Articles about Us


  1. Elcomsoft forensic tools can now extract Apple Health data from iCloud iLounge 09/01/2019

    «For forensic investigators, access to Health data can provide additional useful evidence, including records of heart rate, sleeping habits, location points, workouts, steps, and walking routines.» Läs mer

  2. US cops warned not to gawp at iPhones due to Face ID lock-out The INQUIRER 15/10/2018

    «Don't look at the screen... or else', Elcomsoft warns law enforcement.» Läs mer

  3. Investigators Told Not to Look at iPhones With Face ID to Avoid Lock-Out: Report Gizmodo 14/10/2018

    «Elcomsoft’s CEO Vladimir Katalov told Motherboard the company advised never looking at the screen of an iPhone with Face ID in order to avoid losing one of five attempts before the phone reverts to requiring a passcode. This is because, as Motherboard notes:» Läs mer

  4. Cops warned to not even look at suspects’ iPhones Cult of Mac 13/10/2018

    «Elcomsoft warns cops to not look at iPhones involved in investigations because the iPhone will only allow five unsuccessful Face ID attempts before requiring a passcode. If those attempts are by police officers looking at the screen then the suspect can no longer be forced to unlock their own phone.» Läs mer

  5. Police told to avoid looking at recent iPhones to avoid lockouts Engadget 13/10/2018

    «Police have yet to completely wrap their heads around modern iPhones like the X and XS, and that's clearer than ever thanks to a leak. Motherboard has obtained a presentation slide from forensics company Elcomsoft telling law enforcement to avoid looking at iPhones with Face ID.» Läs mer

  6. Cops Told ‘Don’t Look’ at New iPhones to Avoid Face ID Lock-Out Motherboard 12/10/2018

    «“iPhone X: don’t look at the screen, or else… The same thing will occur as happened on Apple’s event,” the slide, from forensics company Elcomsoft, reads. Motherboard obtained the presentation from a non-Elcomsoft source, and the company subsequently confirmed its veracity.» Läs mer

  7. Police can STILL break into your iPhone without permission using a simple hack that bypasses Apple’s new iOS 11.4.1 'cracking defence tool' MailOnline 10/07/2018

    «The workaround was discovered by cybersecurity firm ElcomSoft, based in Moscow. ElcomSoft connected a compatible Lightning accessory, the official Lightning to USB 3 Camera Adaptor, before the screen had been locked for an hour.» Läs mer

  8. Security Researchers Find Way to Prevent USB Restricted Mode From Activating on iOS Devices MacRumors 10/07/2018

    «Security researchers claim to have discovered a loophole that prevents an iPhone or iPad from activating USB Restricted Mode, Apple's latest anti-hacking feature in iOS 12 beta and iOS 11.4.1, which was released on Monday.» Läs mer

  9. Apple’s iOS passcode cracking defense can be bypassed using a USB accessory The Verge 09/07/2018

    «However, researchers at cybersecurity firm ElcomSoft have found a loophole that resets the one-hour counter so long as you plug a USB accessory into the iPhone’s Lightning port, regardless of whether the phone has ever connected to that accessory in the past.» Läs mer

  10. Apple set to roll out new security feature for iPhones and iPads ConsumerAffairs 15/06/2018

    «The tech giant’s move will undoubtedly leverage more grief from the law enforcement community. Apple is adding a new feature to its iPhones and iPads in hopes of guarding the devices against security breaches and hacks.» Läs mer

  11. Grayshift claims it defeated Apple's forthcoming 'USB Restricted Mode' security feature AppleInsider 14/06/2018

    «Other digital forensics firms are working on similar workarounds. ElcomSoft in May suggested it might be possible to extend USB Restricted Mode's window beyond the hour-long restriction by connecting an iPhone to a paired accessory or computer while it is unlocked. The company added that dedicated hardware could potentially disable the feature completely.» Läs mer

  12. Apple confirms it'll push cop-thwarting 'USB Restricted Mode' to iPhones The Inquirer 14/06/2018

    «The feature was first discovered ElcomSoft's Oleg Afonin earlier this year, who noted that an iPhone with USB Restricted Mode enabled won't bring up the usual 'Trust this computer' prompt until the device is unlocked using a passcode, Touch ID or Face ID.» Läs mer

  13. Apple May Stop Police from Cracking iPhones tom's guide 14/06/2018

    «Rumors first appeared about Apple disabling data transfers without a passcode back in early May, when the Russian digital-forensics firm Elcomsoft noticed the feature in beta builds of iOS 11.3. Back then, the lockout happened only after a week of inactivity. The feature didn't make it into iOS 11.3 or 11.4, but is expected in iOS 11.4.1.» Läs mer

  14. I'll Believe Apple Is Killing Cops' Anti-Encryption Tools When They Actually Do It Gizmodo 05/06/2018

    «The public doesn’t know for certain how the iPhone cracking services that law enforcement uses actually work. But researchers at Elcomsoft explained the general theory last month.» Läs mer

  15. Incoming iOS updates will make unlocking iPhones even more difficult for hackers TECHSPOT 05/06/2018

    «If you are an avid reader, you may remember that we have mentioned USB restrictions being implemented on iOS in the past. However, there is now one major change that is important. Apple has changed the timeout period from seven days to just one hour.» Läs mer

  16. New iOS feature will hinder third-party passcode crackers iTWire 05/06/2018

    «Oleg Afonin of the desktop and mobile forensic tools maker Elcomsoft wrote that though the feature had not surfaced in the 11.4 final build, it had appeared in the 11.4.1 beta.» Läs mer

  17. iOS 12 tests Restricted mode that locks USB access after an hour Engadget 04/06/2018

    «In recent beta releases of iOS 11, Apple added a feature that disables device's ability to connect to accessories over USB after the phone has been locked for a period of time. In May, the lockout kicked in after a week, however, Elcomsoft (which makes forensic tools that can unlock and access data from mobile devices) noted just a couple of days ago that the iOS 11.4.1 beta release shortened the time to just one hour...» Läs mer

  18. Apple may 'restrict' USB access on iOS devices left locked for a week Engadget 08/05/2018

    «Originally discovered in iOS 11.4 beta code by ElcomSoft's Oleg Afonin, the update disables the lightning port after the seven-day period, though it can still apparently be charged. The feature is called USB Restricted Mode, and it made a previous appearance in an iOS 11.3 beta. Afonin noted that law enforcement will now only have seven days to attempt to access any iPhones running 11.3 or later before it locks itself against any "known forensic techniques."» Läs mer

  19. This feature could make it tougher for cops to unlock your iPhone ZDNet 08/05/2018

    «Law enforcement have long complained that they need access to locked devices to help with their investigations. But security experts have decried efforts by the government to lobby for backdoors, arguing that hackers could also get that same access and use it for their own gain.» Läs mer

  20. iOS will soon disable USB connection if left locked for a week TechCrunch 08/05/2018

    «The feature, called USB Restricted Mode, was first noticed by Elcomsoft researchers looking through the iOS 11.4 code. It disables USB data (it will still charge) if the phone is left locked for a week, re-enabling it if it’s unlocked normally.» Läs mer

  21. iOS 11.4 Disables Lightning Connector After 7 Days, Limiting Law Enforcement Access MacRumors 08/05/2018

    «USB Restricted Mode was outlined this morning by Elcomsoft after testing confirmed that the feature has indeed been enabled. In Elcomsoft's experience, after an iPhone or iPad has been updated to iOS 11.4, if it hasn't been unlocked or connected to a paired computer in the last 7 days using a passcode, the Lightning port is useless for data access and limited to charging.» Läs mer

  22. iOS 11.4’s USB Restricted Mode prevents tethered cracking attempts, Lightning becomes charge-only 9To5Mac 08/05/2018

    «According to security blog Elcomsoft, the latest iOS 11.4 beta includes a new USB Restricted Mode. It notes that this feature was originally introduced in early iOS 11.3 betas, but was later removed in the final release.» Läs mer

  23. Apple quietly adds USB Restricted Mode to iOS 11.4, limiting forensic unlocks VentureBeat 08/05/2018

    «Discovered by security researchers Elcomsoft, the new feature is said to be “aimed squarely at law enforcement” and automatically password-locks the device’s Lightning port after seven days of inactivity. At that point, the port will only function for charging — crucially eliminating data transfers, such as backups or extractions — until the correct password is entered.» Läs mer

  24. Apple's iOS 11.4 update with 'USB Restricted Mode' may defeat tools like GrayKey AppleInsider 08/05/2018

    «"To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via Lightning connector to the device while unlocked — or enter your device passcode while connected — at least once a week," reads Apple documentation highlighted by security firm ElcomSoft. The feature actually made an appearance in iOS 11.3 betas, but like AirPlay 2 was removed from the finished code.» Läs mer

  25. Be prepared to handle a mobile security breach TechTarget 17/04/2018

    «Even if IT has strong access controls, attackers can still access some mobile devices using legitimate forensics recovery tools, such as the Elcomsoft Mobile Forensic Bundle. Because end users often use mobile devices to access business applications, such as email, cloud file-sharing and remote access, as well as to store sensitive information on their devices, stolen devices can affect businesses.» Läs mer

  26. FIRST THE GRINCH AND NOW THE EASTER BUNNY! WHERE IS APPLE MAPS HIDING? Smarter Forensics 30/03/2018

    «In Elcomsoft Phone Viewer, I started examining searches and saw everything from Paris and Panama that I searched for in addition to other historical searches. This is great news, but let’s keep going because these could just be generic searches where the user didn’t request directions.[..] Finally, we find the directions the user searched for. Best part, we get to see how the requested the directions (walk, drive, transit, fly, etc.) Pretty cool stuff.» Läs mer

  27. iOS 11 security flaw: The password is apparently the only barrier between you and a hacker BGR 08/12/2017

    «According to researchers at ElcomSoft, the iOS 11 came in with a bunch of new features, a majority of which are aimed to make a user’s experience convenient. However, each of these new additions came with “a small trade off in security”.» Läs mer

  28. Why You Should Lock Your iPhone with a Password, Not a PIN tom's guide 04/12/2017

    «If you're running iOS 11 on your Apple iPhone, make sure you've got an alphanumeric password, or at least a six-digit PIN, protecting your lockscreen. Why? Because that lockscreen passcode may be the only thing standing between you and complete identity theft. With iOS 11, Apple purportedly makes it possible to reset the passwords on both your Apple ID and your iPhone backup in iTunes with only your iPhone's lockscreen PIN – which isn't that hard for an attacker to get.» Läs mer

  29. Apple iOS 11 security 'downgrade' decried as 'horror show' The Register 01/12/2017

    «Oleg Afonin, a security researcher for password-cracking forensic IT biz Elcomsoft, in a blog post on Wednesday called iOS 11 "a horror story" due to changes the fruit-themed firm made to its mobile operating system that stripped away a stack of layered defenses.» Läs mer

  30. iOS 11 Problems: Update Removes Password Protection, Makes Phone Less Secure IBTimes 01/12/2017

    «A Russian company that produces phone-cracking technology is warning that iOS 11 made changes to the way data on iPhones and iPads is encrypted. That change leaves the information more vulnerable to certain types of attacks.» Läs mer

  31. Has Apple compromised security on iOS 11? AppAdvice 01/12/2017

    «In iOS 11, Apple introduced a new way it protects encrypted iOS backups. Unfortunately, this new method has left these files more vulnerable to certain types of attacks, according to ElcomSoft.» Läs mer

  32. iOS 11 Encrypted Backup Change Reduces Security, Boosts Data Safety TidBITS 01/12/2017

    «Digital forensics firm Elcomsoft revealed this week that Apple has changed how encrypted iOS backups are protected, reducing security to improve the overall user experience. Elcomsoft’s discovery kicked off a vigorous debate on Hacker News and Twitter, but does this change represent a real risk to the average Apple user? The answer is yes...» Läs mer

  33. iOS 11 leaves iOS devices more vulnerable to edge-case attacks, says phone-cracking company ElcomSoft 9to5mac.com 01/12/2017

    «Changes to the way that Apple protects encrypted iOS backups leave devices more vulnerable to certain types of attack, says ElcomSoft, a Russian company used by law enforcement agencies and others to access iPhones. However, it only applies if the attacker has physical access to the device and can crack the passcode.» Läs mer

  34. Apple's iOS 11 has a new security feature that's sure to please activists Mashable 12/09/2017

    «The second and latest security revelation is a tad more subtle, but equally intriguing. Digital forensic tool manufacturer ElcomSoft dived into the new iOS and found that connecting an iPhone to a computer is about to get more secure. As it currently stands, when an unlocked iPhone is plugged in it asks the user if they trust the device. If they do, the computer can then access the contents of the smartphone. That process is getting an overhaul.» Läs mer

  35. Apple’s iOS 11 could boost user data security with new feature Siliconrepublic.com 12/09/2017

    «Online security firm ElcomSoft has pointed out the beefed-up security measures in the upcoming iOS 11. Currently, thieves and the authorities rely on triggering an automatic backup from a computer that has been registered as a trusted device.» Läs mer

  36. How Apple’s iOS 11 Could Improve Your Data Security Fortune 12/09/2017

    «Apple has added a requirement that forces iPhone owners to use both a fingerprint and their device passcode to establish a "trusting" relationship with the computers on which they want to backup their devices, security firm Elcomsoft revealed in a recent blog post.» Läs mer

  37. iOS 11 will make it harder than ever for cops to invade your privacy BGR 11/09/2017

    «In iOS 11, the user is now forced to input a passcode in order to unlock the phone. Touch ID alone is no longer enough to access the prompt and connect the device to a computer. As ElcomSoft explains, an individual could be compelled to unlock a device with their fingerprint in some cases, but forcing the user to divulge a passcode is a different legal challenge altogether, and impossible in many jurisdictions.» Läs mer

  38. It Turns Out iOS 11 Is Even More Cop-Resistant Than We Thought Gizmodo 11/09/2017

    «Apple’s iOS 11 is going to make it more difficult for law enforcement officials to seize information from your iPhone. In addition to a new SOS mode that lets you disable TouchID, the next iOS update will require an additional step to unlock your data when your device is connected to a computer, according to security developer ElcomSoft.» Läs mer

  39. APPLE’S IOS 11 WILL MAKE IT EVEN HARDER FOR COPS TO EXTRACT YOUR DATA Wired 11/09/2017

    «According to a blog post from Russian forensics software firm Elcomsoft on Thursday, Apple has made at least two significant changes to iOS 11 that will create new hurdles for those trying to access the innards of a seized iPhone. First, they've added a crucial step to the process of moving a phone's contents to a forensic analyst's desktop computer, a change that could significantly reduce the amount of data police can access on seized phones—even if they manage to confiscate them in an unlocked state.» Läs mer

  40. It’s about to get tougher for cops, border agents to get at your iPhone’s data Ars Technica 11/09/2017

    «The changes were first reported last week by Elcomsoft, a Russian software company. These changes are coming in conjunction with another privacy-minded feature that will disable Touch ID by pressing the power button five times.» Läs mer

  41. iOS 11 makes it a little harder for someone else to get data off your phone The Verge 10/09/2017

    «A new post from ElcomSoft (which makes the forensic software that pulls data off those paired phones) details an overlooked feature in iOS 11 that will make that system a little bit harder to crack.» Läs mer

  42. I Just Got into iCloud Keychain on my iPad Air With Phone Breaker The Mac Observer 25/08/2017

    «A couple of days ago, I got an email from Elcomsoft about a big update to Phone Breaker. This is a forensic tool that lets you extract data from iPhones, Blackberry phones, and Microsoft accounts. But the recent update—version 7.0—does something previously thought to be impossible, or at least extremely hard to do.» Läs mer

  43. New Version of Tool for Busting-Open Apple's KeyChain Serves as a Security Reminder ProgrammableWeb 23/08/2017

    «Whereas Phone Breaker was previously able to extract data (like embarrassing photos of celebrities) being saved to Apple's cloud, now, it can extract and unpack what's known as the iCloud Keychain.» Läs mer

  44. Apple iCloud Keychain easily slurped, ElcomSoft says The Register 22/08/2017

    «In an email to The Register, CEO Vladimir Katalov said this capability is not the consequence of any vulnerability. Rather, it's intended for forensic investigators and law enforcement, given that an Apple ID and a trusted device are necessary.» Läs mer

  45. THE MAN WHO CAN MAKE ICLOUD RAIN the SecTor blog 17/07/2017

    «Moscow-based Elcomsoft, which specializes in analyzing cloud services, has made some startling discoveries about Apple’s iCloud service over the last year. In August 2016, it discovered that Apple was keeping photos in the iCloud Photo Library for several years after users had deleted them. In February, it found that iCloud retains deleted Safari browsing history indefinitely, and in May, it revealed that iCloud also keeps deleted Notes.» Läs mer

  46. Apple Continues Storing Notes Long After Deletion Channelnews 22/05/2017

    «A Russian security firm has found that notes deleted on iPhone, iPad and Mac devices can remain stored in the cloud for years. ElcomSoft was able to use its own software to extract deleted notes synced to a user’s iCloud account dating back to 2015, significantly beyond the 30-day period that Apple claims to retain notes in the ‘Recently Deleted’ folder before being “permanently deleted“.» Läs mer

  47. Deleted iPhone Notes Remain Stored In iCloud Even After 30 Days UBERGIZMO 21/05/2017

    «Elcomsoft, a software company based in Russia, has found that iPhone notes written and stored in the handset’s Notes app and synced to iCloud remain stored even when they’ve been deleted by the user. The company says that the notes remain in storage also after the 30-day expiration period of the “Recently Deleted” category ends.» Läs mer

  48. Apple doesn't always expunge deleted notes older than 30 days Engadget 20/05/2017

    «The iCloud Notes you delete are supposed to be permanently wiped within 30 days. Gone forever, never to be seen again. Russian security firm ElcomSoft has discovered, however, that Apple has been keeping deleted notes in the cloud for far longer. Its security researchers were able to retrieve notes that should've vanished weeks and months ago. In some cases, they were even able to recover notes from way back in 2015.» Läs mer

  49. Apple’s iCloud notes still recoverable even after its 30-day deletion window: Elcomsoft The Tech Portal 20/05/2017

    «Apple’s cloud storage practices have been called into question once again — that too from the same Russian security firm called Elcomsoft who’s earlier identified gaping holes in its iCloud service. The latest discovery detailed by them in an official blog post states that Apple has been storing deleted notes on the cloud for far longer than required. The deleted notes are stored in the ‘Recently Deleted’ folder for 30 days before being permanently removed from the cloud. Not really!» Läs mer

  50. iCloud Notes recovered well beyond Apple’s 30-day deletion window SlashGear 20/05/2017

    «Like many of Apple‘s apps and services, the Notes app can be synced to iCloud to make the information available on a number of devices. When a user chooses to delete a note, they can recover it within 30 days, but after that Apple states the data is wiped. However, security firm ElcomSoft has discovered that it’s able to recover notes well beyond this 30-day window.» Läs mer

  51. Security firm recovers iCloud Notes beyond Apple's 30-day deletion window AppleInsider 19/05/2017

    «Using a new version of its Phone Breaker tool, Russia's Elcomsoft said it was able to retrieve notes dating weeks, months, or years beyond Apple's 30-day window. In extreme cases, notes were retrieved from as far back as 2015.» Läs mer

  52. ElcomSoft Claims It's Able to Recover Deleted iCloud Notes Well Past Apple's 30-Day Window MacRumors 19/05/2017

    «Russian software company ElcomSoft today claimed in a blog post that iCloud notes marked as deleted are being stored on Apple's servers well past the advertised 30-day period they are kept in the "Recently Deleted" folder.» Läs mer

  53. Data Forensics Company Recovers Notes Data Apple Claims is Deleted TheMacObserver 19/05/2017

    «Files deleted from Apple’s Notes app shouldn’t be recoverable after 30 days, but the security and data forensics company Elcomsoft found they could access records that were deleted months—or even more than a year—ago. That sounds pretty bad, but recovering those files requires some pretty specific elements, including knowing your iCloud login and password.» Läs mer

  54. Apple's iCloud Keeps Forgetting To Delete Users' Synced Data Tom's Hardware 19/05/2017

    «Users’ deleted notes should completely disappear from Apple’s servers after 30 days. However, ElcomSoft, a Russian company developing computer and mobile forensic tools, discovered that the deleted notes could still be extracted from Apple’s servers after the 30 days had passed, even though they were no longer visible to the users.» Läs mer

  55. Explained: Apple iCloud kept 'deleted' browser histories for over a year The Register 10/02/2017

    «On Thursday, Russian computer forensics software biz Elcomsoft said that its forensic software was able to recover Safari browser history records that had been stored in iCloud and erased, including the date the URLs were last visited and when the deletion occurred.» Läs mer

  56. iCloud Was Storing Deleted Safari Browser History for Months, but Apple Fixed the Issue MacRumors 09/02/2017

    «iCloud was caught storing deleted browser history by software company Elcomsoft, which develops cracking tools for extracting protected data from iOS devices. Speaking to Forbes, Elcomsoft CEO Vladimir Katalov explained that the company had been able to retrieve "deleted" browser history dating back more than a year.» Läs mer

  57. Apple iCloud Hoards 'Deleted' Browser History Going Back More Than A Year Forbes 09/02/2017

    «Elcomsoft chief Vladimir Katalov told FORBES the iPhone maker kept a separate iCloud record, titled "tombstone," in which deleted web visits were stored, ostensibly for syncing across devices. Katalov told me he came across the issue "by accident" when he was looking through the Safari history on his own iPhone. When he took Elcomsoft's Phone Breaker software to extract data from the linked iCloud account, he found "deleted" records going back a year. (Apple calls them "cleared" in Safari, not "deleted").» Läs mer

  58. IPHONES SECRETLY SEND CALL HISTORY TO APPLE, SECURITY FIRM SAYS The Intercept 17/12/2016

    «Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled — but the data gets uploaded in many instances without user choice or notification.» Läs mer

  59. Apple Keeps Constant Log Of iPhone Calls In iCloud, Warns Cop Contractor Forbes 17/11/2016

    «Apple has a hidden feature for you in its iPhones: call logs going back as far as four months are stored in near real-time in the iCloud. That’s the warning today from a Russian provider of iPhone hacking tools, Elcomsoft, which claimed the feature was automatic and there was no way to turn it off bar shutting down iCloud Drive altogether.» Läs mer

  60. iPhone call history can be extracted from an iCloud account the Inquirer 17/11/2016

    «APPLE USERS are having their call records stored in the company’s iCloud servers in a way that can be extracted by third parties. Russian software house ElcomSoft has revealed that it has found a way to extract the data in near real time, for anyone targeting a phone with iOS 9 or above. The company has released an app called ElcomSoft Phone Breaker 6.20, capable of performing its nefarious mischief even on a locked, PIN-protected phone.» Läs mer

  61. Hackers Strike It Big On Security Vulnerabilities PYMNTS 30/09/2016

    «According to Elcomsoft, iOS 10 is highly susceptible to a “brute force attack,” where hackers automatically try a continuous number of password combinations until they unlock the right one. This vulnerability may provide an opportunity for hackers to steal credit card data, infiltrate backups and access Apple’s Keychain password manager, where passwords and other authentication data is stored.» Läs mer

  62. Apple iOS 10 Latest News & Update: Security Systems for Backup Issues Can Be Breached Easily? GameNGuide 29/09/2016

    «The malfunctioning Apple iOS 10 intsalment was lately discovered by the Russian company Elcomsoft. They have sighted the problem because they have been also updating their mobile breaker tool for the iPhone. Elcomsoft recently noticed that the backups accessibility creates a new "password verification mechanism" that jumps important security measures that should disable unauthorized person to go into the system.» Läs mer

  63. iOS 10 Jailbreak rumors: Latest iPhone update compromises saved backups YIBADA 28/09/2016

    «According to Elcomsoft’s official blog, a major security flaw was discovered tied up to the iOS 10 backup protection mechanism. Using the Elcomsoft Phone Breaker, they were able to bypass certain security checks and noted that they were 2,500 times weaker. Read more: http://en.yibada.com/articles/163353/20160928/elcomsoft-apple-ios-10-itunes-god-praksis-ios-9.htm#ixzz4LekRw8k6» Läs mer

  64. ElcomSoft updates Phone Breaker, provides faster ability to unlock iOS 10 devices GSN 27/09/2016

    «ElcomSoft Co. Ltd. updates Elcomsoft Phone Breaker 6.10, the company's mobile acquisition tool, providing forensic specialists the ability to unlock iOS 10 backups significantly faster compared to iOS 9. The new discovery in iOS 10 backups potentially allows recovery speeds thousands of times faster compared to password-protected iOS 9 backups.» Läs mer

  65. iOS 10 Security Flaw Leaves iPhone Backups Vulnerable to Hackers CIO TODAY 27/09/2016

    «The latest version of Apple's mobile operating system, iOS 10, features a "major security flaw" that makes it easier for hackers to crack passwords through local iTunes backups, according to the Moscow-based digital forensics and password recovery firm ElcomSoft.» Läs mer

  66. There's a Pretty Serious Security Flaw in iOS 10's Back-Ups Gizmodo 26/09/2016

    «Russian firm Elcomsoft discovered that local back-ups made after updating to iOS 10 use a new password security mechanism that skips a few important security checks. The exploit was discovered by the firm as it worked on updating its iPhone cracking tools to deal with iOS 10.» Läs mer

  67. It’s easier to crack iTunes backups with iOS 10 security flaw The Technews 26/09/2016

    «Elcomsoft, a Russian software company first discovered the flaw while working to update its iPhone breaker tool. They found that after upgrading to iOS 10, the backup saved before, uses a different password verification mechanism that skips certain security checks.» Läs mer

  68. Apple iOS 10 security flaws exposed; iOS 10 jailbreak taking time due to kernel modification issues The International Business Times 26/09/2016

    «Elcomsoft, an independent digital forensics company, has stated that the iOS 10 security feature is easier to exploit than its predecessor. Therefore, Apple fans are expecting an iOS 10 jailbreak soon. Elcomsoft’s digital forensics specialists have been able to bypass some security checks on iOS 10.» Läs mer

  69. iOS 10 has a terrible security flaw you need to know about Alphr 26/09/2016

    «According to Forbes, Russian iPhone hacking firm Elcomsoft has discovered a vulnerability in iOS 10. Elcomsoft found that, once a user has updated to iOS 10, any backups they perform on their phone makes use of a new “password verification mechanism” that skips a whole load of vital security checks.» Läs mer

  70. Security researchers discover ‘severe’ flaw in iOS 10’s iTunes backups, Apple promises to release fix soon The Tech Portal 26/09/2016

    «Apple has just recently debuted its greatest software release, the iOS 10, but researchers have already discovered a major security flaw in its iTunes backup protection mechanism. And while the Cupertino giant boasts about the security of its devices, this loophole leaves the backup data on the operating system vulnerable to password-cracking tools, reports iOS forensics company Elcomsoft.» Läs mer

  71. Apple to crunch iOS 10 local backup password brute force hole The Register 26/09/2016

    «Elcomsoft researcher Oleg Afonin says the flaws mean cracking efforts against iOS 10 backups are 2500 times faster compared to similar efforts against iOS 9. If successful, the attack will grant access to device keychains.» Läs mer

  72. Hackers Can More Easily Steal Your Passwords With Apple's iOS 10 Fortune 26/09/2016

    «The software includes a new way to encrypt iPhone backups created through iTunes that gives hackers a far greater chance of obtaining a target’s passwords than the previous version of iOS, Russian password-retrieval company Elcomsoft said on Friday» Läs mer

  73. New iOS 10 security flaw makes it easier to crack iPhone backups The Verge 25/09/2016

    «Elcomsoft, a Russian firm that has created tools to break into iPhones, discovered the vulnerability as it worked to update its phone breaker tool. It found that backups saved after a user updates to iOS 10 uses a new "password verification mechanism" that skips several security checks, according to a blog post.» Läs mer

  74. iOS 10 was not great for Apple’s backup security, experts say Read more: http://www.digitaltrends.com/mobile/ios-10-backup-security/#ixzz4LefoInmc Follow us: @digitaltrends on Twitter | digitaltrendsftw on Facebook Digital Trends 25/09/2016

    «In love with the new iOS 10? If you’re a hacker, you probably are. That’s because the newest operating system allegedly makes it “considerably easier” to hack iTunes logins for backup passwords stored on a Mac or PC. According to software company (and iPhone expert) Elcomsoft, the backup method used in iOS 10 “skips certain security checks,” which allowed professional hackers to test backup passwords “approximately 2500 times faster” when compared to iOS 9 and previous generations.» Läs mer

  75. Apple promises fix for iOS 10’s iTunes backup security flaw SlashGear 25/09/2016

    «Security forensics company Elcomsoft revealed last week that encrypted iOS backups created in iTunes have been made far less secure with the recent release of iOS 10. While an unintentional flaw, the new password protected backups offer an “alternative password verification mechanism” that allows them to fall victim to brute force hacks much more quickly and easily than with previous iOS versions. Fortunately Apple acknowledged the issue, and says a fix is on the way with “an upcoming security update.”» Läs mer

  76. iOS 10 iTunes Backup Found To Be Less Secure Than iOS 9 Übergizmo 25/09/2016

    «Thankfully for the most part, developers have made backups relatively secure, but unfortunately it seems that with iOS 10, Apple has actually made backups less secure than with iOS 9. This is according to reports from security researchers at Elcomsoft and also Per Thorsheim (via PhoneArena), a security adviser at God Praksis AS.» Läs mer

  77. Apple Promises To Fix A Severe iOS 10 Security Flaw With iPhone Backups The Inquisitr 25/09/2016

    «Apple iPhone is secure. However, an iOS 10 security flaw can compromise it. Elcomsoft, a Russian forensics research firm, has discovered a dangerous loophole in iOS 10 which can allow hackers to crack the otherwise password-protected iPhone backups 40 times faster than before. These backups contain your passwords and other authentication data related to your phone as well as the apps. Apple spokeswoman confirmed to Forbes that the iPhone maker acknowledges the issue and is working on a fix.» Läs mer

  78. Apple iOS 10 security flaw makes it easier for hackers to access your data The Daily Dot 24/09/2016

    «Developers at Elcomsoft—a Russian company that builds tools to help police access people's devices—uncovered changes to the way Apple protects backup data stored on your computer through iTunes.» Läs mer

  79. iOS 10 security flaw allows hackers to crack passwords 2,500 times faster, Russian firm Elcomsoft says IBTimes 24/09/2016

    «Elcomsoft researchers discovered that when iOS 10 backups that are saved to a PC or Mac via iTunes, password-cracking tools can be used to conduct brute-force attacks at the alarming rate of 6,000,000 per second. Additionally, the researchers said that if hackers are successful in cracking the password, they would then be able to "decrypt the entire content of the backup including the keychain".» Läs mer

  80. Forensics firm says backups easier to crack in iOS 10, Apple promises fix AppleInsider 24/09/2016

    «With iOS 10, it's possible to brute-force a backup password 40 times faster using CPU acceleration when compared with GPU-powered cracking of iOS 9, Elcomsoft explained in a blog post quoted by Forbes. Applying the same Intel Core i5 CPU in both cases, iOS 10 is 2,500 times faster to break.» Läs mer

  81. Apple acknowledges iOS 10 security flaw that makes it easier to access protected iTunes backups 9to5 24/09/2016

    «A new discovery by iOS forensics company Elcomsoft has revealed that encrypted iOS backups via iTunes are much easier to crack with iOS 10 than in past years. The change in security is apparently due to a new password verification method in iOS 10.» Läs mer

  82. Apple to Fix iOS 10 Security Flaw with iTunes Backups TidBITS 24/09/2016

    «Russian security company Elcomsoft has discovered a major security flaw in iOS 10: encrypted iTunes backups made with iOS 10 allow password-cracking tools to make 6 million attempts per second, more than 40 times faster than with backups created with iOS 9. Apple has confirmed that the issue is real and plans to fix it in an upcoming security update.» Läs mer

  83. iOS 10 Vulnerability Makes Bruteforcing Backup Passwords Up To 2,500 Times Faster (Updated) Tom's Hardware 23/09/2016

    «ElcomSoft, a Russian digital forensics and IT security firm, announced that it found a flaw in iOS 10’s backup password mechanism that allows its password cracking tools to bruteforce a password 2,500 times faster compared to when the old iOS 9 mechanism was being used.» Läs mer

  84. iOS 10 Found To Lack Security Checks Against Brute-Force Attacks The International Business Times 23/09/2016

    «Apparently, Russian cybersecurity firm Elcomsoft has found out that the iOS 10 is lacking some implementations that could make it safe against hackers. The firm discovered recently that iOS 10 does not come with certain security checks that are present in iOS 9, as per Phone Arena.» Läs mer

  85. Upgrading to iOS 10 may have made your backups a lot faster to crack Graham Cluley 23/09/2016

    «The silver lining on the cloud is that ElcomSoft's discovery affects the local iTunes backups you might make of your iPhone or iPad. That means that any hacker wanting to exploit the weakness would have to target the computer you have made the backup onto, rather than something more chilling like trying to access the phone itself remotely.» Läs mer

  86. iOS 10 Has a 'Severe' Security Flaw, Says iPhone-Cracking Company Motherboard 23/09/2016

    «In a blog post published Friday by Elcomsoft, a Russian company that makes software to help law enforcement agencies access data from mobile devices, researcher Oleg Afonin showed that changes in the way local backup files are protected in iOS 10 has left backups dramatically more susceptible to password-cracking attempts than those produced by previous versions of Apple’s operating system.» Läs mer

  87. iOS 10 backups can be hacked 2,500 times faster than in iOS 9, researchers find Business Insider 23/09/2016

    «Moscow-based ElcomSoft discovered the flaw, which is centered around local password-protected iTunes backups. On iOS 10, these now have a weak secondary security mechanism which "skips certain security checks." This makes it possible to launch a brute-force attack – where different passwords are tested until the correct one is identified – up to 2,500 faster than iOS 9.» Läs mer

  88. Cracking passwords using Nvidia's latest GTX 1080 GPU (it's fast) TechSpot 19/08/2016

    «Nvidia recently released their new GeForce GTX 1080 graphics card based on the new Pascal architecture. Elcomsoft Distributed Password Recovery 3.20 added support for the new architecture. What does it mean for us?» Läs mer

  89. THE FORENSIC WAY TO ACQUIRE EMAIL WE ARE 4N6 08/08/2016

    «Elcomsoft has updated Cloud Explorer to version 1.10. This new release adds the ability to download email messages from the user’s Gmail account for offline analysis. In order to do that, they had to develop a highly specialized email client. They opted to use Google’s proprietary Gmail API to download mail. In this article, they’ll explain their decision and detail the benefits you’ll be getting by choosing a tool that can talk to Gmail in Gmail language.» Läs mer

  90. Elcomsoft Password Recovery für Macs und Amazon-Coud WindowsPro 28/07/2016

    «Die aktuelle Ausgabe weist verbesserte Funktionen für Mac OS X auf. So entschlüsselt die neue Version Passwörter von OS X-Benutzer­konten, DMG-Images und FileVault 2-Volumes. Dabei zielt die Software auf das Klartext-Passwort ab, das Mac-OS-Benutzerkonten zur Verschlüsselung der Volumes einsetzen.» Läs mer

  91. Nexus Phones: 5 Things to Consider Before Buying The Cheat Sheet 26/06/2016

    «That out-of-the-box encryption caught Android up with Apple’s iOS — even though as Elcomsoft’s Oleg Afonin reports, activating full-disk encryption on an Android phone often results in slower performance and lower battery life, which may be one reason why few Android users turn the feature on when it’s optional, and the majority of the users who do have encryption turned on are Nexus users.» Läs mer

  92. Android And iPhone Do-It-Yourself Hacking Kits For Security Experts And Wannabes Forbes 04/04/2016

    «The Elcomsoft Mobile Forensic Bundle is a kit for corporate customers as well as law enforcement and government agencies to break smart phone passwords, decrypt data, and view information stored on mobile devices. Elcomsoft, based in Moscow, Russia, offers an iOS Forensic toolkit for iPhones and other Apple AAPL +0.99% products that run iOS.» Läs mer

  93. How to bypass an iPad or iPhone passcode: Forgot your passcode? Here's how to 'hack' your way past iOS password security Macworld 31/03/2016

    «Forget the finger tricks you'll see in YouTube videos. It is possible to hack the iPad passcode, but you need serious software to do so. This is known as forensics software because law enforcement agencies use them when analysing a mobile phone. We tested Elcomsoft iOS Forensic Toolkit and found it a reliable means of cracking an iPad's passcode. The software is not available to the general public and you will need to apply for a license (and show your credentials).» Läs mer

  94. Here's how to get what Google knows about you DNA 28/03/2016

    «The information stored by Google about you is kept in different places and usually requires visiting multiple websites or applications to collect. Tools have been created to be able to extract this information with reduced effort and increased speed. One such tool is Elcomsoft Cloud eXplorer.» Läs mer

  95. How to hack an iPhone password security and iPad’s Lock in just few steps HackersNewsBulletin 27/03/2016

    «Forensic software are used by law enforcement agencies to get through the passcodes if they need to look into a suspected iPhone or iPad. You can use the same to hack and get your iPhone or iPad back. However, you need to be comfortable with the Command Line in Terminal.[...] Elcomsoft was tested by us and it was found to be very reliable but it is not available for general public so you need to buy the license and may need to proof that you are a legitimate entity which will not use it for illegal means.» Läs mer

  96. Remember, It Was A 'Lawful Access' Tool That Enabled iCloud Hacker To Download Celebrity Nudes techdirt 24/03/2016

    «On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.» Läs mer

  97. Windows 10, Outlook, Skype and SkyDrive passwords relatively easy hacked with Russian software Myce.com 21/03/2016

    «The software “System Recovery” from the Russian company Elcomsoft makes it possible to crack Microsoft accounts which provide access to Windows 8(.1) and Windows 10 but also to Outlook.com, OneDrive and Xbox Live. The System Recovery software previously already made it possible to gain access to local Windows accounts. Now the software is is able to cracking Microsoft accounts it is an even more powerful tool. Not only does a cracked password provide access to several Windows operating systems, it also provides access to many online services for which a Microsoft account is required.» Läs mer

  98. Ex-NSA Hackers Explain -- Why You Do And Don't Want The NSA To Help FBI Crack iPhones Forbes 17/03/2016

    «CEO of Russian iPhone forensics vendor Elcomsoft, Vladmir Katalov, said any exploits would have to retrieve the encryption keys locking up the device, and this would require a zero-day in the iOS bootrom, or as Apple calls it the SecureROM. This contains the first code run by a processor in an iPhone after the power is turned on. If a vulnerability can be found at that low level and the code altered, it would be possible to access protected data.» Läs mer

  99. Stealing Nude Pics From iCloud Requires Zero Hacking Skills -- Just Some YouTube Guides Forbes 16/03/2016

    «That’s another of the functions of Elcomsoft’s kit, to harvest all data from targets’ iClouds. Elcomsoft CEO Vladmir Katalov told me: “We do not provide the service, just the software… once you supply the Apple ID and password, it shows the list of available iCloud backups and allows [you] to download any of them. It makes a direct connection to Apple datacenters.”» Läs mer

  100. Obama’s Call for Encryption 'Compromise' Is Hypocritical Motherboard 12/03/2016

    «“The iCloud’s design for ‘warrant friendliness’ is precisely why the security of the system was also weak enough to allow hackers to break into these women’s accounts and steal all of their most private information,” Zdziarski wrote. “The data stored in iCloud is stored in a weaker way that allows Apple to service law enforcement requests, and as direct result of this, hackers not only could get into the same data, but did. And they did it using a pirated copy of a law enforcement tool—Elcomsoft Phone Breaker.”» Läs mer

  101. How To Hack An iPhone: ‘Decapping’ Process Is Risky And Could Destroy The San Bernadino Shooter’s iPhone Forever IBTimes 04/03/2016

    «Moscow-based ElcomSoft says it has tools that can be used to extract data from an iPhone, but the caveat here is that the tools work only on a "jailbroken" device, having undergone a process that bypasses Apple’s software restrictions. Since the process use software exploits in iOS code, Apple is usually quick to patch the holes.» Läs mer

  102. Apple Has Already Won. Now It Should Crack the San Bernadino iPhone IEEE Spectrum 22/02/2016

    «Since early 2000, it has been third-party forensic experts and companies—not device manufacturers—who have provided the tools and techniques that law enforcement agencies use to access data stored in mobile devices. Among them are companies such as Access Data, Cellebrite, Compelson, *ElcomSoft*, Final Data, Katana, Logicube, MicroSystemation, Oxygen, Paraben, Radio Tactics, and Susteen. The tools developed by these companies are tested by the National Institute of Justice and approved to provide accurate evidence, admissible in court.» Läs mer

  103. Elcomsoft Cloud eXplorer Provides Forensic Access to Google Account Data CloudWedge 22/12/2015

    «The IT forensics industry is relied upon to categorize the contents of hard drives for legal proceedings. With popular companies such as Google collecting data on their account holders, having access to all of the data a person has stored within their Google account could potentially help investigators solve a case, come to a settlement or settle some sort of disagreement.» Läs mer

  104. The Truth About Hack Vulnerability, It Can Happen to Any Mobile of Internet User CDA News 27/10/2015

    «When it comes to hack vulnerability, CEO Vladimir Katalov of Elcomsoft Ltd said, “Basically, you can forget about privacy if you’re using a smartphone or any device.” Elcomsoft is a firm that creates digital forensics software tools for clients like U.S. intelligence agencies, reported CBC News.» Läs mer

  105. Apple vs. Google: If you get hacked, which account could be bigger trouble? CBC News 26/10/2015

    «If you were to get hacked, would it be worse for the hack to affect your Apple account or your Google account? That depends on a lot of factors. But Vladimir Katalov, CEO of Elcomsoft Ltd., a company that makes digital forensics software tools for customers like U.S. intelligence agencies, says he thinks ultimately, getting your Google account hacked is riskier.» Läs mer

  106. Three ways to recover from a forgotten Windows password www.spgedwards.com 18/03/2015

    «You've forgotten your Windows password. What now? I’ll show you three different ways to get back into your system: 1. The ‘right’ way 2. A free but dirty hack 3. An elegant but $50 hack.» Läs mer

  107. Tackling A False Sense of Device Security Infosecurity Magazine 21/01/2015

    «Changing and verifying passwords from a mobile device also puts unsecured data at risk. Until recently, with the two-step iCloud verification, hackers and cyber-criminals could log into your account with stolen or guessed passwords. This access allowed attackers to download a complete back-up of a consumer’s data by using Elcomsoft's Phone Password Breaker.» Läs mer

  108. Apple Inc. (NASDAQ:AAPL) iCloud Is Not Safe WallStreet.org 16/01/2015

    «Internet security has been a hot topic since 2014. Be it be Sony or Apple Inc. (NASDAQ:AAPL), the risk of losing data and consciousness about privacy, everyone cares deeply about keeping their lives private. All old methods of verifications are now replaced with biometric verification.» Läs mer

  109. Apple Inc. iCloud Security Features Still Not Foolproof Bidness 15/01/2015

    «The bone of contention with Apple’s security features is that it allows hackers and software such as Phone Breaker an in, because the two-step verification process isn’t spread out across all of Apple’s services. The argument against that, is that most users would not want to be inconvenienced by the added security features.» Läs mer

  110. Hackers can still access your iCloud, even with two-step enabled! PC Tech 18/12/2014

    «If you expect two-step verification to be the ultimate protection against your iCloud, then think again. An update to Elcomsoft’s Phone Breaker software now makes it easier for guys to bypass Apple’s vaunted new two-factor authentication to steal your iCloud stuff.» Läs mer

  111. Hacking your iCloud files just got easier, even with two-step enabled Engadget 18/12/2014

    «An update to Elcomsoft's Phone Breaker software now makes it easier for good or bad guys to bypass Apple's vaunted new two-factor authentication to steal your iCloud stuff. As before, the hackers would need some information to start with -- either your Apple ID/password plus a two-factor code, or a digital token stolen from, say, your laptop.» Läs mer

  112. Phone Breaker iCloud-hacking software now supports 2FA, allows access to WhatsApp & iWork files 9TO5MAC 18/12/2014

    «It’s not as scary as it sounds – the software can only be used once the attacker already has an Apple ID and password, together with either a second trusted device or your recovery key. A phishing attack is the most common way to obtain these, so as long as you use strong, unique passwords and don’t click on links in emails claiming to be from Apple, you should be safe. But it does allow users of the software to download either entire iPhone backups or selected data direct from iCloud much more easily than having to go through a compromised device by hand.» Läs mer

  113. The App That Makes It Incredibly Easy For Hackers To Break Into Your iPhone Just Got Even Scarier Business Insider 18/12/2014

    «Elcomsoft Phone Breaker, the app that some think hackers used to break into Kate Upton's iCloud account in September, just got a massive update that makes it even easier to steal information. The update allows users to break into iCloud accounts that have two-factor authentication enabled, the company announced on Thursday.» Läs mer

  114. Forensic software gets around Apple's iCloud security features PCWorld 17/12/2014

    «A Russian software company has updated its forensic software to work-around the security features Apple recently added to iCloud and increased what information can be extracted from the cloud storage service.» Läs mer

  115. Apple passcode-protects iOS 8 devices, but cops can still inhale your iCloud The Register 23/09/2014

    «Improved security features in iOS 8 prevent Apple from unlocking phones – even for law enforcement. But search warrant-holding cops can still get almost everything through iCloud backups, according to ElcomSoft.» Läs mer

  116. Apple toughens iCloud security after celebrity breach BBC 17/09/2014

    «Several hackers' forums contain discussions about using of pirated copies of Elcomsoft's "forensic" software, which is marketed as a tool for law enforcement agencies to access iCloud content without needing to be in possession of a suspect's iPhone or iPad. ElmcomSoft's Moscow-based owner told the BBC earlier this month that he believed his software had been used in the recent hacks, as it was "the only one able to do that".» Läs mer

  117. iPwned: How easy is it to mine Apple services, devices for data? ArsTechnica 11/09/2014

    «In the name of security, we did a little testing using family members as guinea pigs. To demonstrate just how much private information on an iPhone can be currently pulled from iCloud and other sources, we enlisted the help of a pair of software tools from Elcomsoft. These tools are essentially professional-level, forensic software used by law enforcement and other organizations to collect data. But to show that an attacker wouldn’t necessarily need that to gain access to phone data, we also used a pair of simpler “hacks,” attacking a family member’s account (again, with permission) by using only an iPhone and iTunes running on a Windows machine.» Läs mer

  118. How I Hacked My Own iCloud Account, for Just $200 Mashable 05/09/2014

    «For just $200, and a little bit of luck, I was able to successfully crack my own iCloud password and use EPPB to download my entire iCloud backup from my iPhone. For $400, I could have successfully pulled in my iCloud data without a password and with less than 60 seconds of access to a Mac or Windows computer where I was logged into iCloud.» Läs mer

  119. Can You Trust Apple with Your Data? Tom's Guide 05/09/2014

    «Following the very public leaks of private intimate photos of celebrities, many of whom are also iPhone owners, some security experts say Apple may have made it too easy for thrill-seekers to guess celebrities' usernames and then "restore" backed-up photos to their own iPhones. That's just one reason many people are worried.» Läs mer

  120. Hackers used police spy tool to steal nude celebrity pictures RT 05/09/2014

    «The major leak of nude celebrity photos last weekend was made possible by software designed to let law enforcement lift data from iPhones with ease. The software is used in tandem with a tool made public recently that can crack Apple iCloud passwords.» Läs mer

  121. The Russian-made tool that grabs nude selfies from iCloud accounts PC World 04/09/2014

    «There’s a seedy trade in compromising photos stored in Apple iCloud accounts, and it is in part aided by a software program that cleanly collects the data. Some of the nude celebrity photos are believed to have first been circulated on Anon-IB, a definitely not safe-for-work forum. As reported by Wired, the forum is full of offers for iCloud “ripping,” or downloading the entire contents of an account.» Läs mer

  122. FBI & CIA use the same software as hackers to access iCloud accounts Softonic 04/09/2014

    «The software is called Elcomsoft Phone Password Breaker (EPPB) and is developed by Elcomsoft, a Russian company specializing in computer forensics. As Wired first reported, ElcomSoft's name first popped up on web forum Anon-IB, where hackers claim to have used the EPPB software– which allows you to retrieve iCloud Backups with a user's original credentials– to extract nude photos from other people's iCloud accounts. According to Business Insider, it was this software that was responsible for stealing iCloud data from celebrities like Jennifer Lawrence, Kirsten Dunst, and Kate Upton.» Läs mer

  123. Apple iCloud security exploit is a concern, experts say BBC News 03/09/2014

    «Technology magazine Wired first reported that software from a Russian firm, ElcomSoft, was being mentioned on a hackers discussion group as a useful tool for infiltrating iCloud accounts. The program, marketed to law enforcement agencies, claims to offer access to iCloud content without the operator needing to be in possession of the iPhone or iPad concerned.» Läs mer

  124. Apple’s Two Factor Authentication Doesn’t Protect iCloud Backups Or Photo Streams TechCrunch 03/09/2014

    «Once they gain access to an Apple account, some are using the login and password to ‘restore’ an iCloud backup using an application by Elcomsoft called the Phone Password Breaker — exporting data including photos and more to a folder which they can then sift through.» Läs mer

  125. Is Apple iCloud Safe? InfoRiskToday.co.uk 03/09/2014

    «Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.» Läs mer

  126. Apple two-factor authentication fail leaves iCloud users vulnerable TechTarget 03/09/2014

    «Vladimir Katalov, CEO of Moscow-based ElcomSoft Co. Ltd., agreed that usability is likely the primary concern for Apple's limited two-factor authentication coverage for iCloud. Katalov, who previously detailed the iCloud 2FA limitation, said that in situations where a user loses or breaks a device, they would need to have a separate recovery code stored somewhere to gain access to the iCloud backup, something that may not always be readily available.» Läs mer

  127. NUDE SELFIE CLOUD PERV menace: Apple 2FA? Sweet FA, more like The Register 03/09/2014

    «Apple's particular shortcomings have been fairly well known in the field of computer forensics, if not the wider IT market, for some time. ElcomSoft security researcher Vladimir Katalov presented research on what portions of iCloud are protected by two-factor authentication at the Hack In The Box security conference last year. His presentation, Modern Computer Forensics,which also covers issues related to Android, BlackBerry backups and Windows Phone 8, can be found here (PDF).» Läs mer

  128. The Nude Celebrity Photo Leak Was Made Possible By Law Enforcement Software That Anyone Can Get IBT 03/09/2014

    «A law enforcement software tool played a key role in the iCloud hack that saw hundreds of nude celebrity photos released over the weekend, reports Wired. It’s called Elcomsoft Phone Password Breaker. Built by Moscow-based forensics firm Elcomsoft, EPPB is designed to circumvent security on iOS devices so that law enforcement can get data off of bad guys’ phones.» Läs mer

  129. Meet the police forensic tool pervs used to steal celebrity iCloud nude photos Cult of Mac 02/09/2014

    «Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible. One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.» Läs mer

  130. The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud Wired 02/09/2014

    «If a hacker can obtain a user’s iCloud username and password with iBrute, he or she can log in to the victim’s iCloud.com account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages.» Läs mer

  131. Elcomsoft releases new tool to access iCloud data without Apple ID FierceCIO:TechWatch 20/06/2014

    «Elcomsoft has developed a way to access files stored within Apple's iCloud service without knowing a person's Apple ID. Developed by the well-known Russian company to help law enforcement analyze seized computers, the tool works by making use of special authentication tokens obtained from suspects' computers.» Läs mer

  132. Russian forensic firm's tool snags iCloud backups without an Apple ID CIO 18/06/2014

    «Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person's Apple ID, a development intended to help law enforcement analyze seized computers.» Läs mer

  133. Forensic tool cracks into iCloud data with no password or Apple ID required Computerworld 18/06/2014

    «Some people pay little attention when there’s a new password cracker because they think along the “bite me” lines of “big deal ‘cause I have a 30-character password securing my account; good luck cracking that.” Other folks are on the other side of the spectrum, knowing a rainbow table isn’t exactly necessary for a highly guessable password like “password” or “123456.” But if you are a big fan of Apple and of iCloud storage, then you might be interested to learn there’s a new forensic tool capable of “over-the-air acquisition of iCloud data without having the original Apple ID and password.”» Läs mer

  134. Russian company Elcomsoft develops method to compromise Apple (AAPL) iCloud backups PFhub 18/06/2014

    «Proving once again that Russian software experts make superb hackers, Elcomsoft Proactive Software of Moscow, Russia has created a tool that enables accessing the iCloud backups of users who are logged in to their iCloud account, without their cooperation or consent. The tool takes advantage of the method Apple Inc. uses to keep users logged in over an extended period of time without needing to re-enter their passwords.» Läs mer

  135. How Forensic Tools Unearth Deleted Text Messages CIO 12/03/2014

    «Unlike work email, most mobile text messages don't flow through the corporate network except for the rare exception when employees use a company-deployed texting app. This means text messages are a blind spot for IT -- that is, impossible to monitor.» Läs mer

  136. How to hack an iPad or iPhone passcode: bypass iOS password security and remove the iPad's lock Macworld 04/03/2014

    «It is possible to hack the iPad passcode, but you need serious software to do so. This is known as forensics software because law enforcement agencies use them when analysing a mobile phone. We tested Elcomsoft iOS Forensic Toolkit and found it a reliable means of cracking an iPad’s passcode.» Läs mer

  137. Windows 8.1 biometrics support increases security, but do you need it? SearchEnterpriseDesktop 28/10/2013

    «Windows 8.1 Preview comes with the software necessary to register and manage fingerprint-based authentication on the desktop. This removes the need for hardware manufacturers to provide their own apps, helping to avoid problems introduced with third-party software. For example, in the past, a number of computer manufacturers -- including Acer, Dell, Gateway, Lenovo and Toshiba -- had shipped their laptops with UPEK's scanner and software. Last year, ElcomSoft, a certified Microsoft partner in Russia, discovered that UPEK's fingerprint-reader program was storing Windows account passwords in the registry as plain text. The passwords were scrambled, but not encrypted, making them an easy target for hackers and cybercriminals.» Läs mer

  138. Researcher says iCloud backups have security shortfalls SCMagazine 26/10/2013

    «The Elcomsoft chief executive found that Apple did not extend its two-factor authentication to protect the online backups which were stored on Microsoft and Amazon servers.» Läs mer

  139. Apple's iCloud iConundrum - does convenience mean insecurity? Naked Security 24/10/2013

    «In his talk, "Cracking and Analyzing Apple's iCloud Protocols", Katalov showed how Apple's optional two-factor authentication is selective in its application, even where it is available.» Läs mer

  140. Researcher continues exploring iCloud security, some media outlets continue to overreact iMore 21/10/2013

    «Russian security researcher Vladimir Katalov gave a talk last week at Hack in the Box security conference detailing his findings on Apple's iCloud protocols. Katalov's research highlights several shortcomings in iCloud's security model, including the fact that iCloud data is not protected by the two-step verification system Apple rolled out earlier this year.» Läs mer

  141. Apple's iCloud protocols cracked and analyzed Help Net Security 17/10/2013

    «Smartphones carry a lot of sensitive data that in theory should be accessible only to their owners. In practice, a lot of it can be exfiltrated from the devices and from the backups either stored on the device or in the cloud by employing different forensic methods. In his presentation at the Hack in the Box Conference, co-founder and CEO of Russian password-cracking / recovery company ElcomSoft Vladimir Katalov has shared the results of their efforts in cracking and the discoveries they made by analysing Apple's iCloud protocols, as well as those used for Windows Phone and BlackBerry backups.» Läs mer

  142. Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out The Register 15/10/2013

    «TrueCrypt's documentation makes it plain that it can't secure data on a computer compromised by malware or a hardware keylogger. It's also well known in computer forensics circles that TrueCrypt keys can be recovered from memory, even using commercial tools from the likes of ElcomSoft, given physical access to a powered-up machine.» Läs mer

  143. ElcomSoft Speeds Up Phone Password Breaker, Enables Real-Time iCloud Recovery Dark Reading 22/08/2013

    «The new release enables selective recovery of certain types of data stored in Apple iCloud, enabling true real-time access to forensically significant information. By enabling real-time access to information stored in iCloud, ElcomSoft provides law enforcement organizations with live access to users' online backups, eliminating the need to wait while the full backup with irrelevant information gets downloaded. At this time, Elcomsoft Phone Password Breaker remains the only tool on the market that can download iCloud backups to a PC. Apple does not support direct data downloads, only allowing to restore iCloud backups onto a freshly initialized iOS device.» Läs mer

  144. Apple's two-step verification won't protect iCloud data FierceCIO:TechWatch 04/06/2013

    «Contrary to what users may believe, Apple's (NASDAQ: AAPL) two-step authentication does not offer additional protection against hackers who try to get data stored within the iCloud service, according to ElcomSoft CEO Vladimir Katalov. ElcomSoft is a well-known Russian security firm that specializes in a range of password and encryption-busting tools.» Läs mer

  145. Report: Apple's Two-Step Authentication Doesn't Protect iCloud Data AppAdvice 03/06/2013

    «Apple launched a new two-step authentication system for iCloud back in March, and rolled the feature out internationally a couple of months later. According to a new report, however, iDevice users should be aware that Apple’s two-step authentication does not protect iCloud backups, and nevertheless leaves users vulnerable to the kind of hack which last year controversially struck Wired’s Matt Honan.» Läs mer

  146. Apple two-factor security efforts “half-hearted,” says security researcher GigaOM 03/06/2013

    «Like many large tech companies, Apple has recently introduced a two-step security measure for Apple users. But Elcomsoft software finds that iCloud data and device backups are left unprotected, and that the company needs to do more to improve user protection.» Läs mer

  147. Apple IDs vulnerable even after 'two-factor authentication' Mobile & Apps 01/06/2013

    «Apple was looking at its new two-factor authentication to improve the security for the Apple ID and iCloud access, but it seems like the Cupertino-based tech giant has to work harder to provide better protection to its users' data.» Läs mer

  148. iCloud users take note: Apple two-step protection won’t protect your data Ars Technica 31/05/2013

    «If you think your pictures, contacts, and other data are protected by the two-step verification protection Apple added to its iCloud service in March, think again. According to security researchers in Moscow, the measure helps prevent fraudulent purchases made with your Apple ID but does nothing to augment the security of files you store. To be clear, iCloud data is still secure so long as the password locking it down is strong and remains secret. But in the event that your account credentials are compromised—which is precisely the eventuality Apple's two-factor verification is intended to protect against—there's nothing stopping an adversary from accessing data stored in your iCloud account. Researchers at ElcomSoft—a developer of sophisticated software for cracking passwords—made this assessment in a blog post published Thursday.» Läs mer

  149. Apple's new security system has holes CNNMoney 31/05/2013

    «Apple recently beefed up its authentication system in an effort to thwart hackers, but a new report shows the security measure is lacking in one huge area. Back in March, Apple (AAPL, Fortune 500) unveiled an optional "two-factor authentication" login method for its Apple ID. It's a basic security tool already used by Google (GOOG, Fortune 500), Facebook (FB) and Dropbox that requires both a password and a piece of data, such as a string of numbers sent via text message. Twitter also recently unveiled such a system following a series of prominent hacks of Twitter accounts. But security software company ElcomSoft explained in a blog post Thursday that Apple's new security measures protect users only in a few situations: app and music purchases, managing an Apple ID account or receiving customer support related to Apple ID. It does nothing to protect other important information, like photos and other files stored on its iCloud service.» Läs mer

  150. Apple’s two-factor authentication is not very thorough Infosecurity 31/05/2013

    «Back in February, Norwegian hackers were raiding teenage girls’ iCloud accounts, downloading photos and offering them for sale. By March, Apple had introduced and started to roll out optional two-factor authentication to improve security. But it’s not that good, reports Elcomsoft.» Läs mer

  151. Apple 2FA doesn't cover iCloud SC Magazine, Australia 31/05/2013

    «Attackers can bypass Apple's two-factor authentication to download and install a victim's iPhone and iPad backups, a security firm has revealed. The Cupertino company deployed two-factor authentication for Apple identities in March, requiring a second form of verification for account management and iTunes or App Store purchases. But it did not extend the security across its iCloud service, meaning an attacker with a target's username and password in hand could still download and restore an iOS backup.» Läs mer

  152. iCloud not protected by Apple’s two-factor authentication, say researchers SlashGear 31/05/2013

    «Apple introduced two-factor authentication (or two-step verification if you’d like to call it that) with iCloud back in March, adding an extra layer of security to its cloud backup system. However, security researchers say that iCloud is still vulnerable to a break-in if your password is stolen.» Läs mer

  153. Apple's two-factor security isn't as good as Microsoft or Google's, say experts The Register 31/05/2013

    «But according to research from security biz Elcomsoft, Apple did a "half-hearted job" of implementing its verification system, "leaving ways for the intruder to access users’ personal information, bypassing the (optionally enabled) two-factor authentication". Specifically iOS Backups and iCloud data is not protected by two-factor authentication.» Läs mer

  154. Apple’s Two-Step iCloud Authentication Deemed Unsecure By Third-Party Security Firm redOrbit.com 31/05/2013

    «Apple recently rolled out two-step authentication check for iCloud to protect users from having their account info changed without an additional, one-time password. They were a tad late to the game, however, as companies like Dropbox, Google, Facebook, Twitter and others have already implemented this additional security step for their users.» Läs mer

  155. Apple's new security system fails to protect files stored in iCloud, says security firm Read more: Apple's new security system fails to protect files stored in iCloud, says security firm FierceMobileIT 31/05/2013

    «Apple's (NASDAQ: AAPL) new two-factor authentication system does not apply to iCloud backups, enabling a hacker with a user's Apple ID and password to download and access information stored in iCloud, according to Vladimir Katalov with security firm ElcomSoft. Read more: Apple's new security system fails to protect files stored in iCloud, says security firm - FierceMobileIT http://www.fiercemobileit.com/story/apple-new-security-system-fails-protect-files-stored-icloud-says-security-f/2013-05-31#ixzz2V9p8DSUF Subscribe at FierceMobileIT» Läs mer

  156. Elcomsoft Details Lapses in Apple’s Two-Factor Authentication Approach TidBITS 30/05/2013

    «When Apple added optional two-factor authentication for Apple IDs recently, many applauded the move (as we did in “Apple Implements Two-Factor Authentication for Apple IDs,” 21 March 2013). Requiring both a static password and a temporary code for logins from new devices reduces the chance of an undesirable party — online criminal, spurned lover, or repressive government — gaining access to your account. Two-factor authentication doesn’t eliminate the possibility of an account being compromised, but it sets the bar significantly higher.» Läs mer

  157. Apple’s Two-Step Authentication Doesn’t Protect Your iCloud Backups Cult of Mac 30/05/2013

    «Apple's two-step authentication process is designed to make your Apple ID more secure...» Läs mer

  158. Security Researcher Raises Concerns over Apple's Two-Step Authentication iMore.com 30/05/2013

    «CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.» Läs mer

  159. Apple iPhone Decryption Backlog Stymies Police InformationWeek 14/05/2013

    «Apple is overwhelmed by requests from law enforcement agencies to decrypt seized iPhones, and its waiting list is so long that it may take months before new requests get handled. That revelation, first reported by CNET, was gleaned from a search warrant affidavit for a seized iPhone last summer by a federal agent who was investigating a Kentucky man on crack cocaine distribution charges.» Läs mer

  160. Apple deluged by police demands to decrypt iPhones CNET 10/05/2013

    «ATF says no law enforcement agency could unlock a defendant's iPhone, but Apple can "bypass the security software" if it chooses. Apple has created a police waiting list because of high demand. [...] Elcomsoft claims its iOS Forensic Toolkit can perform a brute-force cryptographic attack on a four-digit iOS 4 or iOS 5 passcode in 20 to 40 minutes. "Complex passcodes can be recovered, but require more time," the company's marketing literature says.» Läs mer

  161. Apple Decrypts iPhone For the Police, But It Makes Them Wait [Report] Cult of Mac 10/05/2013

    «Apple Decrypts iPhone For the Police, But It Makes Them Wait.» Läs mer

  162. Picture imperfect The Economist 09/03/2013

    «A feature introduced several years ago by Canon and Nikon, the two leading camera manufacturers, gives photographers a way to prove, if challenged, that their images have not been manipulated. When a picture is taken, the cameras attach a coded signature that is destroyed if the image is modified and resaved. An intact signature, then, should prove that a photo is genuine. But researchers at ElcomSoft, a computer-security firm based in Moscow, have shown that the system is easily fooled. Counterfeiters can copy an image’s security signature and reapply it after retouching, says Vladimir Katalov, ElcomSoft’s boss.» Läs mer

  163. Forensic tool to decrypt TrueCrypt, Bitlocker and PGP contains and disks released Ghacks 07/02/2013

    «Elcomsoft’s Forensic Disk Decryptor works well if you can get your hands on a memory dump or hibernation file. All attack forms require local access to the system. It can be a useful tool if you forgot the master key and desperately need access to your data. While it is quite expensive, it costs €299, it may be your best hope of retrieving the key, provided that you are using hibernation or have a memory dump file that you have created while the container or disk were mounted on the system. Before you make a purchase, run the trial version to see if it can detect the keys.» Läs mer

  164. ElcomSoft: Nvidia Tesla K20 Beats a Dual GPU Configuration in Password Cracking Bright Side Of News 07/02/2013

    «When Nvidia announced the 7+ billion transistor part codenamed GK110 as the chip behind the Tesla K20 and upcoming high-end Quadro and GeForce boards, a lot of questions were asked just how much compute power was taken out of GK104 chips, which now power the majority of Nvidia's lineup (GeForce GTX 660 Ti/670/680/690, Quadro K3000/K4000/K5000, Tesla K10). Thanks to ElcomSoft, we now know the answer to that question.» Läs mer

  165. BitLocker, PGP and TrueCrypt encryption weakened by new attack tool PC Advisor 03/01/2013

    «Russian password-cracking wizards ElcomSoft have announced a new product that can retrieve decryption keys for BitLocker, PGP and open source favourite TrueCrypt as long as the encrypted volumes were not securely demounted.» Läs mer

  166. Elcomsoft’s Forensic Decryption Software Moves the Needle for Practical Cryptography SiliconANGLE 24/12/2012

    «Cryptography is the go-to defense for cybersecurity, it’s essentially the strongbox of the computing era—and just like a strongbox it’s not designed to keep the contents perfectly safe from all perpetrators, it’s designed to resist their attempts to get at it. It’s still possible for the Hole In The Wall gang to derail your train, make off with your payroll safe, and blow it open with TNT. However, given that technology to defeat locks advances with technology to make better locks, we can expect more subtle forms of extracting encrypted contents than TNT (brute force.) News is that Elcomsoft just released a Forensic Disk Decryptor running at about $299. According to the press, this software can beat protected volumes generated by popular crypography apps such as BitLocker, PGP and TrueCrypt» Läs mer

  167. BitLocker, PGP, TrueCrypt cracked real-time with $299 tool VR-Zone 21/12/2012

    «A Russian security firm has announced that their forensic disk decryptor software package can now access any information on disks that have been encrypted with industry standard programs. The program cost $299 and will work against BitLocker, PGP, and TrueCrypt; but even worse it can do it in real-time.» Läs mer

  168. $300 tool can decrypt PGP, TrueCrypt files without a password geek.com 21/12/2012

    «Russian company ElcomSoft today threw their grey hat firmly into the top-secret ring of internationally important security companies. Though the actual innovation is quite simple, the company today announced a $500 piece of hardware that could change the face of electronic security for some time to come.» Läs mer

  169. Still putting your crypto-protected PC in hibernate? $300 app can hack it ArsTechnika 21/12/2012

    «Cracking PGP, TrueCrypt, and other strong encryption packages just got more affordable, with the release of a $300 package that can pluck decryption keys out of computer memory in certain cases.» Läs mer

  170. Commercial tool nabs BitLocker, Truecrypt passwords SC Magazine AU 21/12/2012

    «A Russian forensics outfit has launched a tool to pluck passwords used in Microsoft BitLocker, Symantec PGP whole disk encryption and TrueCrypt. Decryption keys were extracted from the software when encrypted volumes were mounted, including when the Windows machines were powered off.» Läs mer

  171. World’s Most Used Encryption Technologies, Cracked in No Time with $299 Forensics Tool HOTforSecurity 21/12/2012

    «With more and more sensitive data on mobile devices, software encryption has witnessed quite a boom in recent years. Backed by independent developers (such as TrueCrypt) or built into the operating system directly (BitLocker), software encryption managed to keep data away from prying eyes. Until now. Russian data recovery specialist Elcomsoft, announced immediate availability for their Elcomsoft Forensic Disk Decryptor, software that can unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. While these data containers are virtually unbreakable without the password used at encryption time, they can be easily decrypted using an unconventional approach: retrieving the key from the system memory.» Läs mer

  172. WARNING: Losing your privacy: one security utility at a time ... Your encrypted disk may not be safe anymore! One Citizen Speaking... 21/12/2012

    «Elcomsoft, a Russian company has now provided the world with a new utility to allow the examination of encrypted disks protected with BitLocker, PGP and TrueCrypt. For those who do not remember, Elcomsoft was the first company charged by the United States Government with violating the Digital Millennium Copyright Act for publishing the workarounds to crack Adobe’s pathetic PDF security. The presenter, Dmitry Sklyarov, was arrested by the U.S. authorities and held without bail – causing a major uprising in the tech community. (Full disclosure: I was involved in the case and presented live code examples to the FBI that there was a legitimate and fair use case to be made for Elcomsoft’s products under the DMCA.) And I was just as outraged over the jailing of Dimity as the rest of the tech community. To allow Adobe to continue the fiction that their products were safe and secure for use in the financial industry was a breach of faith and trust.» Läs mer

  173. PGP, TrueCrypt-encrypted files CRACKED by £300 tool TheRegister 20/12/2012

    «ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data. Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods and forensic specialists. PGP and TrueCrypt set the industry standard for whole-disk or partition encryption.» Läs mer

  174. This $299 tool is reportedly capable of decrypting BitLocker, PGP, and TrueCrypt disks in real-time TheNextWeb 20/12/2012

    «Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008. The price tag isn’t outrageous, but EFDD will still set you back a solid $299.» Läs mer

  175. Forensic Tool Cracks BitLocker, PGP, TrueCrypt Containers InformationWeek Security 20/12/2012

    «The software from ElcomSoft -- a Russian provider of encryption-cracking software and other digital forensic tools -- accomplishes the feat not by cracking the containers themselves, but rather by exploiting the fact that once the containers are accessed, the decryption passwords get stored in computer memory. The software is designed to be used by digital forensic investigators -- for example, when investigating suspected insider theft incidents.» Läs mer

  176. Forensic access to encrypted BitLocker, PGP and TrueCrypt containers Help Net Security 20/12/2012

    «The complete decryption mode provides full, unrestricted forensic access to all information stored on encrypted volumes. Alternatively, by mounting encrypted containers as drive letters, investigators gain immediate, real-time access to protected volumes. In real-time mode, information read from encrypted containers is decrypted on-the-fly. The software offers true zero-footprint operation with no alterations or modifications to original content ever.» Läs mer

  177. New tool targets BitLocker, TrueCrypt full disk encryption FierceCIO 20/12/2012

    «Russian digital forensics firm ElcomSoft has unveiled a new Forensic Disk Decryptor software that it says can make it possible to decrypt encrypted file volumes protected by tools such as BitLocker, PGP and TrueCrypt. [...] ElcomSoft has a long track record of successfully crafting attacks against security mechanisms such as the image verification system for Nikon and Canon cameras, the on-board encryption employed by the iPhone 3GS and even the encryption used by the BlackBerry Desktop Software to protect data backups.» Läs mer

  178. Popular disk encryption systems cracked Simon Edwards 20/12/2012

    «If you want your laptop's data to remain secure, even when stolen, one excellent solution is to encrypt the hard disk's partitions or even the whole disk. Popular options include Microsoft's BitLocker, Symantec's PGP Whole Disk Encryption and the open source TrueCrypt software. Elcomsoft has just announced that all of these encryption systems can be cracked by its new product, Elcomsoft Forensic Disk Decryptor.» Läs mer

  179. Deeply Flawed Apple-Owned Fingerprint Reader Software a Tough Fix Threatpost 11/10/2012

    «Caudill and fellow researcher Brandon Wilson recreated work done by Russian security company ElcomSoft, which specializes in password recovery solutions. Both were able to extract Windows passwords from the popular fingerprint reader, technology that was acquired by Apple earlier this year.» Läs mer

  180. Apple subsidiary still not patching ‘security’ software that leaves Dell, Samsung, Lenovo PCs vulnerable (updated) VentureBeat 10/10/2012

    «Almost three months ago, Apple bought AuthenTec, a security company that builds sensors for PCs and phones to verify users and protect communications. One of the company’s products was Protector Suite, a secure way to log into Windows machines with your fingerprint. The only problem? The software stores inadequately encrypted passwords in the Windows Registry. In fact, according to ElemSoft, the passwords were almost in plain text. To put it bluntly, this “security solution” actually made PCs more vulnerable.» Läs mer

  181. Microsoft Office 2013's enhanced protection scheme cracked ahead of official launch Networkworld / Microsoft Insights 03/10/2012

    «Russian corporate security and IT audit firm ElcomSoft claims to have developed tools with the ability to recover plain-text passwords used to encrypt documents in Microsoft Office 2013. In addition to a host of improvements and other changes, Microsoft beefed up the encryption scheme used to secure users’ data in Office 2013. With Office 2010, Microsoft used an SHA-1 class algorithm with a 128-bit key to encrypt plain-text password-protected documents. With Office 2013, though, Microsoft has moved to a technically more secure SHA-2 class SHA512 algorithm to calculate the hash values for the encryption keys, but it appears even that wasn’t enough. ElcomSoft, a privately owned company headquartered in Moscow, has announced that it has already developed tools to crack Microsoft’s latest protection schemes. Shocking, I know.» Läs mer

  182. Office 2013 encryption cracked Simon Edwards Blog 26/09/2012

    «According to Elcomsoft's researchers, Microsoft has done a great job beefing up the encryption of its Office documents. This has forced those who want to break it to move from brute forcing techniques to more advanced methods.» Läs mer

  183. Elcomsoft, UPEK & more Security Nirvana 15/09/2012

    «Elcomsoft has announced that certain versions of fingerprint software named Protector Suite made by UPEK (now part of Authentec) stores your Windows password in a 'scrambled' format in registry. This allows an attacker through different entry points to get easy access to a users Windows password. I have no reason not to believe Elcomsoft in their claims, but UPEK/Autentec seriously disagrees. In the middle of this I happen to have some questions, and an opinion regarding biometric software today.» Läs mer

  184. Hacking Your Fingerprint: ElcomSoft Finds Security Holes in Biometric Readers Bright Side Of News* 13/09/2012

    «When purchasing notebooks for the enterprise, one of most common requirements is that they have a fingerprint reader, since biometric is considered safe. However, while it may be hard to fake your footprints - a gaping hole was found in the software suite which can expose all of your saved passwords.» Läs mer

  185. Plenty for crypto fans at 44Con SC Magazine UK 12/09/2012

    «Field Programmable Gate Arrays (FPGAs) allow cost-effective and highly tailored hardware acceleration for a wide range of computing problems and are a very economical solution to the processing needs of modern password cracking.» Läs mer

  186. iPhone Security Unbreakable? Security Gurus Disagree InformationWeek 23/08/2012

    «Earlier this year, for example, researchers from Moscow-based digital forensic toolmaker Elcomsoft analyzed 13 Apple iOS password managers--a.k.a. password keepers, wallets, and safes--to see if they securely stored passwords. Elcomsoft's interest was more than academic, since the company has long sold tools used by law enforcement agencies to crack iPhone data security. It wanted to know if password safes might provide a further hurdle to forensic investigators.» Läs mer

  187. ElcomSoft and Pico Computing Demonstrate World’s Fastest Password Cracking Solution VR-Zone 18/07/2012

    «There's no secret that graphics cards such as NVIDIA GeForce, Tesla as well as AMD Radeon are being used by security agencies worldwide. Their goal is to crack the passwords of suspects as much as 10-20x faster than the most expensive Intel processor is able to do. Today, another company is claiming its stake in lucrative security business.» Läs mer

  188. ElcomSoft and Pico Computing Demonstrate Password Cracking Solution DFINews 18/07/2012

    «ElcomSoft Co. Ltd. has released password cracking solutions supporting Pico’s range of high-end hardware acceleration platforms. ElcomSoft has updated its range of password recovery tools, employing Pico FPGA-based hardware to greatly accelerate the recovery of passwords.» Läs mer

  189. ElcomSoft, Pico Computing show world's fastest password-cracking solution Homeland Security News Wire 18/07/2012

    «Pico Computing manufactures a range of high-end hardware acceleration platforms, offering a computational equivalent of more than 2,000 dual-core processors in a single 4U chassis; ElcomSoft updates its range of password recovery tools, employing Pico Field Programmable Gate Array (FPGA)-based hardware to accelerate the recovery of passwords» Läs mer

  190. Elcomsoft iOS Forensic Tookit review Macworld 06/07/2012

    «Extract all data, passcodes and keychains from a locked iPad, iPhone, or iPod touch with professional-grade security software. Forensics extraction is the process of getting into a computer device (in this case an iOS device) and extracting all the data from it. And Elcomsoft's iOS Forensics Toolkit is an incredibly powerful piece of kit that enables you to hack into, and extract pretty much everything on an iPhone (passcodes, keys, files, messages, audio recordings, and so on).» Läs mer

  191. Forensic tool discovers iCloud backup IDM 21/05/2012

    «ElcomSoft has updated its Phone Password Breaker tool with the ability to retrieve user content from password-protected backups created by Apple iOS devices and BlackBerry smartphones, as well as the ability to retrieve iPhones’ user data from iCloud.» Läs mer

  192. Beware of iCloud! Snooping software lets police read everything on your iPhone in real-time without you ever knowing Daily Mail 18/05/2012

    «Police - or anyone with a piece of spying software - can track everything you do on your iPhone without needing physical access to your phone. The software, called Phone Password Breaker, can download all of the data from Apple's iCloud service - which backs up all of your pictures, text messages, emails, calendar appointments, call logs, website you have visited, and contacts. As iPhones sync nearly instantaneously with iCloud, anyone who is listening will have near-instantaneous access to your phone - without the owner noticing a thing.» Läs mer

  193. Forensic Tool Grabs iPhone, iPad Data Remotely InformationWeek 18/05/2012

    «Digital forensic investigators have a new technique for recovering the data stored on an iPhone or iPad: ElcomSoft has updated its Phone Password Breaker cracking tool to automatically retrieve iOS device backups from the Apple iCloud.» Läs mer

  194. New Forensics Tool Can Slurp A Phone’s Data Via The Cloud Gizmodo Australia 17/05/2012

    «The police don’t even need to touch your phone anymore to know how you’ve been using it. A new off-the-shelf forensics tool lets cops retrieve all the data they want from your iPhone by accessing its contents through iCloud.» Läs mer

  195. ElcomSoft's iOS Forensic Toolkit cracks iCloud backups Tab Times 17/05/2012

    «A Russian company called ElcomSoft says it’s figured out a way to access a user’s online backups stored in Apple’s iCloud service.» Läs mer

  196. Mobile password managers: Cracking the security mechanisms Michael Kassner (TechRepublic) 26/03/2012

    «Password managers for mobile devices are convenient. But are the cached passwords sufficiently protected? Michael Kassner asks two experts to explain the vulnerabilities.» Läs mer

  197. ElcomSoft: Smartphone Password Managers Not Secure SecurityWatch, Neil J. Rubenking 16/03/2012

    «If a disgruntled employee leaves company resources password-locked, ElcomSoft probably has a solution. With over 20 years of experience, the company "provides tools, training, and consulting services to law enforcement, forensics, financial and intelligence agencies." ElcomSoft researchers recently evaluated security in 17 password managers for iPhone and BlackBerry. Their conclusion? There isn't any.» Läs mer

  198. Elcomsoft Criticism of iOS Password Apps Overblown TidBITS 16/03/2012

    «Major password-keeping apps for iOS use encryption techniques that, depending on the strength of the master password, can be easily overcome in under a day, revealing all of the ostensibly secured passwords, security firm Elcomsoft said in a security conference presentation in the Netherlands.» Läs mer

  199. ElcomSoft's Password Manager Shakedown ZETETIC 16/03/2012

    «The results are shocking: of the 17 password management programs analyzed, they showed that most of the products, including many of today's most popular password managers» Läs mer

  200. The contradictions of password psychology InfoSecurity 22/02/2012

    «A new survey on attitudes towards passwords indicates an apparent contradiction: most people want stricter password security policies, but don’t bother changing their own default passwords.» Läs mer

  201. Crack Passwords to Wireless Networks, iPhones, and PCs Faster with New Recovery Tool SecurityWeek News 08/07/2010

    «Moscow based ElcomSoft, developer of the software, announced a 20-fold gain in recovery speed compared to Intel current top of the line quad-core CPUs by using NVIDIA's newest high-end video accelerators for its password recovery tools.» Läs mer