Digital Triage Masterclass
April 28th, 2026 by Oleg Afonin
For decades, the forensic “gold standard” was straightforward: isolate the machine, pull the plug, and image the drive. In that era, what you saw on the screen was exactly what you would extract, bit by bit, from the magnetic platters. Today, that assumption is outdated, and is actively detrimental to an investigation. The digital forensics landscape is shifting too fast, and traditional “dead-box” methods cannot keep up with modern realities. As investigations face a crisis of scale, with terabytes of data spread across dozens of seized devices, the old “image everything, analyze later” approach has created massive backlogs that let critical leads go cold.
Breaking Into iCloud: No Password Required
June 17th, 2014 by Vladimir Katalov
With little news on physical acquisition of the newer iPhones, we made every effort to explore the alternatives. One of the alternatives to physical acquisition is over-the-air acquisition from Apple iCloud, allowing investigators accessing cloud backups stored in the cloud. While this is old news (we learned to download data from iCloud more than two years ago), this time we have something completely different: access to iCloud backups without a password! The latest release of Phone Password Breaker is all about password-free acquisition of iCloud backups.
Phone Password Breaker with all-new UI, BlackBerry 10 support, and downloading Windows Phone 8 data from the cloud
May 8th, 2014 by Vladimir Katalov
This time, we are updating our bread-and-butter mobile forensic tool, Elcomsoft Phone Password Breaker, to version 3.0 (beta). This new version has many things that are new or have changed. Let’s see what’s new, and why.
Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask
March 31st, 2014 by Vladimir Katalov
Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Our colleague and friend Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud backups.
Our Autumn Events Digest
November 6th, 2013 by Olga Koksharova
This fall has been quite rich in IT security events for ElcomSoft. We managed to visit a number of conferences and trade shows in order to, as we say in Russia, see the others and be seen 🙂
Forensic Day in Karlsruhe
September 27th, 2013 by Oleg Afonin
We’ve just returned from Karlsruhe, Germany from an event named FTDay. Hosted by mh-Service, a long-time ElcomSoft partner in Germany, this was a small but quality event. The first day was packed with sessions. The second day was dedicated to practical workshops.
I’ve Got the iTunes Backup from the iCloud. What Shall I Do Now?
September 3rd, 2013 by Vladimir Katalov
This is the second part of Elcomsoft Phone Password Breaker Enhances iCloud Forensics and Speeds Up Investigations article.
Elcomsoft Phone Password Breaker Enhances iCloud Forensics and Speeds Up Investigations
August 22nd, 2013 by Vladimir Katalov
It’s been a while since we updated Elcomsoft Phone Password Breaker, dedicating our efforts to physical acquisition of iOS devices instead. Well, now when the new iOS Forensic Toolkit is out, it is time to update our classic phone recovery tool.
The New Elcomsoft iOS Forensic Toolkit
July 17th, 2013 by Vladimir Katalov
Soon after releasing the updated version of iOS Forensic Toolkit we started receiving questions about the new product. Did we really break iPhone 5? Does it truly work? Are there limitations, and what can you do about them? We decided to assemble all these questions into a small FAQ. If you’d rather read the full, more technical version of this FAQ, visit the following page instead: Elcomsoft iOS Forensic Toolkit FAQ. Those with non-technical background please read along.
REcon 2013: Breaking Apple iCloud
July 3rd, 2013 by Oleg Afonin
I’ve just returned from REcon 2013 held in Montreal, where I talked about breaking iCloud services (everyone: the slides from that presentation are available right here, and the organizers promised a video soon). I spoke about WHY breaking the iCloud, HOW we did it and WHO can use it. I can briefly stop here, and elaborate the points.
