ElcomSoft

Every day in every way, #passwords are getting worse and worse theregister.com/2026/02/23/pas…

@oxygenforensic If you are not yet aware, Oxygen Forensics Detective is completely developed in Russia, despite the fact that it is marketed as "truly American". In fact, the IP belongs to the offshore company registered in Cypгus, while the owners of that Cyprus company are citizens of Russia.

If you are not yet aware, a well-known digital forensics software provider has modified their license terms to prohibit the use of their product on behalf of clients (as opposed to internal investigations). Might you be in violation? Here is an overview: bit.ly/44S0rng

Eighteen years ago, before “GPU acceleration” and “AI data center” became household terms, a small hi-tech company changed the rules of cryptography #dfir blog.elcomsoft.com/2025/11/eighte…

Most real-world passwords aren’t random – they follow the owner’s habits, preferences, and personal history. This article explains how to transform user data into a focused attack strategy blog.elcomsoft.com/2025/11/levera… #dfir #passwords

Password Managers: Security, Risks, and Forensic Implications blog.elcomsoft.com/2025/11/passwo… #dfir #passwords

Big news is coming – and this time, it’s from the living room. Our team has successfully extracted a complete file system image from an Apple TV 4K running tvOS 26 blog.elcomsoft.com/2025/11/breaki… #dfir

Elcomsoft System Recovery, a powerful digital triage tool, is updated with support for the newest Windows Server 2025 ntds.dit database, BitLocker key exporting, advanced data export capabilities, and improved disk imaging elcomsoft.com/news/872.html #dfir

Our customers often ask us which exact iOS versions are supported by iOS Forensic Toolkit. There’s always a temptation to answer “all of them,” and while that answer is technically correct, there are a lot of caveats. The devil is in the details blog.elcomsoft.com/2025/11/which-… #dfir

Many large-scale breaches have started from simple oversights: unpatched systems, missing 2FA, or weak passwords. This article reviews major incidents caused by such failures and outlines practical steps to avoid becoming the next Louvre. blog.elcomsoft.com/2025/11/dont-b… #dfir

The latest update to iOS Forensic Toolkit brought bootloader-level full file system and keychain extraction to a bunch of old iPads, Apple TVs and first-gen HomePod running OS versions 17 and 18 blog.elcomsoft.com/2025/11/explor… #dfir

It’s better to connect external USB-C devices to a USB-C port (USB 3.2 Gen2 or faster). But if you’re limited to USB-A connection, you need a USB C to A cable, and choose the right one very carefully — and that’s not the only thing that matters blog.elcomsoft.com/2025/10/all-us…

Some time ago, we tested NVMe disk imaging performance, focusing mainly on software. This time, we turned our attention to hardware connections: which ports deliver the best results, and whether using a USB hub affects imaging speed and reliability. blog.elcomsoft.com/2025/10/effect… #dfir

How the latest build of iOS Forensic Toolkit can pull Unified Logs directly from an iPhone or iPad during advanced logical extraction blog.elcomsoft.com/2025/10/extrac… #dfir

When an iPhone is seized and later re-examined, forensic teams sometimes find that data present in an earlier extraction are missing from a subsequent backup or filesystem image. What kinds of data are affected and how long do they usually live? blog.elcomsoft.com/2025/10/eviden… #dfir

The latest update of EDPR can now attack master passwords protecting databases from Bitwarden, Dropbox Passwords, Enpass, Kaspersky, Keeper, Roboform, Sticky Password, and Zoho Vault password managers blog.elcomsoft.com/2025/09/breaki…

Apple Face ID: Security Implications and Potential Vulnerabilities blog.elcomsoft.com/2025/09/apple-… #dfir

Apple Watch S0 forensics: cracking the passcode, full physical acquisition blog.elcomsoft.com/2025/07/perfec… #dfir

We previously tested disk imaging speeds using high-performance storage devices. But raw speed is only part of the equation. In this article, we explore the key reasons why both speed and accuracy can fall short during disk imaging. blog.elcomsoft.com/2025/07/issues… #dfir

Can AI help with password cracking? The idea sounds promising: use LLMs to produce rules and templates for guessing highly probable password variants, prioritizing the most likely ones first. But in practice, things aren’t so straightforward. blog.elcomsoft.com/2025/07/ai-dri… #dfir

Apple’s unified logging system offers a wealth of information for forensic investigators analyzing iOS, iPadOS, watchOS, tvOS devices. This article explores the content, availability, and forensic value of these logs blog.elcomsoft.com/2025/06/extrac… #dfir