7 September, 2017Forensic Implications of iOS 11 Security Measures
iOS 11 implements a number of new security measures, some of which are not advertised and not widely known to the forensic crowd. We researched the new OS and discovered a number of things carrying important forensic implications for our users. The new release complicates logical acquisition, removes notifications from backups, yet leaves existing pairing records untouched.
24 August, 2017iOS 9.3.5 Physical Acquisition Made Possible with Phoenix Jailbreak
iOS Forensic Toolkit enables physical acquisition support for 32-bit iOS devices running iOS 9.3.5, the last version of iOS 9. Thanks to the recently released Phoenix jailbreak, the Toolkit can now perform physical acquisition of iPhone 4s, 5/5c, iPad 2/3/4, iPad mini, and iPod 5g running the last version of iOS 9.
22 August, 2017Elcomsoft Phone Breaker 7.0 Extracts Passwords from iCloud Keychain
Elcomsoft Phone Breaker 7.0 is a major release adding the ability to extracts saved passwords, payment data and other sensitive information from Apple’s secure online storage, the iCloud Keychain. The new release can extract and decrypt iCloud Keychain records; Apple ID authentication credentials and access to a trusted device are required.
10 August, 2017Elcomsoft Distributed Password Recovery 3.40 Adds Support for Popular Password Managers
Elcomsoft Distributed Password Recovery 3.40 adds support for some of the most popular password managers including 1Password, KeePass, LastPass and Dashlane, enabling customers to attack master passwords protecting users’ stored passwords. Attacking and recovering a single master password can potentially give access to dozens, if not hundreds passwords to a wide range of resources that are kept in the encrypted database.
1 August, 2017Elcomsoft Distributed Password Recovery Adds Support for Amazon P2 Instances
Elcomsoft Distributed Password Recovery now support Amazon’s new P2 instances with up to 16 GPU units. The new instances are powered by NVIDIA Tesla K80 GPU units, delivering unmatched performance and best-in-class price-performance ratio for cloud computing. Elcomsoft Distributed Password Recovery dynamically scales to up to 10,000 mixed instances (local, remote and cloud) to deliver truly unmatched recovery speeds.
20 July, 2017Elcomsoft Explorer for WhatsApp Extracts iPhone WhatsApp Backups from iCloud
Elcomsoft Explorer for WhatsApp 2.10 adds the ability to extract and decrypt WhatsApp stand-alone backups created in iCloud Drive. The tool can obtain a WhatsApp encryption key by registering itself as a new device. Access to user’s iCloud authentication credentials and their verified phone number is required to generate the encryption key.
13 July, 2017iOS Forensic Toolkit 2.30 Adds Support for iPhone 4s, 5, 5c with iOS 9.1-9.3.4
iOS Forensic Toolkit 2.30 is updated to support the new “Home Depot” jailbreak, enabling full physical acquisition of 32-bit iPhones and iPads running iOS 9.1-9.3.4. This will enable ElcomSoft’s law enforcement and forensic customers to go through the backlog of legacy devices, taking care of evidence that might be available in these previously inaccessible devices.
11 July, 2017Elcomsoft Phone Breaker 6.61 Fixes iCloud Authentication Issue
Elcomsoft Phone Breaker 6.61 is a maintenance release that fixes the recent iCloud authentication issue when using cached credentials or authentication tokens. Since the beginning of June, Apple has once again altered lifespan of authentication tokens, making them short-lived for the purpose of accessing cloud backups. EPB 6.61 can now correctly identify the issue and prompt the user for re-authentication.
22 June, 2017Elcomsoft Phone Breaker 6.60 Offers Over-the-Air Windows 10 Acquisition
Elcomsoft Phone Breaker 6.60 targets Microsoft Windows 10 in its desktop and Mobile editions. The new build can extract Web browsing history, call logs, location history as well as all previously available data such as text messages (SMS) directly from the user’s Microsoft Account. Elcomsoft Phone Viewer is also updated to display the new types of data.
15 June, 2017Elcomsoft Cloud Explorer 1.31 Features New Authentication Engine, Makes Use of Authentication Tokens
Elcomsoft Cloud Explorer 1.31 makes a number of important changes under the hood. The new authentication engine becomes significantly more future-proof by making use of phone-specific protocols as opposed to extracting information via browser-based services. In addition, the new release caches token-based authentication credentials with full 2FA support, and fixes the issue of failing SMS downloads for the latest Android O Preview running on Google Pixel devices.