Articles about Us

  1. Apple Continues Storing Notes Long After Deletion Channelnews 22/05/2017

    «A Russian security firm has found that notes deleted on iPhone, iPad and Mac devices can remain stored in the cloud for years. ElcomSoft was able to use its own software to extract deleted notes synced to a user’s iCloud account dating back to 2015, significantly beyond the 30-day period that Apple claims to retain notes in the ‘Recently Deleted’ folder before being “permanently deleted“.» Read more

  2. Deleted iPhone Notes Remain Stored In iCloud Even After 30 Days UBERGIZMO 21/05/2017

    «Elcomsoft, a software company based in Russia, has found that iPhone notes written and stored in the handset’s Notes app and synced to iCloud remain stored even when they’ve been deleted by the user. The company says that the notes remain in storage also after the 30-day expiration period of the “Recently Deleted” category ends.» Read more

  3. Apple doesn't always expunge deleted notes older than 30 days Engadget 20/05/2017

    «The iCloud Notes you delete are supposed to be permanently wiped within 30 days. Gone forever, never to be seen again. Russian security firm ElcomSoft has discovered, however, that Apple has been keeping deleted notes in the cloud for far longer. Its security researchers were able to retrieve notes that should've vanished weeks and months ago. In some cases, they were even able to recover notes from way back in 2015.» Read more

  4. Apple’s iCloud notes still recoverable even after its 30-day deletion window: Elcomsoft The Tech Portal 20/05/2017

    «Apple’s cloud storage practices have been called into question once again — that too from the same Russian security firm called Elcomsoft who’s earlier identified gaping holes in its iCloud service. The latest discovery detailed by them in an official blog post states that Apple has been storing deleted notes on the cloud for far longer than required. The deleted notes are stored in the ‘Recently Deleted’ folder for 30 days before being permanently removed from the cloud. Not really!» Read more

  5. iCloud Notes recovered well beyond Apple’s 30-day deletion window SlashGear 20/05/2017

    «Like many of Apple‘s apps and services, the Notes app can be synced to iCloud to make the information available on a number of devices. When a user chooses to delete a note, they can recover it within 30 days, but after that Apple states the data is wiped. However, security firm ElcomSoft has discovered that it’s able to recover notes well beyond this 30-day window.» Read more

  6. Security firm recovers iCloud Notes beyond Apple's 30-day deletion window AppleInsider 19/05/2017

    «Using a new version of its Phone Breaker tool, Russia's Elcomsoft said it was able to retrieve notes dating weeks, months, or years beyond Apple's 30-day window. In extreme cases, notes were retrieved from as far back as 2015.» Read more

  7. ElcomSoft Claims It's Able to Recover Deleted iCloud Notes Well Past Apple's 30-Day Window MacRumors 19/05/2017

    «Russian software company ElcomSoft today claimed in a blog post that iCloud notes marked as deleted are being stored on Apple's servers well past the advertised 30-day period they are kept in the "Recently Deleted" folder.» Read more

  8. Data Forensics Company Recovers Notes Data Apple Claims is Deleted TheMacObserver 19/05/2017

    «Files deleted from Apple’s Notes app shouldn’t be recoverable after 30 days, but the security and data forensics company Elcomsoft found they could access records that were deleted months—or even more than a year—ago. That sounds pretty bad, but recovering those files requires some pretty specific elements, including knowing your iCloud login and password.» Read more

  9. Apple's iCloud Keeps Forgetting To Delete Users' Synced Data Tom's Hardware 19/05/2017

    «Users’ deleted notes should completely disappear from Apple’s servers after 30 days. However, ElcomSoft, a Russian company developing computer and mobile forensic tools, discovered that the deleted notes could still be extracted from Apple’s servers after the 30 days had passed, even though they were no longer visible to the users.» Read more

  10. Explained: Apple iCloud kept 'deleted' browser histories for over a year The Register 10/02/2017

    «On Thursday, Russian computer forensics software biz Elcomsoft said that its forensic software was able to recover Safari browser history records that had been stored in iCloud and erased, including the date the URLs were last visited and when the deletion occurred.» Read more

  11. iCloud Was Storing Deleted Safari Browser History for Months, but Apple Fixed the Issue MacRumors 09/02/2017

    «iCloud was caught storing deleted browser history by software company Elcomsoft, which develops cracking tools for extracting protected data from iOS devices. Speaking to Forbes, Elcomsoft CEO Vladimir Katalov explained that the company had been able to retrieve "deleted" browser history dating back more than a year.» Read more

  12. Apple iCloud Hoards 'Deleted' Browser History Going Back More Than A Year Forbes 09/02/2017

    «Elcomsoft chief Vladimir Katalov told FORBES the iPhone maker kept a separate iCloud record, titled "tombstone," in which deleted web visits were stored, ostensibly for syncing across devices. Katalov told me he came across the issue "by accident" when he was looking through the Safari history on his own iPhone. When he took Elcomsoft's Phone Breaker software to extract data from the linked iCloud account, he found "deleted" records going back a year. (Apple calls them "cleared" in Safari, not "deleted").» Read more


    «Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled — but the data gets uploaded in many instances without user choice or notification.» Read more

  14. Apple Keeps Constant Log Of iPhone Calls In iCloud, Warns Cop Contractor Forbes 17/11/2016

    «Apple has a hidden feature for you in its iPhones: call logs going back as far as four months are stored in near real-time in the iCloud. That’s the warning today from a Russian provider of iPhone hacking tools, Elcomsoft, which claimed the feature was automatic and there was no way to turn it off bar shutting down iCloud Drive altogether.» Read more

  15. iPhone call history can be extracted from an iCloud account the Inquirer 17/11/2016

    «APPLE USERS are having their call records stored in the company’s iCloud servers in a way that can be extracted by third parties. Russian software house ElcomSoft has revealed that it has found a way to extract the data in near real time, for anyone targeting a phone with iOS 9 or above. The company has released an app called ElcomSoft Phone Breaker 6.20, capable of performing its nefarious mischief even on a locked, PIN-protected phone.» Read more

  16. Hackers Strike It Big On Security Vulnerabilities PYMNTS 30/09/2016

    «According to Elcomsoft, iOS 10 is highly susceptible to a “brute force attack,” where hackers automatically try a continuous number of password combinations until they unlock the right one. This vulnerability may provide an opportunity for hackers to steal credit card data, infiltrate backups and access Apple’s Keychain password manager, where passwords and other authentication data is stored.» Read more

  17. Apple iOS 10 Latest News & Update: Security Systems for Backup Issues Can Be Breached Easily? GameNGuide 29/09/2016

    «The malfunctioning Apple iOS 10 intsalment was lately discovered by the Russian company Elcomsoft. They have sighted the problem because they have been also updating their mobile breaker tool for the iPhone. Elcomsoft recently noticed that the backups accessibility creates a new "password verification mechanism" that jumps important security measures that should disable unauthorized person to go into the system.» Read more

  18. iOS 10 Jailbreak rumors: Latest iPhone update compromises saved backups YIBADA 28/09/2016

    «According to Elcomsoft’s official blog, a major security flaw was discovered tied up to the iOS 10 backup protection mechanism. Using the Elcomsoft Phone Breaker, they were able to bypass certain security checks and noted that they were 2,500 times weaker. Read more:» Read more

  19. ElcomSoft updates Phone Breaker, provides faster ability to unlock iOS 10 devices GSN 27/09/2016

    «ElcomSoft Co. Ltd. updates Elcomsoft Phone Breaker 6.10, the company's mobile acquisition tool, providing forensic specialists the ability to unlock iOS 10 backups significantly faster compared to iOS 9. The new discovery in iOS 10 backups potentially allows recovery speeds thousands of times faster compared to password-protected iOS 9 backups.» Read more

  20. iOS 10 Security Flaw Leaves iPhone Backups Vulnerable to Hackers CIO TODAY 27/09/2016

    «The latest version of Apple's mobile operating system, iOS 10, features a "major security flaw" that makes it easier for hackers to crack passwords through local iTunes backups, according to the Moscow-based digital forensics and password recovery firm ElcomSoft.» Read more

  21. There's a Pretty Serious Security Flaw in iOS 10's Back-Ups Gizmodo 26/09/2016

    «Russian firm Elcomsoft discovered that local back-ups made after updating to iOS 10 use a new password security mechanism that skips a few important security checks. The exploit was discovered by the firm as it worked on updating its iPhone cracking tools to deal with iOS 10.» Read more

  22. It’s easier to crack iTunes backups with iOS 10 security flaw The Technews 26/09/2016

    «Elcomsoft, a Russian software company first discovered the flaw while working to update its iPhone breaker tool. They found that after upgrading to iOS 10, the backup saved before, uses a different password verification mechanism that skips certain security checks.» Read more

  23. Apple iOS 10 security flaws exposed; iOS 10 jailbreak taking time due to kernel modification issues The International Business Times 26/09/2016

    «Elcomsoft, an independent digital forensics company, has stated that the iOS 10 security feature is easier to exploit than its predecessor. Therefore, Apple fans are expecting an iOS 10 jailbreak soon. Elcomsoft’s digital forensics specialists have been able to bypass some security checks on iOS 10.» Read more

  24. iOS 10 has a terrible security flaw you need to know about Alphr 26/09/2016

    «According to Forbes, Russian iPhone hacking firm Elcomsoft has discovered a vulnerability in iOS 10. Elcomsoft found that, once a user has updated to iOS 10, any backups they perform on their phone makes use of a new “password verification mechanism” that skips a whole load of vital security checks.» Read more

  25. Security researchers discover ‘severe’ flaw in iOS 10’s iTunes backups, Apple promises to release fix soon The Tech Portal 26/09/2016

    «Apple has just recently debuted its greatest software release, the iOS 10, but researchers have already discovered a major security flaw in its iTunes backup protection mechanism. And while the Cupertino giant boasts about the security of its devices, this loophole leaves the backup data on the operating system vulnerable to password-cracking tools, reports iOS forensics company Elcomsoft.» Read more

  26. Apple to crunch iOS 10 local backup password brute force hole The Register 26/09/2016

    «Elcomsoft researcher Oleg Afonin says the flaws mean cracking efforts against iOS 10 backups are 2500 times faster compared to similar efforts against iOS 9. If successful, the attack will grant access to device keychains.» Read more

  27. Hackers Can More Easily Steal Your Passwords With Apple's iOS 10 Fortune 26/09/2016

    «The software includes a new way to encrypt iPhone backups created through iTunes that gives hackers a far greater chance of obtaining a target’s passwords than the previous version of iOS, Russian password-retrieval company Elcomsoft said on Friday» Read more

  28. New iOS 10 security flaw makes it easier to crack iPhone backups The Verge 25/09/2016

    «Elcomsoft, a Russian firm that has created tools to break into iPhones, discovered the vulnerability as it worked to update its phone breaker tool. It found that backups saved after a user updates to iOS 10 uses a new "password verification mechanism" that skips several security checks, according to a blog post.» Read more

  29. iOS 10 was not great for Apple’s backup security, experts say Read more: Follow us: @digitaltrends on Twitter | digitaltrendsftw on Facebook Digital Trends 25/09/2016

    «In love with the new iOS 10? If you’re a hacker, you probably are. That’s because the newest operating system allegedly makes it “considerably easier” to hack iTunes logins for backup passwords stored on a Mac or PC. According to software company (and iPhone expert) Elcomsoft, the backup method used in iOS 10 “skips certain security checks,” which allowed professional hackers to test backup passwords “approximately 2500 times faster” when compared to iOS 9 and previous generations.» Read more

  30. Apple promises fix for iOS 10’s iTunes backup security flaw SlashGear 25/09/2016

    «Security forensics company Elcomsoft revealed last week that encrypted iOS backups created in iTunes have been made far less secure with the recent release of iOS 10. While an unintentional flaw, the new password protected backups offer an “alternative password verification mechanism” that allows them to fall victim to brute force hacks much more quickly and easily than with previous iOS versions. Fortunately Apple acknowledged the issue, and says a fix is on the way with “an upcoming security update.”» Read more

  31. iOS 10 iTunes Backup Found To Be Less Secure Than iOS 9 Übergizmo 25/09/2016

    «Thankfully for the most part, developers have made backups relatively secure, but unfortunately it seems that with iOS 10, Apple has actually made backups less secure than with iOS 9. This is according to reports from security researchers at Elcomsoft and also Per Thorsheim (via PhoneArena), a security adviser at God Praksis AS.» Read more

  32. Apple Promises To Fix A Severe iOS 10 Security Flaw With iPhone Backups The Inquisitr 25/09/2016

    «Apple iPhone is secure. However, an iOS 10 security flaw can compromise it. Elcomsoft, a Russian forensics research firm, has discovered a dangerous loophole in iOS 10 which can allow hackers to crack the otherwise password-protected iPhone backups 40 times faster than before. These backups contain your passwords and other authentication data related to your phone as well as the apps. Apple spokeswoman confirmed to Forbes that the iPhone maker acknowledges the issue and is working on a fix.» Read more

  33. Apple iOS 10 security flaw makes it easier for hackers to access your data The Daily Dot 24/09/2016

    «Developers at Elcomsoft—a Russian company that builds tools to help police access people's devices—uncovered changes to the way Apple protects backup data stored on your computer through iTunes.» Read more

  34. iOS 10 security flaw allows hackers to crack passwords 2,500 times faster, Russian firm Elcomsoft says IBTimes 24/09/2016

    «Elcomsoft researchers discovered that when iOS 10 backups that are saved to a PC or Mac via iTunes, password-cracking tools can be used to conduct brute-force attacks at the alarming rate of 6,000,000 per second. Additionally, the researchers said that if hackers are successful in cracking the password, they would then be able to "decrypt the entire content of the backup including the keychain".» Read more

  35. Forensics firm says backups easier to crack in iOS 10, Apple promises fix AppleInsider 24/09/2016

    «With iOS 10, it's possible to brute-force a backup password 40 times faster using CPU acceleration when compared with GPU-powered cracking of iOS 9, Elcomsoft explained in a blog post quoted by Forbes. Applying the same Intel Core i5 CPU in both cases, iOS 10 is 2,500 times faster to break.» Read more

  36. Apple acknowledges iOS 10 security flaw that makes it easier to access protected iTunes backups 9to5 24/09/2016

    «A new discovery by iOS forensics company Elcomsoft has revealed that encrypted iOS backups via iTunes are much easier to crack with iOS 10 than in past years. The change in security is apparently due to a new password verification method in iOS 10.» Read more

  37. Apple to Fix iOS 10 Security Flaw with iTunes Backups TidBITS 24/09/2016

    «Russian security company Elcomsoft has discovered a major security flaw in iOS 10: encrypted iTunes backups made with iOS 10 allow password-cracking tools to make 6 million attempts per second, more than 40 times faster than with backups created with iOS 9. Apple has confirmed that the issue is real and plans to fix it in an upcoming security update.» Read more

  38. iOS 10 Vulnerability Makes Bruteforcing Backup Passwords Up To 2,500 Times Faster (Updated) Tom's Hardware 23/09/2016

    «ElcomSoft, a Russian digital forensics and IT security firm, announced that it found a flaw in iOS 10’s backup password mechanism that allows its password cracking tools to bruteforce a password 2,500 times faster compared to when the old iOS 9 mechanism was being used.» Read more

  39. iOS 10 Found To Lack Security Checks Against Brute-Force Attacks The International Business Times 23/09/2016

    «Apparently, Russian cybersecurity firm Elcomsoft has found out that the iOS 10 is lacking some implementations that could make it safe against hackers. The firm discovered recently that iOS 10 does not come with certain security checks that are present in iOS 9, as per Phone Arena.» Read more

  40. Upgrading to iOS 10 may have made your backups a lot faster to crack Graham Cluley 23/09/2016

    «The silver lining on the cloud is that ElcomSoft's discovery affects the local iTunes backups you might make of your iPhone or iPad. That means that any hacker wanting to exploit the weakness would have to target the computer you have made the backup onto, rather than something more chilling like trying to access the phone itself remotely.» Read more

  41. iOS 10 Has a 'Severe' Security Flaw, Says iPhone-Cracking Company Motherboard 23/09/2016

    «In a blog post published Friday by Elcomsoft, a Russian company that makes software to help law enforcement agencies access data from mobile devices, researcher Oleg Afonin showed that changes in the way local backup files are protected in iOS 10 has left backups dramatically more susceptible to password-cracking attempts than those produced by previous versions of Apple’s operating system.» Read more

  42. iOS 10 backups can be hacked 2,500 times faster than in iOS 9, researchers find Business Insider 23/09/2016

    «Moscow-based ElcomSoft discovered the flaw, which is centered around local password-protected iTunes backups. On iOS 10, these now have a weak secondary security mechanism which "skips certain security checks." This makes it possible to launch a brute-force attack – where different passwords are tested until the correct one is identified – up to 2,500 faster than iOS 9.» Read more

  43. Cracking passwords using Nvidia's latest GTX 1080 GPU (it's fast) TechSpot 19/08/2016

    «Nvidia recently released their new GeForce GTX 1080 graphics card based on the new Pascal architecture. Elcomsoft Distributed Password Recovery 3.20 added support for the new architecture. What does it mean for us?» Read more


    «Elcomsoft has updated Cloud Explorer to version 1.10. This new release adds the ability to download email messages from the user’s Gmail account for offline analysis. In order to do that, they had to develop a highly specialized email client. They opted to use Google’s proprietary Gmail API to download mail. In this article, they’ll explain their decision and detail the benefits you’ll be getting by choosing a tool that can talk to Gmail in Gmail language.» Read more

  45. Elcomsoft Password Recovery für Macs und Amazon-Coud WindowsPro 28/07/2016

    «Die aktuelle Ausgabe weist verbesserte Funktionen für Mac OS X auf. So entschlüsselt die neue Version Passwörter von OS X-Benutzer­konten, DMG-Images und FileVault 2-Volumes. Dabei zielt die Software auf das Klartext-Passwort ab, das Mac-OS-Benutzerkonten zur Verschlüsselung der Volumes einsetzen.» Read more

  46. Nexus Phones: 5 Things to Consider Before Buying The Cheat Sheet 26/06/2016

    «That out-of-the-box encryption caught Android up with Apple’s iOS — even though as Elcomsoft’s Oleg Afonin reports, activating full-disk encryption on an Android phone often results in slower performance and lower battery life, which may be one reason why few Android users turn the feature on when it’s optional, and the majority of the users who do have encryption turned on are Nexus users.» Read more

  47. Android And iPhone Do-It-Yourself Hacking Kits For Security Experts And Wannabes Forbes 04/04/2016

    «The Elcomsoft Mobile Forensic Bundle is a kit for corporate customers as well as law enforcement and government agencies to break smart phone passwords, decrypt data, and view information stored on mobile devices. Elcomsoft, based in Moscow, Russia, offers an iOS Forensic toolkit for iPhones and other Apple AAPL +0.99% products that run iOS.» Read more

  48. How to bypass an iPad or iPhone passcode: Forgot your passcode? Here's how to 'hack' your way past iOS password security Macworld 31/03/2016

    «Forget the finger tricks you'll see in YouTube videos. It is possible to hack the iPad passcode, but you need serious software to do so. This is known as forensics software because law enforcement agencies use them when analysing a mobile phone. We tested Elcomsoft iOS Forensic Toolkit and found it a reliable means of cracking an iPad's passcode. The software is not available to the general public and you will need to apply for a license (and show your credentials).» Read more

  49. Here's how to get what Google knows about you DNA 28/03/2016

    «The information stored by Google about you is kept in different places and usually requires visiting multiple websites or applications to collect. Tools have been created to be able to extract this information with reduced effort and increased speed. One such tool is Elcomsoft Cloud eXplorer.» Read more

  50. How to hack an iPhone password security and iPad’s Lock in just few steps HackersNewsBulletin 27/03/2016

    «Forensic software are used by law enforcement agencies to get through the passcodes if they need to look into a suspected iPhone or iPad. You can use the same to hack and get your iPhone or iPad back. However, you need to be comfortable with the Command Line in Terminal.[...] Elcomsoft was tested by us and it was found to be very reliable but it is not available for general public so you need to buy the license and may need to proof that you are a legitimate entity which will not use it for illegal means.» Read more

  51. Remember, It Was A 'Lawful Access' Tool That Enabled iCloud Hacker To Download Celebrity Nudes techdirt 24/03/2016

    «On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.» Read more

  52. Windows 10, Outlook, Skype and SkyDrive passwords relatively easy hacked with Russian software 21/03/2016

    «The software “System Recovery” from the Russian company Elcomsoft makes it possible to crack Microsoft accounts which provide access to Windows 8(.1) and Windows 10 but also to, OneDrive and Xbox Live. The System Recovery software previously already made it possible to gain access to local Windows accounts. Now the software is is able to cracking Microsoft accounts it is an even more powerful tool. Not only does a cracked password provide access to several Windows operating systems, it also provides access to many online services for which a Microsoft account is required.» Read more

  53. Ex-NSA Hackers Explain -- Why You Do And Don't Want The NSA To Help FBI Crack iPhones Forbes 17/03/2016

    «CEO of Russian iPhone forensics vendor Elcomsoft, Vladmir Katalov, said any exploits would have to retrieve the encryption keys locking up the device, and this would require a zero-day in the iOS bootrom, or as Apple calls it the SecureROM. This contains the first code run by a processor in an iPhone after the power is turned on. If a vulnerability can be found at that low level and the code altered, it would be possible to access protected data.» Read more

  54. Stealing Nude Pics From iCloud Requires Zero Hacking Skills -- Just Some YouTube Guides Forbes 16/03/2016

    «That’s another of the functions of Elcomsoft’s kit, to harvest all data from targets’ iClouds. Elcomsoft CEO Vladmir Katalov told me: “We do not provide the service, just the software… once you supply the Apple ID and password, it shows the list of available iCloud backups and allows [you] to download any of them. It makes a direct connection to Apple datacenters.”» Read more

  55. Obama’s Call for Encryption 'Compromise' Is Hypocritical Motherboard 12/03/2016

    «“The iCloud’s design for ‘warrant friendliness’ is precisely why the security of the system was also weak enough to allow hackers to break into these women’s accounts and steal all of their most private information,” Zdziarski wrote. “The data stored in iCloud is stored in a weaker way that allows Apple to service law enforcement requests, and as direct result of this, hackers not only could get into the same data, but did. And they did it using a pirated copy of a law enforcement tool—Elcomsoft Phone Breaker.”» Read more

  56. How To Hack An iPhone: ‘Decapping’ Process Is Risky And Could Destroy The San Bernadino Shooter’s iPhone Forever IBTimes 04/03/2016

    «Moscow-based ElcomSoft says it has tools that can be used to extract data from an iPhone, but the caveat here is that the tools work only on a "jailbroken" device, having undergone a process that bypasses Apple’s software restrictions. Since the process use software exploits in iOS code, Apple is usually quick to patch the holes.» Read more

  57. Apple Has Already Won. Now It Should Crack the San Bernadino iPhone IEEE Spectrum 22/02/2016

    «Since early 2000, it has been third-party forensic experts and companies—not device manufacturers—who have provided the tools and techniques that law enforcement agencies use to access data stored in mobile devices. Among them are companies such as Access Data, Cellebrite, Compelson, *ElcomSoft*, Final Data, Katana, Logicube, MicroSystemation, Oxygen, Paraben, Radio Tactics, and Susteen. The tools developed by these companies are tested by the National Institute of Justice and approved to provide accurate evidence, admissible in court.» Read more

  58. Elcomsoft Cloud eXplorer Provides Forensic Access to Google Account Data CloudWedge 22/12/2015

    «The IT forensics industry is relied upon to categorize the contents of hard drives for legal proceedings. With popular companies such as Google collecting data on their account holders, having access to all of the data a person has stored within their Google account could potentially help investigators solve a case, come to a settlement or settle some sort of disagreement.» Read more

  59. The Truth About Hack Vulnerability, It Can Happen to Any Mobile of Internet User CDA News 27/10/2015

    «When it comes to hack vulnerability, CEO Vladimir Katalov of Elcomsoft Ltd said, “Basically, you can forget about privacy if you’re using a smartphone or any device.” Elcomsoft is a firm that creates digital forensics software tools for clients like U.S. intelligence agencies, reported CBC News.» Read more

  60. Apple vs. Google: If you get hacked, which account could be bigger trouble? CBC News 26/10/2015

    «If you were to get hacked, would it be worse for the hack to affect your Apple account or your Google account? That depends on a lot of factors. But Vladimir Katalov, CEO of Elcomsoft Ltd., a company that makes digital forensics software tools for customers like U.S. intelligence agencies, says he thinks ultimately, getting your Google account hacked is riskier.» Read more

  61. Three ways to recover from a forgotten Windows password 18/03/2015

    «You've forgotten your Windows password. What now? I’ll show you three different ways to get back into your system: 1. The ‘right’ way 2. A free but dirty hack 3. An elegant but $50 hack.» Read more

  62. Tackling A False Sense of Device Security Infosecurity Magazine 21/01/2015

    «Changing and verifying passwords from a mobile device also puts unsecured data at risk. Until recently, with the two-step iCloud verification, hackers and cyber-criminals could log into your account with stolen or guessed passwords. This access allowed attackers to download a complete back-up of a consumer’s data by using Elcomsoft's Phone Password Breaker.» Read more

  63. Apple Inc. (NASDAQ:AAPL) iCloud Is Not Safe 16/01/2015

    «Internet security has been a hot topic since 2014. Be it be Sony or Apple Inc. (NASDAQ:AAPL), the risk of losing data and consciousness about privacy, everyone cares deeply about keeping their lives private. All old methods of verifications are now replaced with biometric verification.» Read more

  64. Apple Inc. iCloud Security Features Still Not Foolproof Bidness 15/01/2015

    «The bone of contention with Apple’s security features is that it allows hackers and software such as Phone Breaker an in, because the two-step verification process isn’t spread out across all of Apple’s services. The argument against that, is that most users would not want to be inconvenienced by the added security features.» Read more

  65. Hackers can still access your iCloud, even with two-step enabled! PC Tech 18/12/2014

    «If you expect two-step verification to be the ultimate protection against your iCloud, then think again. An update to Elcomsoft’s Phone Breaker software now makes it easier for guys to bypass Apple’s vaunted new two-factor authentication to steal your iCloud stuff.» Read more

  66. Hacking your iCloud files just got easier, even with two-step enabled Engadget 18/12/2014

    «An update to Elcomsoft's Phone Breaker software now makes it easier for good or bad guys to bypass Apple's vaunted new two-factor authentication to steal your iCloud stuff. As before, the hackers would need some information to start with -- either your Apple ID/password plus a two-factor code, or a digital token stolen from, say, your laptop.» Read more

  67. Phone Breaker iCloud-hacking software now supports 2FA, allows access to WhatsApp & iWork files 9TO5MAC 18/12/2014

    «It’s not as scary as it sounds – the software can only be used once the attacker already has an Apple ID and password, together with either a second trusted device or your recovery key. A phishing attack is the most common way to obtain these, so as long as you use strong, unique passwords and don’t click on links in emails claiming to be from Apple, you should be safe. But it does allow users of the software to download either entire iPhone backups or selected data direct from iCloud much more easily than having to go through a compromised device by hand.» Read more

  68. The App That Makes It Incredibly Easy For Hackers To Break Into Your iPhone Just Got Even Scarier Business Insider 18/12/2014

    «Elcomsoft Phone Breaker, the app that some think hackers used to break into Kate Upton's iCloud account in September, just got a massive update that makes it even easier to steal information. The update allows users to break into iCloud accounts that have two-factor authentication enabled, the company announced on Thursday.» Read more

  69. Forensic software gets around Apple's iCloud security features PCWorld 17/12/2014

    «A Russian software company has updated its forensic software to work-around the security features Apple recently added to iCloud and increased what information can be extracted from the cloud storage service.» Read more

  70. Apple passcode-protects iOS 8 devices, but cops can still inhale your iCloud The Register 23/09/2014

    «Improved security features in iOS 8 prevent Apple from unlocking phones – even for law enforcement. But search warrant-holding cops can still get almost everything through iCloud backups, according to ElcomSoft.» Read more

  71. Apple toughens iCloud security after celebrity breach BBC 17/09/2014

    «Several hackers' forums contain discussions about using of pirated copies of Elcomsoft's "forensic" software, which is marketed as a tool for law enforcement agencies to access iCloud content without needing to be in possession of a suspect's iPhone or iPad. ElmcomSoft's Moscow-based owner told the BBC earlier this month that he believed his software had been used in the recent hacks, as it was "the only one able to do that".» Read more

  72. iPwned: How easy is it to mine Apple services, devices for data? ArsTechnica 11/09/2014

    «In the name of security, we did a little testing using family members as guinea pigs. To demonstrate just how much private information on an iPhone can be currently pulled from iCloud and other sources, we enlisted the help of a pair of software tools from Elcomsoft. These tools are essentially professional-level, forensic software used by law enforcement and other organizations to collect data. But to show that an attacker wouldn’t necessarily need that to gain access to phone data, we also used a pair of simpler “hacks,” attacking a family member’s account (again, with permission) by using only an iPhone and iTunes running on a Windows machine.» Read more

  73. How I Hacked My Own iCloud Account, for Just $200 Mashable 05/09/2014

    «For just $200, and a little bit of luck, I was able to successfully crack my own iCloud password and use EPPB to download my entire iCloud backup from my iPhone. For $400, I could have successfully pulled in my iCloud data without a password and with less than 60 seconds of access to a Mac or Windows computer where I was logged into iCloud.» Read more

  74. Can You Trust Apple with Your Data? Tom's Guide 05/09/2014

    «Following the very public leaks of private intimate photos of celebrities, many of whom are also iPhone owners, some security experts say Apple may have made it too easy for thrill-seekers to guess celebrities' usernames and then "restore" backed-up photos to their own iPhones. That's just one reason many people are worried.» Read more

  75. Hackers used police spy tool to steal nude celebrity pictures RT 05/09/2014

    «The major leak of nude celebrity photos last weekend was made possible by software designed to let law enforcement lift data from iPhones with ease. The software is used in tandem with a tool made public recently that can crack Apple iCloud passwords.» Read more

  76. The Russian-made tool that grabs nude selfies from iCloud accounts PC World 04/09/2014

    «There’s a seedy trade in compromising photos stored in Apple iCloud accounts, and it is in part aided by a software program that cleanly collects the data. Some of the nude celebrity photos are believed to have first been circulated on Anon-IB, a definitely not safe-for-work forum. As reported by Wired, the forum is full of offers for iCloud “ripping,” or downloading the entire contents of an account.» Read more

  77. FBI & CIA use the same software as hackers to access iCloud accounts Softonic 04/09/2014

    «The software is called Elcomsoft Phone Password Breaker (EPPB) and is developed by Elcomsoft, a Russian company specializing in computer forensics. As Wired first reported, ElcomSoft's name first popped up on web forum Anon-IB, where hackers claim to have used the EPPB software– which allows you to retrieve iCloud Backups with a user's original credentials– to extract nude photos from other people's iCloud accounts. According to Business Insider, it was this software that was responsible for stealing iCloud data from celebrities like Jennifer Lawrence, Kirsten Dunst, and Kate Upton.» Read more

  78. Apple iCloud security exploit is a concern, experts say BBC News 03/09/2014

    «Technology magazine Wired first reported that software from a Russian firm, ElcomSoft, was being mentioned on a hackers discussion group as a useful tool for infiltrating iCloud accounts. The program, marketed to law enforcement agencies, claims to offer access to iCloud content without the operator needing to be in possession of the iPhone or iPad concerned.» Read more

  79. Apple’s Two Factor Authentication Doesn’t Protect iCloud Backups Or Photo Streams TechCrunch 03/09/2014

    «Once they gain access to an Apple account, some are using the login and password to ‘restore’ an iCloud backup using an application by Elcomsoft called the Phone Password Breaker — exporting data including photos and more to a folder which they can then sift through.» Read more

  80. Is Apple iCloud Safe? 03/09/2014

    «Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.» Read more

  81. Apple two-factor authentication fail leaves iCloud users vulnerable TechTarget 03/09/2014

    «Vladimir Katalov, CEO of Moscow-based ElcomSoft Co. Ltd., agreed that usability is likely the primary concern for Apple's limited two-factor authentication coverage for iCloud. Katalov, who previously detailed the iCloud 2FA limitation, said that in situations where a user loses or breaks a device, they would need to have a separate recovery code stored somewhere to gain access to the iCloud backup, something that may not always be readily available.» Read more

  82. NUDE SELFIE CLOUD PERV menace: Apple 2FA? Sweet FA, more like The Register 03/09/2014

    «Apple's particular shortcomings have been fairly well known in the field of computer forensics, if not the wider IT market, for some time. ElcomSoft security researcher Vladimir Katalov presented research on what portions of iCloud are protected by two-factor authentication at the Hack In The Box security conference last year. His presentation, Modern Computer Forensics,which also covers issues related to Android, BlackBerry backups and Windows Phone 8, can be found here (PDF).» Read more

  83. The Nude Celebrity Photo Leak Was Made Possible By Law Enforcement Software That Anyone Can Get IBT 03/09/2014

    «A law enforcement software tool played a key role in the iCloud hack that saw hundreds of nude celebrity photos released over the weekend, reports Wired. It’s called Elcomsoft Phone Password Breaker. Built by Moscow-based forensics firm Elcomsoft, EPPB is designed to circumvent security on iOS devices so that law enforcement can get data off of bad guys’ phones.» Read more

  84. Meet the police forensic tool pervs used to steal celebrity iCloud nude photos Cult of Mac 02/09/2014

    «Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible. One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.» Read more

  85. The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud Wired 02/09/2014

    «If a hacker can obtain a user’s iCloud username and password with iBrute, he or she can log in to the victim’s account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages.» Read more

  86. Elcomsoft releases new tool to access iCloud data without Apple ID FierceCIO:TechWatch 20/06/2014

    «Elcomsoft has developed a way to access files stored within Apple's iCloud service without knowing a person's Apple ID. Developed by the well-known Russian company to help law enforcement analyze seized computers, the tool works by making use of special authentication tokens obtained from suspects' computers.» Read more

  87. Russian forensic firm's tool snags iCloud backups without an Apple ID CIO 18/06/2014

    «Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person's Apple ID, a development intended to help law enforcement analyze seized computers.» Read more

  88. Forensic tool cracks into iCloud data with no password or Apple ID required Computerworld 18/06/2014

    «Some people pay little attention when there’s a new password cracker because they think along the “bite me” lines of “big deal ‘cause I have a 30-character password securing my account; good luck cracking that.” Other folks are on the other side of the spectrum, knowing a rainbow table isn’t exactly necessary for a highly guessable password like “password” or “123456.” But if you are a big fan of Apple and of iCloud storage, then you might be interested to learn there’s a new forensic tool capable of “over-the-air acquisition of iCloud data without having the original Apple ID and password.”» Read more

  89. Russian company Elcomsoft develops method to compromise Apple (AAPL) iCloud backups PFhub 18/06/2014

    «Proving once again that Russian software experts make superb hackers, Elcomsoft Proactive Software of Moscow, Russia has created a tool that enables accessing the iCloud backups of users who are logged in to their iCloud account, without their cooperation or consent. The tool takes advantage of the method Apple Inc. uses to keep users logged in over an extended period of time without needing to re-enter their passwords.» Read more

  90. How Forensic Tools Unearth Deleted Text Messages CIO 12/03/2014

    «Unlike work email, most mobile text messages don't flow through the corporate network except for the rare exception when employees use a company-deployed texting app. This means text messages are a blind spot for IT -- that is, impossible to monitor.» Read more

  91. How to hack an iPad or iPhone passcode: bypass iOS password security and remove the iPad's lock Macworld 04/03/2014

    «It is possible to hack the iPad passcode, but you need serious software to do so. This is known as forensics software because law enforcement agencies use them when analysing a mobile phone. We tested Elcomsoft iOS Forensic Toolkit and found it a reliable means of cracking an iPad’s passcode.» Read more

  92. Windows 8.1 biometrics support increases security, but do you need it? SearchEnterpriseDesktop 28/10/2013

    «Windows 8.1 Preview comes with the software necessary to register and manage fingerprint-based authentication on the desktop. This removes the need for hardware manufacturers to provide their own apps, helping to avoid problems introduced with third-party software. For example, in the past, a number of computer manufacturers -- including Acer, Dell, Gateway, Lenovo and Toshiba -- had shipped their laptops with UPEK's scanner and software. Last year, ElcomSoft, a certified Microsoft partner in Russia, discovered that UPEK's fingerprint-reader program was storing Windows account passwords in the registry as plain text. The passwords were scrambled, but not encrypted, making them an easy target for hackers and cybercriminals.» Read more

  93. Researcher says iCloud backups have security shortfalls SCMagazine 26/10/2013

    «The Elcomsoft chief executive found that Apple did not extend its two-factor authentication to protect the online backups which were stored on Microsoft and Amazon servers.» Read more

  94. Apple's iCloud iConundrum - does convenience mean insecurity? Naked Security 24/10/2013

    «In his talk, "Cracking and Analyzing Apple's iCloud Protocols", Katalov showed how Apple's optional two-factor authentication is selective in its application, even where it is available.» Read more

  95. Researcher continues exploring iCloud security, some media outlets continue to overreact iMore 21/10/2013

    «Russian security researcher Vladimir Katalov gave a talk last week at Hack in the Box security conference detailing his findings on Apple's iCloud protocols. Katalov's research highlights several shortcomings in iCloud's security model, including the fact that iCloud data is not protected by the two-step verification system Apple rolled out earlier this year.» Read more

  96. Apple's iCloud protocols cracked and analyzed Help Net Security 17/10/2013

    «Smartphones carry a lot of sensitive data that in theory should be accessible only to their owners. In practice, a lot of it can be exfiltrated from the devices and from the backups either stored on the device or in the cloud by employing different forensic methods. In his presentation at the Hack in the Box Conference, co-founder and CEO of Russian password-cracking / recovery company ElcomSoft Vladimir Katalov has shared the results of their efforts in cracking and the discoveries they made by analysing Apple's iCloud protocols, as well as those used for Windows Phone and BlackBerry backups.» Read more

  97. Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out The Register 15/10/2013

    «TrueCrypt's documentation makes it plain that it can't secure data on a computer compromised by malware or a hardware keylogger. It's also well known in computer forensics circles that TrueCrypt keys can be recovered from memory, even using commercial tools from the likes of ElcomSoft, given physical access to a powered-up machine.» Read more

  98. ElcomSoft Speeds Up Phone Password Breaker, Enables Real-Time iCloud Recovery Dark Reading 22/08/2013

    «The new release enables selective recovery of certain types of data stored in Apple iCloud, enabling true real-time access to forensically significant information. By enabling real-time access to information stored in iCloud, ElcomSoft provides law enforcement organizations with live access to users' online backups, eliminating the need to wait while the full backup with irrelevant information gets downloaded. At this time, Elcomsoft Phone Password Breaker remains the only tool on the market that can download iCloud backups to a PC. Apple does not support direct data downloads, only allowing to restore iCloud backups onto a freshly initialized iOS device.» Read more

  99. Apple's two-step verification won't protect iCloud data FierceCIO:TechWatch 04/06/2013

    «Contrary to what users may believe, Apple's (NASDAQ: AAPL) two-step authentication does not offer additional protection against hackers who try to get data stored within the iCloud service, according to ElcomSoft CEO Vladimir Katalov. ElcomSoft is a well-known Russian security firm that specializes in a range of password and encryption-busting tools.» Read more

  100. Report: Apple's Two-Step Authentication Doesn't Protect iCloud Data AppAdvice 03/06/2013

    «Apple launched a new two-step authentication system for iCloud back in March, and rolled the feature out internationally a couple of months later. According to a new report, however, iDevice users should be aware that Apple’s two-step authentication does not protect iCloud backups, and nevertheless leaves users vulnerable to the kind of hack which last year controversially struck Wired’s Matt Honan.» Read more

  101. Apple two-factor security efforts “half-hearted,” says security researcher GigaOM 03/06/2013

    «Like many large tech companies, Apple has recently introduced a two-step security measure for Apple users. But Elcomsoft software finds that iCloud data and device backups are left unprotected, and that the company needs to do more to improve user protection.» Read more

  102. Apple IDs vulnerable even after 'two-factor authentication' Mobile & Apps 01/06/2013

    «Apple was looking at its new two-factor authentication to improve the security for the Apple ID and iCloud access, but it seems like the Cupertino-based tech giant has to work harder to provide better protection to its users' data.» Read more

  103. iCloud users take note: Apple two-step protection won’t protect your data Ars Technica 31/05/2013

    «If you think your pictures, contacts, and other data are protected by the two-step verification protection Apple added to its iCloud service in March, think again. According to security researchers in Moscow, the measure helps prevent fraudulent purchases made with your Apple ID but does nothing to augment the security of files you store. To be clear, iCloud data is still secure so long as the password locking it down is strong and remains secret. But in the event that your account credentials are compromised—which is precisely the eventuality Apple's two-factor verification is intended to protect against—there's nothing stopping an adversary from accessing data stored in your iCloud account. Researchers at ElcomSoft—a developer of sophisticated software for cracking passwords—made this assessment in a blog post published Thursday.» Read more

  104. Apple's new security system has holes CNNMoney 31/05/2013

    «Apple recently beefed up its authentication system in an effort to thwart hackers, but a new report shows the security measure is lacking in one huge area. Back in March, Apple (AAPL, Fortune 500) unveiled an optional "two-factor authentication" login method for its Apple ID. It's a basic security tool already used by Google (GOOG, Fortune 500), Facebook (FB) and Dropbox that requires both a password and a piece of data, such as a string of numbers sent via text message. Twitter also recently unveiled such a system following a series of prominent hacks of Twitter accounts. But security software company ElcomSoft explained in a blog post Thursday that Apple's new security measures protect users only in a few situations: app and music purchases, managing an Apple ID account or receiving customer support related to Apple ID. It does nothing to protect other important information, like photos and other files stored on its iCloud service.» Read more

  105. Apple’s two-factor authentication is not very thorough Infosecurity 31/05/2013

    «Back in February, Norwegian hackers were raiding teenage girls’ iCloud accounts, downloading photos and offering them for sale. By March, Apple had introduced and started to roll out optional two-factor authentication to improve security. But it’s not that good, reports Elcomsoft.» Read more

  106. Apple 2FA doesn't cover iCloud SC Magazine, Australia 31/05/2013

    «Attackers can bypass Apple's two-factor authentication to download and install a victim's iPhone and iPad backups, a security firm has revealed. The Cupertino company deployed two-factor authentication for Apple identities in March, requiring a second form of verification for account management and iTunes or App Store purchases. But it did not extend the security across its iCloud service, meaning an attacker with a target's username and password in hand could still download and restore an iOS backup.» Read more

  107. iCloud not protected by Apple’s two-factor authentication, say researchers SlashGear 31/05/2013

    «Apple introduced two-factor authentication (or two-step verification if you’d like to call it that) with iCloud back in March, adding an extra layer of security to its cloud backup system. However, security researchers say that iCloud is still vulnerable to a break-in if your password is stolen.» Read more

  108. Apple's two-factor security isn't as good as Microsoft or Google's, say experts The Register 31/05/2013

    «But according to research from security biz Elcomsoft, Apple did a "half-hearted job" of implementing its verification system, "leaving ways for the intruder to access users’ personal information, bypassing the (optionally enabled) two-factor authentication". Specifically iOS Backups and iCloud data is not protected by two-factor authentication.» Read more

  109. Apple’s Two-Step iCloud Authentication Deemed Unsecure By Third-Party Security Firm 31/05/2013

    «Apple recently rolled out two-step authentication check for iCloud to protect users from having their account info changed without an additional, one-time password. They were a tad late to the game, however, as companies like Dropbox, Google, Facebook, Twitter and others have already implemented this additional security step for their users.» Read more

  110. Apple's new security system fails to protect files stored in iCloud, says security firm Read more: Apple's new security system fails to protect files stored in iCloud, says security firm FierceMobileIT 31/05/2013

    «Apple's (NASDAQ: AAPL) new two-factor authentication system does not apply to iCloud backups, enabling a hacker with a user's Apple ID and password to download and access information stored in iCloud, according to Vladimir Katalov with security firm ElcomSoft. Read more: Apple's new security system fails to protect files stored in iCloud, says security firm - FierceMobileIT Subscribe at FierceMobileIT» Read more

  111. Elcomsoft Details Lapses in Apple’s Two-Factor Authentication Approach TidBITS 30/05/2013

    «When Apple added optional two-factor authentication for Apple IDs recently, many applauded the move (as we did in “Apple Implements Two-Factor Authentication for Apple IDs,” 21 March 2013). Requiring both a static password and a temporary code for logins from new devices reduces the chance of an undesirable party — online criminal, spurned lover, or repressive government — gaining access to your account. Two-factor authentication doesn’t eliminate the possibility of an account being compromised, but it sets the bar significantly higher.» Read more

  112. Apple’s Two-Step Authentication Doesn’t Protect Your iCloud Backups Cult of Mac 30/05/2013

    «Apple's two-step authentication process is designed to make your Apple ID more secure...» Read more

  113. Security Researcher Raises Concerns over Apple's Two-Step Authentication 30/05/2013

    «CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.» Read more

  114. Apple iPhone Decryption Backlog Stymies Police InformationWeek 14/05/2013

    «Apple is overwhelmed by requests from law enforcement agencies to decrypt seized iPhones, and its waiting list is so long that it may take months before new requests get handled. That revelation, first reported by CNET, was gleaned from a search warrant affidavit for a seized iPhone last summer by a federal agent who was investigating a Kentucky man on crack cocaine distribution charges.» Read more

  115. Apple deluged by police demands to decrypt iPhones CNET 10/05/2013

    «ATF says no law enforcement agency could unlock a defendant's iPhone, but Apple can "bypass the security software" if it chooses. Apple has created a police waiting list because of high demand. [...] Elcomsoft claims its iOS Forensic Toolkit can perform a brute-force cryptographic attack on a four-digit iOS 4 or iOS 5 passcode in 20 to 40 minutes. "Complex passcodes can be recovered, but require more time," the company's marketing literature says.» Read more

  116. Apple Decrypts iPhone For the Police, But It Makes Them Wait [Report] Cult of Mac 10/05/2013

    «Apple Decrypts iPhone For the Police, But It Makes Them Wait.» Read more

  117. Picture imperfect The Economist 09/03/2013

    «A feature introduced several years ago by Canon and Nikon, the two leading camera manufacturers, gives photographers a way to prove, if challenged, that their images have not been manipulated. When a picture is taken, the cameras attach a coded signature that is destroyed if the image is modified and resaved. An intact signature, then, should prove that a photo is genuine. But researchers at ElcomSoft, a computer-security firm based in Moscow, have shown that the system is easily fooled. Counterfeiters can copy an image’s security signature and reapply it after retouching, says Vladimir Katalov, ElcomSoft’s boss.» Read more

  118. Forensic tool to decrypt TrueCrypt, Bitlocker and PGP contains and disks released Ghacks 07/02/2013

    «Elcomsoft’s Forensic Disk Decryptor works well if you can get your hands on a memory dump or hibernation file. All attack forms require local access to the system. It can be a useful tool if you forgot the master key and desperately need access to your data. While it is quite expensive, it costs €299, it may be your best hope of retrieving the key, provided that you are using hibernation or have a memory dump file that you have created while the container or disk were mounted on the system. Before you make a purchase, run the trial version to see if it can detect the keys.» Read more

  119. ElcomSoft: Nvidia Tesla K20 Beats a Dual GPU Configuration in Password Cracking Bright Side Of News 07/02/2013

    «When Nvidia announced the 7+ billion transistor part codenamed GK110 as the chip behind the Tesla K20 and upcoming high-end Quadro and GeForce boards, a lot of questions were asked just how much compute power was taken out of GK104 chips, which now power the majority of Nvidia's lineup (GeForce GTX 660 Ti/670/680/690, Quadro K3000/K4000/K5000, Tesla K10). Thanks to ElcomSoft, we now know the answer to that question.» Read more

  120. BitLocker, PGP and TrueCrypt encryption weakened by new attack tool PC Advisor 03/01/2013

    «Russian password-cracking wizards ElcomSoft have announced a new product that can retrieve decryption keys for BitLocker, PGP and open source favourite TrueCrypt as long as the encrypted volumes were not securely demounted.» Read more

  121. Elcomsoft’s Forensic Decryption Software Moves the Needle for Practical Cryptography SiliconANGLE 24/12/2012

    «Cryptography is the go-to defense for cybersecurity, it’s essentially the strongbox of the computing era—and just like a strongbox it’s not designed to keep the contents perfectly safe from all perpetrators, it’s designed to resist their attempts to get at it. It’s still possible for the Hole In The Wall gang to derail your train, make off with your payroll safe, and blow it open with TNT. However, given that technology to defeat locks advances with technology to make better locks, we can expect more subtle forms of extracting encrypted contents than TNT (brute force.) News is that Elcomsoft just released a Forensic Disk Decryptor running at about $299. According to the press, this software can beat protected volumes generated by popular crypography apps such as BitLocker, PGP and TrueCrypt» Read more

  122. BitLocker, PGP, TrueCrypt cracked real-time with $299 tool VR-Zone 21/12/2012

    «A Russian security firm has announced that their forensic disk decryptor software package can now access any information on disks that have been encrypted with industry standard programs. The program cost $299 and will work against BitLocker, PGP, and TrueCrypt; but even worse it can do it in real-time.» Read more

  123. $300 tool can decrypt PGP, TrueCrypt files without a password 21/12/2012

    «Russian company ElcomSoft today threw their grey hat firmly into the top-secret ring of internationally important security companies. Though the actual innovation is quite simple, the company today announced a $500 piece of hardware that could change the face of electronic security for some time to come.» Read more

  124. Still putting your crypto-protected PC in hibernate? $300 app can hack it ArsTechnika 21/12/2012

    «Cracking PGP, TrueCrypt, and other strong encryption packages just got more affordable, with the release of a $300 package that can pluck decryption keys out of computer memory in certain cases.» Read more

  125. Commercial tool nabs BitLocker, Truecrypt passwords SC Magazine AU 21/12/2012

    «A Russian forensics outfit has launched a tool to pluck passwords used in Microsoft BitLocker, Symantec PGP whole disk encryption and TrueCrypt. Decryption keys were extracted from the software when encrypted volumes were mounted, including when the Windows machines were powered off.» Read more

  126. World’s Most Used Encryption Technologies, Cracked in No Time with $299 Forensics Tool HOTforSecurity 21/12/2012

    «With more and more sensitive data on mobile devices, software encryption has witnessed quite a boom in recent years. Backed by independent developers (such as TrueCrypt) or built into the operating system directly (BitLocker), software encryption managed to keep data away from prying eyes. Until now. Russian data recovery specialist Elcomsoft, announced immediate availability for their Elcomsoft Forensic Disk Decryptor, software that can unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. While these data containers are virtually unbreakable without the password used at encryption time, they can be easily decrypted using an unconventional approach: retrieving the key from the system memory.» Read more

  127. WARNING: Losing your privacy: one security utility at a time ... Your encrypted disk may not be safe anymore! One Citizen Speaking... 21/12/2012

    «Elcomsoft, a Russian company has now provided the world with a new utility to allow the examination of encrypted disks protected with BitLocker, PGP and TrueCrypt. For those who do not remember, Elcomsoft was the first company charged by the United States Government with violating the Digital Millennium Copyright Act for publishing the workarounds to crack Adobe’s pathetic PDF security. The presenter, Dmitry Sklyarov, was arrested by the U.S. authorities and held without bail – causing a major uprising in the tech community. (Full disclosure: I was involved in the case and presented live code examples to the FBI that there was a legitimate and fair use case to be made for Elcomsoft’s products under the DMCA.) And I was just as outraged over the jailing of Dimity as the rest of the tech community. To allow Adobe to continue the fiction that their products were safe and secure for use in the financial industry was a breach of faith and trust.» Read more

  128. PGP, TrueCrypt-encrypted files CRACKED by £300 tool TheRegister 20/12/2012

    «ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data. Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods and forensic specialists. PGP and TrueCrypt set the industry standard for whole-disk or partition encryption.» Read more

  129. This $299 tool is reportedly capable of decrypting BitLocker, PGP, and TrueCrypt disks in real-time TheNextWeb 20/12/2012

    «Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008. The price tag isn’t outrageous, but EFDD will still set you back a solid $299.» Read more

  130. Forensic Tool Cracks BitLocker, PGP, TrueCrypt Containers InformationWeek Security 20/12/2012

    «The software from ElcomSoft -- a Russian provider of encryption-cracking software and other digital forensic tools -- accomplishes the feat not by cracking the containers themselves, but rather by exploiting the fact that once the containers are accessed, the decryption passwords get stored in computer memory. The software is designed to be used by digital forensic investigators -- for example, when investigating suspected insider theft incidents.» Read more

  131. Forensic access to encrypted BitLocker, PGP and TrueCrypt containers Help Net Security 20/12/2012

    «The complete decryption mode provides full, unrestricted forensic access to all information stored on encrypted volumes. Alternatively, by mounting encrypted containers as drive letters, investigators gain immediate, real-time access to protected volumes. In real-time mode, information read from encrypted containers is decrypted on-the-fly. The software offers true zero-footprint operation with no alterations or modifications to original content ever.» Read more

  132. New tool targets BitLocker, TrueCrypt full disk encryption FierceCIO 20/12/2012

    «Russian digital forensics firm ElcomSoft has unveiled a new Forensic Disk Decryptor software that it says can make it possible to decrypt encrypted file volumes protected by tools such as BitLocker, PGP and TrueCrypt. [...] ElcomSoft has a long track record of successfully crafting attacks against security mechanisms such as the image verification system for Nikon and Canon cameras, the on-board encryption employed by the iPhone 3GS and even the encryption used by the BlackBerry Desktop Software to protect data backups.» Read more

  133. Popular disk encryption systems cracked Simon Edwards 20/12/2012

    «If you want your laptop's data to remain secure, even when stolen, one excellent solution is to encrypt the hard disk's partitions or even the whole disk. Popular options include Microsoft's BitLocker, Symantec's PGP Whole Disk Encryption and the open source TrueCrypt software. Elcomsoft has just announced that all of these encryption systems can be cracked by its new product, Elcomsoft Forensic Disk Decryptor.» Read more

  134. Deeply Flawed Apple-Owned Fingerprint Reader Software a Tough Fix Threatpost 11/10/2012

    «Caudill and fellow researcher Brandon Wilson recreated work done by Russian security company ElcomSoft, which specializes in password recovery solutions. Both were able to extract Windows passwords from the popular fingerprint reader, technology that was acquired by Apple earlier this year.» Read more

  135. Apple subsidiary still not patching ‘security’ software that leaves Dell, Samsung, Lenovo PCs vulnerable (updated) VentureBeat 10/10/2012

    «Almost three months ago, Apple bought AuthenTec, a security company that builds sensors for PCs and phones to verify users and protect communications. One of the company’s products was Protector Suite, a secure way to log into Windows machines with your fingerprint. The only problem? The software stores inadequately encrypted passwords in the Windows Registry. In fact, according to ElemSoft, the passwords were almost in plain text. To put it bluntly, this “security solution” actually made PCs more vulnerable.» Read more

  136. Microsoft Office 2013's enhanced protection scheme cracked ahead of official launch Networkworld / Microsoft Insights 03/10/2012

    «Russian corporate security and IT audit firm ElcomSoft claims to have developed tools with the ability to recover plain-text passwords used to encrypt documents in Microsoft Office 2013. In addition to a host of improvements and other changes, Microsoft beefed up the encryption scheme used to secure users’ data in Office 2013. With Office 2010, Microsoft used an SHA-1 class algorithm with a 128-bit key to encrypt plain-text password-protected documents. With Office 2013, though, Microsoft has moved to a technically more secure SHA-2 class SHA512 algorithm to calculate the hash values for the encryption keys, but it appears even that wasn’t enough. ElcomSoft, a privately owned company headquartered in Moscow, has announced that it has already developed tools to crack Microsoft’s latest protection schemes. Shocking, I know.» Read more

  137. Office 2013 encryption cracked Simon Edwards Blog 26/09/2012

    «According to Elcomsoft's researchers, Microsoft has done a great job beefing up the encryption of its Office documents. This has forced those who want to break it to move from brute forcing techniques to more advanced methods.» Read more

  138. Elcomsoft, UPEK & more Security Nirvana 15/09/2012

    «Elcomsoft has announced that certain versions of fingerprint software named Protector Suite made by UPEK (now part of Authentec) stores your Windows password in a 'scrambled' format in registry. This allows an attacker through different entry points to get easy access to a users Windows password. I have no reason not to believe Elcomsoft in their claims, but UPEK/Autentec seriously disagrees. In the middle of this I happen to have some questions, and an opinion regarding biometric software today.» Read more

  139. Hacking Your Fingerprint: ElcomSoft Finds Security Holes in Biometric Readers Bright Side Of News* 13/09/2012

    «When purchasing notebooks for the enterprise, one of most common requirements is that they have a fingerprint reader, since biometric is considered safe. However, while it may be hard to fake your footprints - a gaping hole was found in the software suite which can expose all of your saved passwords.» Read more

  140. Plenty for crypto fans at 44Con SC Magazine UK 12/09/2012

    «Field Programmable Gate Arrays (FPGAs) allow cost-effective and highly tailored hardware acceleration for a wide range of computing problems and are a very economical solution to the processing needs of modern password cracking.» Read more

  141. iPhone Security Unbreakable? Security Gurus Disagree InformationWeek 23/08/2012

    «Earlier this year, for example, researchers from Moscow-based digital forensic toolmaker Elcomsoft analyzed 13 Apple iOS password managers--a.k.a. password keepers, wallets, and safes--to see if they securely stored passwords. Elcomsoft's interest was more than academic, since the company has long sold tools used by law enforcement agencies to crack iPhone data security. It wanted to know if password safes might provide a further hurdle to forensic investigators.» Read more

  142. ElcomSoft and Pico Computing Demonstrate World’s Fastest Password Cracking Solution VR-Zone 18/07/2012

    «There's no secret that graphics cards such as NVIDIA GeForce, Tesla as well as AMD Radeon are being used by security agencies worldwide. Their goal is to crack the passwords of suspects as much as 10-20x faster than the most expensive Intel processor is able to do. Today, another company is claiming its stake in lucrative security business.» Read more

  143. ElcomSoft and Pico Computing Demonstrate Password Cracking Solution DFINews 18/07/2012

    «ElcomSoft Co. Ltd. has released password cracking solutions supporting Pico’s range of high-end hardware acceleration platforms. ElcomSoft has updated its range of password recovery tools, employing Pico FPGA-based hardware to greatly accelerate the recovery of passwords.» Read more

  144. ElcomSoft, Pico Computing show world's fastest password-cracking solution Homeland Security News Wire 18/07/2012

    «Pico Computing manufactures a range of high-end hardware acceleration platforms, offering a computational equivalent of more than 2,000 dual-core processors in a single 4U chassis; ElcomSoft updates its range of password recovery tools, employing Pico Field Programmable Gate Array (FPGA)-based hardware to accelerate the recovery of passwords» Read more

  145. Elcomsoft iOS Forensic Tookit review Macworld 06/07/2012

    «Extract all data, passcodes and keychains from a locked iPad, iPhone, or iPod touch with professional-grade security software. Forensics extraction is the process of getting into a computer device (in this case an iOS device) and extracting all the data from it. And Elcomsoft's iOS Forensics Toolkit is an incredibly powerful piece of kit that enables you to hack into, and extract pretty much everything on an iPhone (passcodes, keys, files, messages, audio recordings, and so on).» Read more

  146. Forensic tool discovers iCloud backup IDM 21/05/2012

    «ElcomSoft has updated its Phone Password Breaker tool with the ability to retrieve user content from password-protected backups created by Apple iOS devices and BlackBerry smartphones, as well as the ability to retrieve iPhones’ user data from iCloud.» Read more

  147. Beware of iCloud! Snooping software lets police read everything on your iPhone in real-time without you ever knowing Daily Mail 18/05/2012

    «Police - or anyone with a piece of spying software - can track everything you do on your iPhone without needing physical access to your phone. The software, called Phone Password Breaker, can download all of the data from Apple's iCloud service - which backs up all of your pictures, text messages, emails, calendar appointments, call logs, website you have visited, and contacts. As iPhones sync nearly instantaneously with iCloud, anyone who is listening will have near-instantaneous access to your phone - without the owner noticing a thing.» Read more

  148. Forensic Tool Grabs iPhone, iPad Data Remotely InformationWeek 18/05/2012

    «Digital forensic investigators have a new technique for recovering the data stored on an iPhone or iPad: ElcomSoft has updated its Phone Password Breaker cracking tool to automatically retrieve iOS device backups from the Apple iCloud.» Read more

  149. New Forensics Tool Can Slurp A Phone’s Data Via The Cloud Gizmodo Australia 17/05/2012

    «The police don’t even need to touch your phone anymore to know how you’ve been using it. A new off-the-shelf forensics tool lets cops retrieve all the data they want from your iPhone by accessing its contents through iCloud.» Read more

  150. ElcomSoft's iOS Forensic Toolkit cracks iCloud backups Tab Times 17/05/2012

    «A Russian company called ElcomSoft says it’s figured out a way to access a user’s online backups stored in Apple’s iCloud service.» Read more

  151. Mobile password managers: Cracking the security mechanisms Michael Kassner (TechRepublic) 26/03/2012

    «Password managers for mobile devices are convenient. But are the cached passwords sufficiently protected? Michael Kassner asks two experts to explain the vulnerabilities.» Read more

  152. ElcomSoft: Smartphone Password Managers Not Secure SecurityWatch, Neil J. Rubenking 16/03/2012

    «If a disgruntled employee leaves company resources password-locked, ElcomSoft probably has a solution. With over 20 years of experience, the company "provides tools, training, and consulting services to law enforcement, forensics, financial and intelligence agencies." ElcomSoft researchers recently evaluated security in 17 password managers for iPhone and BlackBerry. Their conclusion? There isn't any.» Read more

  153. Elcomsoft Criticism of iOS Password Apps Overblown TidBITS 16/03/2012

    «Major password-keeping apps for iOS use encryption techniques that, depending on the strength of the master password, can be easily overcome in under a day, revealing all of the ostensibly secured passwords, security firm Elcomsoft said in a security conference presentation in the Netherlands.» Read more

  154. ElcomSoft's Password Manager Shakedown ZETETIC 16/03/2012

    «The results are shocking: of the 17 password management programs analyzed, they showed that most of the products, including many of today's most popular password managers» Read more

  155. The contradictions of password psychology InfoSecurity 22/02/2012

    «A new survey on attitudes towards passwords indicates an apparent contradiction: most people want stricter password security policies, but don’t bother changing their own default passwords.» Read more

  156. Crack Passwords to Wireless Networks, iPhones, and PCs Faster with New Recovery Tool SecurityWeek News 08/07/2010

    «Moscow based ElcomSoft, developer of the software, announced a 20-fold gain in recovery speed compared to Intel current top of the line quad-core CPUs by using NVIDIA's newest high-end video accelerators for its password recovery tools.» Read more

  157. Security Implications of iOS. SANS Institute InfoSec Reading Room 04/08/2011

    «On May 23, Vladimir Katalov, CEO of ElcomSoft, announced they had found a way to decrypt the hardware protection (Katalov, 2011). This is significant because it revealed the data was not as secure as many thought.» Read more

  158. Forensics at BlackHat2011: iOS Password Decryption Method Revealed. The CyberJungle 03/08/2011

    «There are a number of technical barriers in extracting information from a password protected iOS device. Although earlier versions of iOS (pre 3GS) had data protection methods that are generally considered very weak, newer versions of the iOS have stronger encryption deployed. Many digital forensic examiners have hit a wall when try to acquire digital forensic from password protected iOS devices.» Read more

  159. Passwords alone can't protect your network. InfoWorld 18/01/2011

    «But cloud computing isn't even necessary to take advantage of the benefits of parallel computing. Using Distributed John the Ripper and other password crackers, such as Passware Password Kit Forensics or Elcomsoft's Distributed Password Recovery product, password hackers have long been able to take advantage of every CPU under their control.» Read more

  160. Flaws found in Canon Image Verification System. FierceCIO:TechWatch 14/12/2010

    «Elcomsoft was able to break the system by extracting the secret code used to create the verification data from the internal memory of different Canon camera models. The code is apparently the same across each model of camera; the company told PC World that it has extracted the keys for the EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D to date.» Read more

  161. Programmer cracks Canon photo encryption. ZDNet UK 13/12/2010

    «Programmer and encryption expert Dmitry Sklyarov has found a vulnerability in Canon's OSK-E3 system for ensuring that photos such as those used in police evidence gathering have not been tampered with.» Read more

  162. Canon's digital camera image originality not so original. Kevin Beaver's Security Blog 10/12/2010

    «Well, the folks at Elcomsoft have done it again. This time they've discovered a vulnerability in Canon's Original Data Security system demonstrating that digital image verification data can be forged. Apparently Canon has yet to respond.» Read more

  163. Canon camera encryption cracked. CNET News 10/12/2010

    «The programmer and encryption expert is Dmitry Sklyarov, and his company, Elcomsoft, has found a vulnerability in Canon's OSK-E3 system for ensuring that photos such as those used in police evidence-gathering haven't been tampered with.» Read more

  164. Canon cameras: encryption cracked by Russian programmer! Electricpig 10/12/2010

    «Fast forward to 2010 and Dmitry Sklyarov is back in the spot light, but this time with the help of his company, Elcomsoft. News came in this morning that Sklyarov and his company had found a vulnerability in Canon’s OSK-E3 system for ensuring that photos such as those used in police evidence haven’t been tampered with.» Read more

  165. Russian Software Firm Breaks Canon’s Authenticity Verification, Big Time. Rezalutions 01/12/2010

    «The credibility of photographic evidence becomes vital in numerous situations for insurance companies and courts, as they may accept digital image as indisputable evidence if it can be proven genuine. However, the discovered vulnerability in Canon Original Data Security system proves that verification data can be forged and, thus, the whole verification system cannot be relied upon.» Read more

  166. Russians on the moon? Canon's image verification system cracked. The H Security 01/12/2010

    «Hacker Dmitry Sklyarov has succeeded in extracting the secret signing key from numerous digital SLR cameras and has used it to sign modified images which Canon's latest OSK-E3 security kit verifies as legitimate. Canon's Original Data Security System is intended to show whether changes have been made to photographs and to verify date and location information.» Read more

  167. Analyst finds flaws in Canon image verification system. CIO 01/12/2010

    «But the digital signature can be forged due to design flaws in Canon's system, according to Dmitry Sklyarov, an IT security analyst with Elcomsoft, which specializes in password recover systems. Sklyarov was due to give a presentation on the flaws at the Confidence IT security event in Prague on Tuesday afternoon.» Read more

  168. Canon image originality verification proven useless. Boing Boing 30/11/2010

    «After performing analysis of Canon hardware, ElcomSoft researchers were able to extract secret keys used to calculate authentication data from Canon EOS digital cameras, and use the keys for adding authenticity signatures to a set of manipulated digital images.» Read more

  169. Canon image originality verification proven useless. Help Net Security 30/11/2010

    «After performing analysis of Canon hardware, ElcomSoft researchers were able to extract secret keys used to calculate authentication data from Canon EOS digital cameras, and use the keys for adding authenticity signatures to a set of manipulated digital images.» Read more

  170. Analyst finds flaws in Canon image verification system. Network World 30/11/2010

    «Elcomsoft has published photos -- including one with an astronaut planting the flag of the Soviet Union on the moon -- that, if checked using a smart card and special software from Canon, confirm that the photo has not been tampered with. .» Read more

  171. ElcomSoft cracks Canon’s Digital Signature Algorithm. 30/11/2010

    «Unfortunately, ElcomSoft today revealed a vulnerability in their algorithm that allows anyone to cryptographically sign any image so that it appears authentic.» Read more

  172. Analyst Finds Flaws in Canon Image Verification System. PCWorld 30/11/2010

    «A cryptographic system used by Canon to ensure that digital images haven't been altered is flawed and can't be fixed, according to a Russian security company that specializes in encryption.» Read more

  173. Cryptographers crack system for verifying digital images. The Register 30/11/2010

    «Russian password-cracking company ElcomSoft said on Tuesday that it's able to extract the original signing key from the Canon Original Data Security Kit and use it to validate fake photos. Canon has billed the service as a way to verify the originality of an image and to confirm that global positioning coordinates, data, time, and other metadata hasn't been changed.» Read more

  174. ElcomSoft's Internet Password Breakers Scares the Crap Out of Us. HotHardware 10/11/2010

    «Listen up ladies and gents, if you aren't in the habit of changing up your passwords every once in awhile, consider doing so. Not only is it good practice in general, but as it turns out, your browser does a pretty piss-poor job of covering your tracks. Enter Russian software maker ElcomSoft, which just announced a password recovery tool called Internet Password Breaker that purportedly works with Firefox, Safari, Opera, and Chrome.» Read more

  175. Windows 7 doesn't end the need to monitor passwords. 26/10/2010

    «It's scary to think about the amount of sensitive information that can be exposed. Don't write off a single incident as a local problem. Instead, consider a breach an enterprise problem, and invoke your incident-response plan -- assuming you even know about it. For example, Figure 1 shows a how Proactive System Password Recovery can easily glean a WPA2 preshared key (PSK) from a Windows 7 machine.» Read more

  176. BlackBerry backup encryption 'broken' by Russians. Computerworld UK 04/10/2010

    «According to Elcomsoft, a weakness in the way BlackBerry has implemented the apparently secure 256-bit AES encryption in its PC and Mac backup program BlackBerry Desktop Software makes it possible to carry out a successful password recovery attack on the backup archive with relative ease.» Read more

  177. ElcomSoft cracks BlackBerry encryption. TG Daily 02/10/2010

    «ElcomSoft has coded a "password breaker tool" to unlock backups created by RIM BlackBerry smartphones. The utility - which is supposedly targeted at forensic investigators - also offers support for cracking a wide range of iOS-based devices.» Read more

  178. BlackBerry Backup Encryption Weak According to Password Cracking Company. BlackBerry Leaks 02/10/2010

    «The BlackBerry encryption algorithm uses AES with a 256-bit key, which is theoretically strong enough. However, the CEO of ElcomSoft, Vladimir Katalov, claims there is a problem with the key generation... Katalov says that even without GPU acceleration, a seven character long password with both uppercase and lowercase letters would be recovered in under three days. But, cracking a single-case password would only take half an hour.» Read more

  179. Cracking passwords with video cards. The Economist 10/09/2010

    «The Russian firm Elcomsoft literally accelerated the trend for short and weak password recovery by tapping into the graphics processing units (GPUs) that power modern computer video cards. A CPU is generalized for all tasks; a GPU specializes and can be vastly faster for specific calculations that align with password cracking. Using a GPU can speed up by as much as a hundredfold certain kinds of brute-force efforts, in which a strong password algorithm is challenged by iterating through every possible character combination at ever-longer lengths.» Read more

  180. We take a look at Elcomsoft iPhone Password Breaker… Its Good. Security Active Blog 04/09/2010

    «Fast forward to 2010 and I find myself looking at iPhones and their suitability for use in the corporate world, and then I hear again about Elcomsoft releasing an iPhone Password Breaker (EPPB). So here we are, reviewing this product, and seeing just how it works and if it does what it says on the tin.» Read more

  181. Short passwords 'hopelessly inadequate', say boffins. The Register 16/08/2010

    «The number crunching abilities of graphics processors were recently applied to commercial password auditing and recovery tools from Russian developer ElcomSoft. It's a safe assumption that black hats are able to use the same type of technology for less laudable purposes.» Read more

  182. Secured iOS Backups Reduce Security, But Not By Much. TidBITS 09/08/2010

    «At first, I thought Elcomsoft had discovered a major flaw in the way that iOS allows iTunes to back up the data store of an iPhone, iPad, or iPod touch. The Russian security firm creates software designed to test the quality of passwords for many different software packages and systems by trying to crack them; it also advertises its software for forensic use.» Read more

  183. iOS 4 Password Breaker by Elcomsoft Now Available. iSmashPhone 07/08/2010

    «Elcomsoft, a Russia-based company that specializes in password cracking, has released their latest version of Password Breaker, which recovers passwords stored in iOS4 devices.» Read more

  184. iPhone Cracking Software Retrieves Passwords. The New New Internet 06/08/2010

    «ElcomSoft of Moscow claims the iPhone Password Breaker software can recover encrypted keychains used by the iPhone 4 to store passwords used for email, third-party software and websites. The software can be used by forensic investigators to recover data without changing the content of the phone, the company says.» Read more

  185. Elcomsoft offers iPhone password cracker. 06/08/2010

    «Elcomsoft's iPhone Password Breaker is pitched at forensic investigators, and can dig into the handset's operating system and recover previously unavailable content, according to the firm.» Read more

  186. Apple iPhone, iPad Security Goes Into the Toilet and Down the Tubes. BNET 06/08/2010

    «However, a jailbreak exploit — which Apple still hasn’t patched — could also download malware that would easily accomplish this task. Then again, someone could use the password recovery application from Elcomsoft to get into an iPhone backup and grab the information that way.» Read more

  187. Another iPhone Vulnerability: Access iOS Backups Data with iPhone Password Breaker. ReadWriteWeb 05/08/2010

    «Russian computer forensics software company ElcomSoft offers a product called iPhone Password Breaker that enables uses to access backup data from iOS devices. Today the company announced an update to the software that enables users to crack iOS 4 keychains - which may include e-mail and other passwords - without altering the phone's content. ElcomSoft claims to be the first company to be able to crack keychain passwords. According to the company's press release, "Prior to the release of the updated iPhone Password Breaker, the keychains were considered impossible to obtain."» Read more

  188. White hat or black hat? iPhone password cracker rears its head. The Next Web 05/08/2010

    «According to The Register, a Russian password-cracking company has figured out a way to sniff out iPhone passwords without having to jailbreak the device.» Read more

  189. Elcomsoft Releases IPhone 4 Password Cracker. PCWorld 05/08/2010

    «Russian password-cracking company Elcomsoft has released new software that can in some instances figure out the password used to encrypt backed-up iPhone data.» Read more

  190. nVidia GeForce GTX 480 & GTX 480 SLI Review. Bright Side Of News 26/03/2010

    «Starting with today's review, we're introducing ElcomSoft as a part of our test suite. ElcomSoft is a company that produces mission critical analysis and forensics software. With clients such as Interpol and numerous government agencies around the globe, the company has been on a forefront of GPGPU since day one. We used two of their applications: iPhone Password Breaker and Wireless Security Auditor and pitched the GeForce GTX 480 versus the ATI Radeon HD 5870 1GB. The results will probably shock you.» Read more

  191. ATI Graphic cards turbo charge password recovery. The Register 17/03/2010

    «Russian password cracking firm ElcomSoft is using the latest graphics cards from ATI to double the speed of its iPhone password breaker and wireless security auditor products.» Read more

  192. ATI Radeon HD 5970 is the king of iPhone, Wi-Fi password cracking. Bright Side Of News 16/03/2010

    «In the world of GPGPU i.e. GPU Computing, there aren't many companies that really push the term of usability and efficiency. Luckily, Russian ElcomSoft is one of those companies. We already wrote about the company and their very interesting password-cracking products.» Read more

  193. Risk Awareness Enables Improved Prevention of Internet Based Attacks. Pro Security Zone 18/02/2010

    «In the age of information technologies, each employee – not only IT department staff – should be familiar with how to keep their valuable data safe and secure. To fulfill this task in a proper way one should try to halt hidden security threats, with those lying on the surface, in order to avoid grave consequences and damage for the whole company. Employees’ information security literacy is a job of both IT guys and HR professionals. That is the reason we listed the most wide-spread hidden security threats for you to be aware of.» Read more

  194. iPhone Password Breaker Hacks Its Way Into Any iPhone. iPhone Download Blog 17/02/2010

    «There is a new tool out called iPhone Password Breaker that can get access to any password-protected backups for all iPhones and iPod Touch.

    Supposedly used for forensic investigations, I can see many ways how iPhone Password Breaker could be used by jealous husbands, or angry wives, for example…

    Note that this tool will not help you bypass the password protection of an iPhone or iPod Touch. It will bypass the password protection of a backup.»
    Read more

  195. Hack iPhone Backups Using iPhone Passcode Breaker. The iPhone Guru 17/02/2010

    «If you make a backup of an iPhone with a passcode enabled on it, the backup is protected by the same passcode. Elcomsoft has a new utility out that will recover that password from the encrypted backup itself and use that to open the backup file. Makes you feel awesome about how secure your iPhone backups are doesn’t it?.» Read more

  196. It’s Better To Prevent Than To Cure. Katonda 11/02/2010

    «Last week a company that rents an office floor next to ours fell prey to a malicious attack. The employees of the company use instant messengers to communicate with their existing and potential customers.

    Although it is a common knowledge that the improper use of instant messengers can pose a great risk to an enterprise, people still click on the links they receive.»
    Read more

  197. Kit cracks iPhone backup passwords. The Register 04/02/2010

    «The Elcomsoft iPhone Password Breaker, which was released for free into beta, recovers passwords for iPhones and iPod Touches by trying thousands of phrases per second. It performs wordlist-based attacks only, but the final version will allow dictionary attacks that can be customized.» Read more

  198. Encrypting your iPhone backups? Time to choose a better password. MobileCrunch 04/02/2010

    «The iPhone Password Breaker application is dictionary-based, meaning it gains access by cycling through a massive dictionary of words and common passwords (like the aforementioned “cat”, “sex”, and “tetherball”) and their variations (such as “c4t”, “s3x”, and “t3th3rb4ll”) until it finds the right one.» Read more

  199. Wi-Fi hacking: don't panic yet. PC Pro 11/01/2010

    «Not that WPA2 itself is bullet-proof: far from it if the Russians are to be believed. ElcomSoft, a member of the Russian Cryptology Association, has developed a product that can combine readily available and relatively cheap graphics cards from ATI and Nvidia to accelerate the “recovery” of WPA2 encryption passwords.» Read more

  200. Password recovery performance. Security Nirvana 08/12/2009

    «Ok, here's just a quick posting to show off performance numbers when using a single cpu or a Nvidia GTX295 graphics card to recover passwords that has been stored using various hashing functions (recovery here is commonly referred to as "password cracking"). I requested this information from my contact Andrey Belenko at Elcomsoft, based on their product "EDPR - Elcomsoft Distribued Password Recovery", which i am the happy owner of for a 20-client license. (A big "thank you" to Andrey for providing the statistics!). All this as part of my ongoing "research" into passwords.» Read more

  201. Cracking keys on the cheap in the cloud. The H Security 03/11/2009

    «They ran a distributed brute force attack on the file using Amazon's EC2 web service. The software (EDPR) for the attack came from Russian company ElcomSoft. On a dual Core PC running Windows 7, determining the password by trial and error would have taken 2,100 days. 10 virtual computers running EDPR simultaneously, reduced this to just 122 days. One hour of EC2 processing time in this case costs $0.30 per instance, meaning that it cost just under $9,000 to crack the key. Since, according to Electric Alchemy, EDPR scales in a more or less linear fashion, using 100 instances, the same result could be achieved for the same price in just 12 days.» Read more

  202. Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR. Electric Alchemy 30/10/2009

    «When faced with the task of brute forcing PGP passphrases, we immediately thought of Elcomsoft. We had witnessed the drama at Infosec 2009 in London when PGP had banners removed from Elcomsoft's booth, and that made a lasting impression. We downloaded the trial version of Elcomsoft's Distributed Password Recovery software, but found that unfortunately it was not able to properly parse the old PGP ZIP files.» Read more

  203. Balancing Windows security with reasonable password policies. 07/10/2009

    «At the end of the day, the password decryption capabilities of tools such as Ophcrack and Elcomsoft's Proactive System Password Recovery can render Windows passwords useless. But that's not the point. One still shouldn't be able to use a good vulnerability scanner such as QualysGuard or Acunetix Web Vulnerability Scanner to crack Windows passwords. If a security consultant or auditor can do it, then a malicious insider or external attacker can do it as well. It's just a matter of time.» Read more

  204. A closer look at Elcomsoft Advanced Office Password Breaker 3 Enterprise Edition. Help Net Security 14/08/2009

    «Advanced Office Password Breaker is a handy tool that will make your life easier. It does not recover the original passwords, it just removes them. It's fast and effective, and a real asset in offices. It supports MS Office Word and Excel 97 and 2000 and supports Office 97/2000 compatible documents saved with MS Office XP and 2003.» Read more

  205. Run encryption the right way to ensure wireless network security. 08/04/2009

    «As long as you have some WPA or WPA2 data capture files -- something that can be gleaned using a wireless network sniffer such as Airodump-ng (part of the Aircrack-ng suite), CommView for WiFi or AirMagnet WiFi Analyzer -- EWSA can harness the processing power of certain Nvidia Corp. and ATI video cards and perform dictionary cracks against WPA and WPA2 pre-shared keys in a fraction of the time it would normally take a computer's standard CPU by itself. EWSA can also be used to dump the pre-shared key hashes from the Windows registry (yet another reason to encrypt your laptop hard drives!).» Read more

  206. Are passwords safe? ServerManagement 11/02/2009

    «Passwords have traditionally been considered the easiest and most popular method of authentication. It is one of the most convenient methods for users as it does not require special skills or additional equipment, and it is secure - or is it? Password authentication is as simple as ABC. Inventing and memorizing a strong password (or several passwords) is all what it takes, isn't it?» Read more

  207. GPUs Used to Successfully Crack Wi-Fi Passwords. HotHardware 15/01/2009

    «Because of the computational power of today's GPUs, GPUs are starting to be harnessed more and more to help out CPUs with some hardcore number crunching. That is the concept behind Nvidia's CUDA, ATI's Stream, and Apple's OpenCL frameworks. There aren't many apps available yet that take advantage of these relatively new technologies, but the ranks are slowly growing. The latest GPU-assisted app to come available is one designed for IT managers to make sure their wireless networks are secure--and inevitably for hackers to try to break into wireless networks.» Read more

  208. GPU-based WPA/WPA2 crack struggles with good passwords. Ars Technica 01/12/2008

    «Elcomsoft claimed its Password Recovery product, which can also be used in a distributed fashion across a network for faster cracks, could speed up WPA/WPA2 passphrase guessing by a factor of 100. But what did that mean in practical terms? How long a passphrase and how fast to crack it?» Read more

  209. Are VPNs the best way to secure wireless LANs? SearchSecurity 23/10/2008

    «ElcomSoft's application of GPU processing to wireless password cracking poses a problem for any users of WiFi corporate networks - so much so that Global Secure Systems has advised companies to either abandon wireless altogether, or to deploy VPNs for all wireless connections, even internally.» Read more

  210. Don't have security nightmares. BBC News 21/10/2008

    «...he latest version of a password recovery tool from Elcomsoft takes advantage of the astonishing processing power of the latest range of Nvidia graphics processing units (GPUs) to crack the WPA and WPA2 wireless security protocols in a matter of hours or even minutes, rendering most commercial wireless networks open to attack.» Read more

  211. Elcomsoft uses NVIDIA GPUs to crack WPA2. TMCnet 17/10/2008

    «The new-generation Tesla S1070 Computing System helps in recovering variety of system and document passwords. It is 100 times faster in password recovery than by using modern dual or quad-core CPUs. According to the Elcomsoft, its Distributed Password Recovery is a high-end solution for forensic and government agencies, data recovery and password recovery services and corporate users with multiple networked workstations connected over a LAN or the Internet.» Read more

  212. Company puts NVIDA GPUs to work cracking wireless security. Ars Technica 13/10/2008

    «There's a certain short-term window of opportunity here for the quick-minded and well-padded hacker, but long term, software like Elcomsoft's could actually lead to the creation of better encryption standards. Cryptologists working on future standards (AES2, or what have you) will also be able to test those standards more quickly, and for far less money. It's safe to assume that NVIDIA will have introduced faster GPUs by this time, giving future developers an even greater advantage compared to what researchers have previously worked with. For the moment, Elcomsoft's software scales to "just" 64 CPU cores with four GPUs per node for a total of 256 GPUs, but this number will undoubtedly ramp as well. Short-term, this is less-than-great news for the security industry. Long-term, it might improve cryptology standards across the board.» Read more

  213. Elcomsoft uses NVIDIA GPUs to crack WPA2. Engadget 13/10/2008

    «Elcomsoft has been using NVIDIA's CUDA GPU computing architecture to accelerate its Distributed Password Recovery tool for a while now, but it looks like the latest version of the cracking utility takes it to the next level -- it can break a WPA2 password using two GeForce GTX 280-based boards 100 times faster than with just a CPU.» Read more

  214. ElcomSoft uses NVIDIA GPUs to speed up WPA/WPA2 brute-force attack. ZDNet 12/10/2008

    «Elcomsoft Distributed Password Recovery does more than WiFi passwords - you also get the ability to crack a number of documents and files such as Microsoft Office, PGP, ZIP, PDF, OpenDocument, and a number of others.» Read more

  215. WiFi is no longer a viable secure connection. SC Magazine 10/10/2008

    «WiFi is no longer secure enough to protect wireless data. Global Secure Systems has said that a Russian's firm's use of the latest NVidia graphics cards to accelerate WiFi Ұassword recovery' times by up to an astonishing 10,000 per cent proves that WiFi's WPA and WPA2 encryption systems are no longer enough to protect wireless data.» Read more

  216. Turbo-charged wireless hacks threaten networks. The Register 10/10/2008

    «The raw horsepower of graphics chips, normally used as 3D graphic accelerators by gamers, can also be applied for a variety of other number-crunching password-breaking uses beyond uncovering WiFi passwords. Elcomsoft Distributed Password Recovery can also be used to recover Windows startup passwords, crack MD5 hashes, and unlock password-protected documents created by Microsoft Office or PDF files created by Adobe Acrobat, according to ElcomSoft.» Read more

  217. Commercial WPA/WPA2 Cracking Software Accelerated by GPUs. WiFi Net News 09/10/2008

    «The Russian firm offers what it delicately terms password recovery software. They've now paired their WPA/WPA2 key crackin with the power of graphic processing units (GPUs), the brains that drive video cards, and which can carry out certain kinds of calculations vastly faster than CPUs, a computer's main processor.» Read more

  218. Cracking billions of passwords a minute with NVIDIA cards. The Tech Herald 07/10/2008

    «Password auditing and recovery tools are fast and inexpensive, thus having one of the many password recovery tools available online in the IT department is just smart. Yet, while there are many recovery tools available, how many of them can clock a smooth billion passwords a second?» Read more

  219. Wi-Fi Encryption Broken by ElcomSoft. PCDistrict 10/09/2008

    «The recovery of WPA and WPA2 encryption used in the Wi-Fi protocol has been accelerated by ElcomSoft Co. Ltd. by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only.» Read more

  220. The Art of Recovering Passwords. Techans 08/09/2008

    «We are unaware of any free utility which can recover passwords from Microsoft Excel, Word, Powerpoint, Access files. But if you don't mind paying, then Elcomsoft'sAdvanced Office Password Recovery will do the job for you.» Read more

  221. ElcomSoft Recovers Lost Passwords, Audits Security. 29/08/2008

    «One indication of the challenges of heightened computer security, according to ElcomSoft, is that nearly half of support calls to IT are related to lost or forgotten passwords, with each incident costing the company an average of $30 to $50 to resolve.» Read more

  222. 23 Powerful Utilities. PC Magazine 14/05/2008

    «Locking your car to keep the street punks from stealing it is smart. But when you lock the keys inside it, that's a whole different security problem. In the same way, Windows handily encrypts private files, but many common events can leave you locked out as well. If you've just plain forgotten the password, you're screwed. Had you previously backed up your encryption credentials, you could regain access to your files, but few users have the foresight and technical skill to do this. Don't worry: ElcomSoft's Advanced Encrypting File System Data Recovery (AEFSDR) can get you out of this jam.» Read more

  223. Geforce cracks Windows passwords. 26/10/2007

    «Security firms warned today that laptop hard disks should be encrypted as a matter of urgency following the release of a utility that uses graphics cards to crack Windows passwords. An eight-character Windows password can be cracked in less than five days using version 2.0 of Moscom-based Elmscroft's Distributed Password Recovery System in conjunction with an Nvidia Geforce 8 card - something that would take months with a standard processor. The time can be reduced further by adding graphics processors (GPUs) either within the same machine, or several machines, or both.» Read more

  224. Password cracking, the new use for high speed GPUs. TG Daily 24/10/2007

    «It may not be the most popular thing to consider, but high-end graphics cards contain a very powerful internal computing engine, called the GPU. This massively parallel device can attack a problem in parallel, rather than serial as most CPUs are required to process data. This means it can compute many hundreds of simultaneous calculations. This is actually how 3D graphics cards get their high-speed gaming abilities. Still, a new use has been found for this robust computing engine: password cracking.» Read more

  225. Developer deploys graphics cards to accelerate password cracks. The Register 24/10/2007

    «Nvidia's GeForce 8 series of graphics chips can be used to crack Windows NT LAN Manager (NTLM) passwords 25 times more quickly than was previously possible, security software developer Elcomsoft has claimed. The Russia-based company this week announced the second major release of its Distributed Password Recovery application, a tool designed to recover forgotten or lost passwords for a wide range of application and document types, including PDP-protected ZIP files, Adobe Acrobat PDFs, Lotus Notes ID files and Microsoft Office documents.» Read more

  226. Interview with Vladimir Katalov, CEO of ElcomSoft. Help Net Security 07/09/2006

    «Vladimir Katalov is working in ElcomSoft from the very beginning. He created the first program the password recovery software line has started from: Advanced ZIP Password Recovery. Now he coordinates the software development process inside the company and develops strategic plans for future versions.» Read more