Forensic Analysis of Windows 10 and 11 Event Logs
February 18th, 2026 by Oleg Afonin
The discipline of digital forensics and incident response relies fundamentally on the persistent, systemic traces left by both legitimate users and malicious actors. The Windows Event Log system serves as a primary chronological record of operating system activity, capturing security events, application behaviors, service and driver activity, and user authentication telemetry. Due to the immense volume of background events generated by Windows 10 and Windows 11, isolating forensically relevant artifacts is a highly specialized task. A comprehensive understanding of this logging mechanism is often decisive when reconstructing an incident timeline.
Extracting the File System from iPhone/iPad/iPod Touch Devices
May 23rd, 2011 by Andrey Belenko
In our previous blog post we have described how we broke the encryption in iOS devices. One important thing was left out of that article for the sake of readability, and that is how we actually acquire the image of the file system of the device. Indeed, in order to decrypt the file system, we need to extract it from the device first.
ElcomSoft Breaks iPhone Encryption, Offers Forensic Access to File System Dumps
May 23rd, 2011 by Vladimir Katalov
ElcomSoft researchers were able to decrypt iPhone’s encrypted file system images made under iOS 4. While at first this may sound as a minor achievement, ElcomSoft is in fact the world’s first company to do this. It’s also worth noting that we will be releasing the product implementing this functionality for the exclusive use of law enforcement, forensic and intelligence agencies. We have a number of good reasons for doing it this way. But first, let’s have a look at perspective.
Have you chosen you next smartphone? Why not BlackBerry? :)
May 20th, 2011 by Olga Koksharova
Despite the fact that iPhone and Android keep on biting off greater parts of smartphone market, BlackBerry fans are still there, in spite of its various peculiarities. I won’t compare multi-touch displays, HD cameras, smart sensors, applications or anything like that. I’d rather talk about BlackBerry Desktop Software. Yes, it can create backups, restore information from backups, and synchronize with Outlook only, period. But that’s just not enough… Let’s see what you write in BB forums:
EuroForensics Conference 2011
April 6th, 2011 by Olga Koksharova
So we are back again from EuroForensics Conference which took place in Istanbul a week ago, and it feels everything went fantastic. All preparations were quick and painless (our special regards to Kaukab Jamal ZUBERI, Bilal YILMAZ, Meryem Parlak, Canan Tas and the whole team of Forensic People), the event went smoothly with a marked emphasis on the first day, when we were almost stunned by crowds of computer forensic specialists, military people in uniform, government and other security researchers (I personally have never seen so many officials at one place before).
ElcomSoft Opens a Password Store to Sell Passwords Balancing Strength and Memorability
April 1st, 2011 by Olga Koksharova
Great news, ElcomSoft starts Elcomsoft Password Store, an online service to supply customers with guaranteed secure passwords. The new Password Store provides customers a variety of selections, and complies with all industrial and government requirements regarding the length and complexity of passwords being sold. As a value-added service, the company offers near-instant recovery of all passwords sold through its Password Store for a nominal fee.
Cracking BlackBerry backups is now slower… but still possible, thx to GPU acceleration
December 24th, 2010 by Vladimir Katalov
If you have read our recent Cracking BlackBerry Backup Passwords article, you should be familiar with encryption implemented in BlackBerry Desktop Software. Just reminding:
BlackBerry password cracking: multi-threaded, with hardware-accelerated AES
December 9th, 2010 by Vladimir Katalov
Most modern CPUs are multi-core – it is not easy to find even a laptop with less than two cores these days. And for desktops, 4 cores are usual now.
Canon cannot or mustn’t provide image validation feature?
November 30th, 2010 by Olga Koksharova
A true security system cannot be so fragile: Canon Original Data Security broken…
Firefox, Safari, Opera, and Chrome Passwords Cracked
November 11th, 2010 by Olga Koksharova
What is a Web browser for you? It’s virtually a whole world, all together: web sites, blogging, photo and video sharing, social networks, instant messaging, shopping… did I forget anything? Oh yes, logins and passwords. 🙂 Set an account here, sign in there, register here and sing up there – everywhere you need logins and passwords to confirm your identity.
