Season’s Greetings and 2022 in Review

December 22nd, 2022 by Olga Koksharova
Category: «General»

The new year is fast approaching, and of course we are curious to know what it has in store for us in the field of computer, mobile, and cloud forensics. But before 2022 is over, we invite you to take a moment to reflect on what 2022 has been like for us. More research, development and updates remained our top priority, as it has been in all previous years. We have continued with constant improvement to our solutions by launching new features and expanding product capabilities. We’ve also got a chance to attend some conferences to meet with you in person and share our expertise. So, here’s our take on the results of 2022.

Networking

This year we again visited a few conferences, including FT-Day in Kandel by mh-Service GmbH and On Scene Triage online conference by The Investigator where we successfully delivered reports on the latest achievements in the field of mobile and computer forensics. Nothing can replace a face-to-face meeting, which is why we will continue to visit our partner conferences delivering our news and achievements.

Mobile and Computer Forensics

In addition to our seminar activities, we have been actively working on the products, and delivered more than 20 updates this year. Traditionally, Elcomsoft iOS Forensic Toolkit with a dozen new releases took the palm for updates. This year we officially launched the eighth version of the product, having previously perfected the functionality with the twelve beta versions. The all-new Elcomsoft iOS Forensic Toolkit 8 implements forensically sound data extraction, file system imaging and keychain decryption for 76 iPhone, iPod Touch, iPad, Apple Watch and Apple TV models, multiple generations of iOS and three generations of architecture.

Elcomsoft iOS Forensic Toolkit 8.0 brings a new, advanced user experience built around the command line, allowing experts to stay in control of every step of the extraction process. The toolkit now supports all possible acquisition methods including advanced logical, agent-based and checkm8-based low-level extraction.

In addition, Elcomsoft Phone Breaker and Elcomsoft Phone Viewer have been updated in the mobile product line, adding support for Windows 11, macOS 12 Monterey and 13 Ventura operating systems.

Elcomsoft Distributed Password Recovery has also received a number of updates, including support for password recovery for Acronis, Macrium and Veeam encrypted backups, support for LUKS2 and Windows Hello PINs, and support for the Alder Lake hybrid architecture.

And finally, our digital filed triage tool, Elcomsoft System Recovery was updated with a host of bootable forensic triage tools to help experts analyze computer systems in the field. The tool also added the ability to recover Windows 10 PIN codes and Windows 11 accounts with in-place PIN recovery, as well as added LUKS2 support and detection of Microsoft Azure accounts.

The Blog Stats

Our blog has also been frequently updated with new articles this year. 50 articles were published and the two most popular are about iPhone X, DFU mode and checkm8 and Preventing BitLocker Lockout and Recovering Access to Encrypted System Drive. Thank you for reading our blog and sharing articles with each other. If you have ideas for new topics that we have not yet covered, leave us a message on Telegram (you can dm to the channel owners) and we will consider your request.

Have a safe and peaceful holiday season, and see you soon in the new year 2023!


REFERENCES:

Elcomsoft Distributed Password Recovery

Build high-performance clusters for breaking passwords faster. Elcomsoft Distributed Password Recovery offers zero-overhead scalability and supports GPU acceleration for faster recovery. Serving forensic experts and government agencies, data recovery services and corporations, Elcomsoft Distributed Password Recovery is here to break the most complex passwords and strong encryption keys within realistic timeframes.

Elcomsoft Distributed Password Recovery official web page & downloads »


Elcomsoft iOS Forensic Toolkit

Extract critical evidence from Apple iOS devices in real time. Gain access to phone secrets including passwords and encryption keys, and decrypt the file system image with or without the original passcode. Physical and logical acquisition options for all 64-bit devices running all versions of iOS.

Elcomsoft iOS Forensic Toolkit official web page & downloads »


Elcomsoft Phone Breaker

Gain full access to information stored in FileVault 2 containers, iOS, Apple iCloud and Windows Phone devices! Download device backups from Apple iCloud and Microsoft OneDrive servers. Use Apple ID and password or extract binary authentication tokens from computers, hard drives and forensic disk images to download iCloud data without a password. Decrypt iOS backups with GPU-accelerated password recovery.

Elcomsoft Phone Breaker official web page & downloads »


Elcomsoft Phone Viewer

Elcomsoft Phone Viewer is a fast, lightweight forensic viewer for quickly accessing information extracted from mobile backups. Supporting a variety of platforms and data formats, the tool can display information extracted from local and cloud iOS backups and Microsoft Accounts. Password-protected iTunes backups can be automatically decrypted and analyzed without using third-party tools.

Elcomsoft Phone Viewer official web page & downloads »


Elcomsoft System Recovery

Reset passwords to local Windows accounts and Microsoft Account and perform a wide range of administrative tasks. Assign administrative privileges to any user account, reset expired passwords or export password hashes for offline recovery, and create forensic disk images. Elcomsoft System Recovery is ready to boot thanks to the licensed Windows PE environment, allowing administrators to access locked computers.

Elcomsoft System Recovery official web page & downloads »