YellowKey: An Unexpected Backdoor into BitLocker, and Why You Should Be Paying Attention
May 18th, 2026 by Oleg Afonin
On May 12, 2026, a researcher operating under the handles Chaotic Eclipse and Nightmare-Eclipse dropped a working proof-of-concept on GitHub for a Windows zero-day called YellowKey. In short, it lets anyone with brief physical access to a BitLocker-protected Windows 11, Windows Server 2022, or Windows Server 2025 machine pop a command prompt with full read access to the encrypted volume. No password. No recovery key. No TPM sniffing rig. A USB stick and a key combination during reboot.
Breaking Into iCloud: No Password Required
June 17th, 2014 by Vladimir Katalov
With little news on physical acquisition of the newer iPhones, we made every effort to explore the alternatives. One of the alternatives to physical acquisition is over-the-air acquisition from Apple iCloud, allowing investigators accessing cloud backups stored in the cloud. While this is old news (we learned to download data from iCloud more than two years ago), this time we have something completely different: access to iCloud backups without a password! The latest release of Phone Password Breaker is all about password-free acquisition of iCloud backups.
Phone Password Breaker with all-new UI, BlackBerry 10 support, and downloading Windows Phone 8 data from the cloud
May 8th, 2014 by Vladimir Katalov
This time, we are updating our bread-and-butter mobile forensic tool, Elcomsoft Phone Password Breaker, to version 3.0 (beta). This new version has many things that are new or have changed. Let’s see what’s new, and why.
Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask
March 31st, 2014 by Vladimir Katalov
Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Our colleague and friend Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud backups.
Our Autumn Events Digest
November 6th, 2013 by Olga Koksharova
This fall has been quite rich in IT security events for ElcomSoft. We managed to visit a number of conferences and trade shows in order to, as we say in Russia, see the others and be seen 🙂
Forensic Day in Karlsruhe
September 27th, 2013 by Oleg Afonin
We’ve just returned from Karlsruhe, Germany from an event named FTDay. Hosted by mh-Service, a long-time ElcomSoft partner in Germany, this was a small but quality event. The first day was packed with sessions. The second day was dedicated to practical workshops.
