 Puffin Web 5.2.2 Browser Badoo 4.61.0, 4.61.3, 5.8.1 QQ 6.7.1 Baidu Browser 6.4.0.4 QQ Browser 7.3, 7.4.1 BBM 3.3.0.16, 3.3.1.24, 3.3.2.31 Remember The 4.1.21 BeeTalk 2.3.1, 2.3.2 Milk BlackList 4.91 Runtastic 7.1.7 Blendr 4.61.0, 4.61.2, 5.8.0 SayHi 6.58, 6.59 Booking.com 12.1, 12.3, 12.5 Scruff 5.1003, 5.1004 Callgram 1.2.4 Skout 4.23.2 messaging Skype 6.34.1 Chatous 3.9.30, 3.9.38, 3.9.43 Snapchat 10.2.0, 10.5.0.0, 10.7.1.0 Chrome 56.0.2924.87, 57.0.2987.132 SwiftKey 1.6.3 CM Locker 4.5.7, 4.6.2 Tango 3.32.216138, 3.32.216606, 4.0.218442 CM Security 5.20.70, 5.20.71, 5.20.75 Browser Taxify 3.04, 3.1, 3.11 Ctrip (Chinese) 4.3.3 Telegram 3.18 Messenger Dolphin Browser 11.5.19 Text Me Up 3.8.3, 3.8.4 Dropbox 34.2.2, 38.2.4, 42.2.2 textPlus 6.3.3, 6.3.4 Ebuddy XMS 2.21.5 Threema 2.8.1, 2.9.0, 2.9.1 Endomondo 17.2.1, 17.2.2, 17.3.2 TigerText 6.4.1, 6.4.3, 6.4.6 Evernote 7.9.9 Tinder 7.0.1, 7.2.1, 7.3.1 Expedia 8.11.0, 8.15.0, 8.19.0 Truecaller 7.4, 7.45 Facebook 111.0.0.18.69, 115.0.0.20.72, 120.0.0.18.72 Tumblr 7.8, 8.1, 8.3 Facebook 106.0.0.23.70, 110.0.0.14.69 Twitter