Forensic Analysis of Windows 10 and 11 Event Logs
February 18th, 2026 by Oleg Afonin
The discipline of digital forensics and incident response relies fundamentally on the persistent, systemic traces left by both legitimate users and malicious actors. The Windows Event Log system serves as a primary chronological record of operating system activity, capturing security events, application behaviors, service and driver activity, and user authentication telemetry. Due to the immense volume of background events generated by Windows 10 and Windows 11, isolating forensically relevant artifacts is a highly specialized task. A comprehensive understanding of this logging mechanism is often decisive when reconstructing an incident timeline.
Breaking Into iCloud: No Password Required
June 17th, 2014 by Vladimir Katalov
With little news on physical acquisition of the newer iPhones, we made every effort to explore the alternatives. One of the alternatives to physical acquisition is over-the-air acquisition from Apple iCloud, allowing investigators accessing cloud backups stored in the cloud. While this is old news (we learned to download data from iCloud more than two years ago), this time we have something completely different: access to iCloud backups without a password! The latest release of Phone Password Breaker is all about password-free acquisition of iCloud backups.
Phone Password Breaker with all-new UI, BlackBerry 10 support, and downloading Windows Phone 8 data from the cloud
May 8th, 2014 by Vladimir Katalov
This time, we are updating our bread-and-butter mobile forensic tool, Elcomsoft Phone Password Breaker, to version 3.0 (beta). This new version has many things that are new or have changed. Let’s see what’s new, and why.
Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask
March 31st, 2014 by Vladimir Katalov
Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Our colleague and friend Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud backups.
Our Autumn Events Digest
November 6th, 2013 by Olga Koksharova
This fall has been quite rich in IT security events for ElcomSoft. We managed to visit a number of conferences and trade shows in order to, as we say in Russia, see the others and be seen 🙂
Forensic Day in Karlsruhe
September 27th, 2013 by Oleg Afonin
We’ve just returned from Karlsruhe, Germany from an event named FTDay. Hosted by mh-Service, a long-time ElcomSoft partner in Germany, this was a small but quality event. The first day was packed with sessions. The second day was dedicated to practical workshops.
