Articles about Us


  1. Hackers can still access your iCloud, even with two-step enabled! PC Tech 18/12/2014

    «If you expect two-step verification to be the ultimate protection against your iCloud, then think again. An update to Elcomsoft’s Phone Breaker software now makes it easier for guys to bypass Apple’s vaunted new two-factor authentication to steal your iCloud stuff.» Read more

  2. Hacking your iCloud files just got easier, even with two-step enabled Engadget 18/12/2014

    «An update to Elcomsoft's Phone Breaker software now makes it easier for good or bad guys to bypass Apple's vaunted new two-factor authentication to steal your iCloud stuff. As before, the hackers would need some information to start with -- either your Apple ID/password plus a two-factor code, or a digital token stolen from, say, your laptop.» Read more

  3. Phone Breaker iCloud-hacking software now supports 2FA, allows access to WhatsApp & iWork files 9TO5MAC 18/12/2014

    «It’s not as scary as it sounds – the software can only be used once the attacker already has an Apple ID and password, together with either a second trusted device or your recovery key. A phishing attack is the most common way to obtain these, so as long as you use strong, unique passwords and don’t click on links in emails claiming to be from Apple, you should be safe. But it does allow users of the software to download either entire iPhone backups or selected data direct from iCloud much more easily than having to go through a compromised device by hand.» Read more

  4. The App That Makes It Incredibly Easy For Hackers To Break Into Your iPhone Just Got Even Scarier Business Insider 18/12/2014

    «Elcomsoft Phone Breaker, the app that some think hackers used to break into Kate Upton's iCloud account in September, just got a massive update that makes it even easier to steal information. The update allows users to break into iCloud accounts that have two-factor authentication enabled, the company announced on Thursday.» Read more

  5. Forensic software gets around Apple's iCloud security features PCWorld 17/12/2014

    «A Russian software company has updated its forensic software to work-around the security features Apple recently added to iCloud and increased what information can be extracted from the cloud storage service.» Read more

  6. Apple passcode-protects iOS 8 devices, but cops can still inhale your iCloud The Register 23/09/2014

    «Improved security features in iOS 8 prevent Apple from unlocking phones – even for law enforcement. But search warrant-holding cops can still get almost everything through iCloud backups, according to ElcomSoft.» Read more

  7. Apple toughens iCloud security after celebrity breach BBC 17/09/2014

    «Several hackers' forums contain discussions about using of pirated copies of Elcomsoft's "forensic" software, which is marketed as a tool for law enforcement agencies to access iCloud content without needing to be in possession of a suspect's iPhone or iPad. ElmcomSoft's Moscow-based owner told the BBC earlier this month that he believed his software had been used in the recent hacks, as it was "the only one able to do that".» Read more

  8. iPwned: How easy is it to mine Apple services, devices for data? ArsTechnica 11/09/2014

    «In the name of security, we did a little testing using family members as guinea pigs. To demonstrate just how much private information on an iPhone can be currently pulled from iCloud and other sources, we enlisted the help of a pair of software tools from Elcomsoft. These tools are essentially professional-level, forensic software used by law enforcement and other organizations to collect data. But to show that an attacker wouldn’t necessarily need that to gain access to phone data, we also used a pair of simpler “hacks,” attacking a family member’s account (again, with permission) by using only an iPhone and iTunes running on a Windows machine.» Read more

  9. The Russian-made tool that grabs nude selfies from iCloud accounts PC World 04/09/2014

    «There’s a seedy trade in compromising photos stored in Apple iCloud accounts, and it is in part aided by a software program that cleanly collects the data. Some of the nude celebrity photos are believed to have first been circulated on Anon-IB, a definitely not safe-for-work forum. As reported by Wired, the forum is full of offers for iCloud “ripping,” or downloading the entire contents of an account.» Read more

  10. Apple iCloud security exploit is a concern, experts say BBC News 03/09/2014

    «Technology magazine Wired first reported that software from a Russian firm, ElcomSoft, was being mentioned on a hackers discussion group as a useful tool for infiltrating iCloud accounts. The program, marketed to law enforcement agencies, claims to offer access to iCloud content without the operator needing to be in possession of the iPhone or iPad concerned.» Read more

  11. Apple’s Two Factor Authentication Doesn’t Protect iCloud Backups Or Photo Streams TechCrunch 03/09/2014

    «Once they gain access to an Apple account, some are using the login and password to ‘restore’ an iCloud backup using an application by Elcomsoft called the Phone Password Breaker — exporting data including photos and more to a folder which they can then sift through.» Read more

  12. Is Apple iCloud Safe? InfoRiskToday.co.uk 03/09/2014

    «Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.» Read more

  13. Apple two-factor authentication fail leaves iCloud users vulnerable TechTarget 03/09/2014

    «Vladimir Katalov, CEO of Moscow-based ElcomSoft Co. Ltd., agreed that usability is likely the primary concern for Apple's limited two-factor authentication coverage for iCloud. Katalov, who previously detailed the iCloud 2FA limitation, said that in situations where a user loses or breaks a device, they would need to have a separate recovery code stored somewhere to gain access to the iCloud backup, something that may not always be readily available.» Read more

  14. NUDE SELFIE CLOUD PERV menace: Apple 2FA? Sweet FA, more like The Register 03/09/2014

    «Apple's particular shortcomings have been fairly well known in the field of computer forensics, if not the wider IT market, for some time. ElcomSoft security researcher Vladimir Katalov presented research on what portions of iCloud are protected by two-factor authentication at the Hack In The Box security conference last year. His presentation, Modern Computer Forensics,which also covers issues related to Android, BlackBerry backups and Windows Phone 8, can be found here (PDF).» Read more

  15. The Nude Celebrity Photo Leak Was Made Possible By Law Enforcement Software That Anyone Can Get IBT 03/09/2014

    «A law enforcement software tool played a key role in the iCloud hack that saw hundreds of nude celebrity photos released over the weekend, reports Wired. It’s called Elcomsoft Phone Password Breaker. Built by Moscow-based forensics firm Elcomsoft, EPPB is designed to circumvent security on iOS devices so that law enforcement can get data off of bad guys’ phones.» Read more

  16. Meet the police forensic tool pervs used to steal celebrity iCloud nude photos Cult of Mac 02/09/2014

    «Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible. One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.» Read more

  17. The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud Wired 02/09/2014

    «If a hacker can obtain a user’s iCloud username and password with iBrute, he or she can log in to the victim’s iCloud.com account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages.» Read more

  18. Elcomsoft releases new tool to access iCloud data without Apple ID FierceCIO:TechWatch 20/06/2014

    «Elcomsoft has developed a way to access files stored within Apple's iCloud service without knowing a person's Apple ID. Developed by the well-known Russian company to help law enforcement analyze seized computers, the tool works by making use of special authentication tokens obtained from suspects' computers.» Read more

  19. Russian forensic firm's tool snags iCloud backups without an Apple ID CIO 18/06/2014

    «Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person's Apple ID, a development intended to help law enforcement analyze seized computers.» Read more

  20. Forensic tool cracks into iCloud data with no password or Apple ID required Computerworld 18/06/2014

    «Some people pay little attention when there’s a new password cracker because they think along the “bite me” lines of “big deal ‘cause I have a 30-character password securing my account; good luck cracking that.” Other folks are on the other side of the spectrum, knowing a rainbow table isn’t exactly necessary for a highly guessable password like “password” or “123456.” But if you are a big fan of Apple and of iCloud storage, then you might be interested to learn there’s a new forensic tool capable of “over-the-air acquisition of iCloud data without having the original Apple ID and password.”» Read more

  21. Russian company Elcomsoft develops method to compromise Apple (AAPL) iCloud backups PFhub 18/06/2014

    «Proving once again that Russian software experts make superb hackers, Elcomsoft Proactive Software of Moscow, Russia has created a tool that enables accessing the iCloud backups of users who are logged in to their iCloud account, without their cooperation or consent. The tool takes advantage of the method Apple Inc. uses to keep users logged in over an extended period of time without needing to re-enter their passwords.» Read more

  22. How Forensic Tools Unearth Deleted Text Messages CIO 12/03/2014

    «Unlike work email, most mobile text messages don't flow through the corporate network except for the rare exception when employees use a company-deployed texting app. This means text messages are a blind spot for IT -- that is, impossible to monitor.» Read more

  23. How to hack an iPad or iPhone passcode: bypass iOS password security and remove the iPad's lock Macworld 04/03/2014

    «It is possible to hack the iPad passcode, but you need serious software to do so. This is known as forensics software because law enforcement agencies use them when analysing a mobile phone. We tested Elcomsoft iOS Forensic Toolkit and found it a reliable means of cracking an iPad’s passcode.» Read more

  24. Windows 8.1 biometrics support increases security, but do you need it? SearchEnterpriseDesktop 28/10/2013

    «Windows 8.1 Preview comes with the software necessary to register and manage fingerprint-based authentication on the desktop. This removes the need for hardware manufacturers to provide their own apps, helping to avoid problems introduced with third-party software. For example, in the past, a number of computer manufacturers -- including Acer, Dell, Gateway, Lenovo and Toshiba -- had shipped their laptops with UPEK's scanner and software. Last year, ElcomSoft, a certified Microsoft partner in Russia, discovered that UPEK's fingerprint-reader program was storing Windows account passwords in the registry as plain text. The passwords were scrambled, but not encrypted, making them an easy target for hackers and cybercriminals.» Read more

  25. Researcher says iCloud backups have security shortfalls SCMagazine 26/10/2013

    «The Elcomsoft chief executive found that Apple did not extend its two-factor authentication to protect the online backups which were stored on Microsoft and Amazon servers.» Read more

  26. Apple's iCloud iConundrum - does convenience mean insecurity? Naked Security 24/10/2013

    «In his talk, "Cracking and Analyzing Apple's iCloud Protocols", Katalov showed how Apple's optional two-factor authentication is selective in its application, even where it is available.» Read more

  27. Researcher continues exploring iCloud security, some media outlets continue to overreact iMore 21/10/2013

    «Russian security researcher Vladimir Katalov gave a talk last week at Hack in the Box security conference detailing his findings on Apple's iCloud protocols. Katalov's research highlights several shortcomings in iCloud's security model, including the fact that iCloud data is not protected by the two-step verification system Apple rolled out earlier this year.» Read more

  28. User-selected passwords still getting cracked InformationWeek 18/10/2013

    «...At the same time that the power of cracking programs has skyrocketed, researchers are smarter at guessing the ways that users might create passwords, whittling down the lists of possible passwords. By creating better word lists and more intelligent methods of mangling real words and phrases, hackers and researchers can make an untenable computational problem much more feasible, said Olga Koksharova, spokeswoman for password-recovery firm ElcomSoft, in an e-mail interview. "Smart guessing is relevant when passwords are not totally random but when there was used some technique to create a password," she says. "In case of totally random passwords, only brute-force attack can help and that is when speed" becomes most important.» Read more

  29. Apple's iCloud protocols cracked and analyzed Help Net Security 17/10/2013

    «Smartphones carry a lot of sensitive data that in theory should be accessible only to their owners. In practice, a lot of it can be exfiltrated from the devices and from the backups either stored on the device or in the cloud by employing different forensic methods. In his presentation at the Hack in the Box Conference, co-founder and CEO of Russian password-cracking / recovery company ElcomSoft Vladimir Katalov has shared the results of their efforts in cracking and the discoveries they made by analysing Apple's iCloud protocols, as well as those used for Windows Phone and BlackBerry backups.» Read more

  30. Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out The Register 15/10/2013

    «TrueCrypt's documentation makes it plain that it can't secure data on a computer compromised by malware or a hardware keylogger. It's also well known in computer forensics circles that TrueCrypt keys can be recovered from memory, even using commercial tools from the likes of ElcomSoft, given physical access to a powered-up machine.» Read more

  31. ElcomSoft Speeds Up Phone Password Breaker, Enables Real-Time iCloud Recovery Dark Reading 22/08/2013

    «The new release enables selective recovery of certain types of data stored in Apple iCloud, enabling true real-time access to forensically significant information. By enabling real-time access to information stored in iCloud, ElcomSoft provides law enforcement organizations with live access to users' online backups, eliminating the need to wait while the full backup with irrelevant information gets downloaded. At this time, Elcomsoft Phone Password Breaker remains the only tool on the market that can download iCloud backups to a PC. Apple does not support direct data downloads, only allowing to restore iCloud backups onto a freshly initialized iOS device.» Read more

  32. Apple's two-step verification won't protect iCloud data FierceCIO:TechWatch 04/06/2013

    «Contrary to what users may believe, Apple's (NASDAQ: AAPL) two-step authentication does not offer additional protection against hackers who try to get data stored within the iCloud service, according to ElcomSoft CEO Vladimir Katalov. ElcomSoft is a well-known Russian security firm that specializes in a range of password and encryption-busting tools.» Read more

  33. Report: Apple's Two-Step Authentication Doesn't Protect iCloud Data AppAdvice 03/06/2013

    «Apple launched a new two-step authentication system for iCloud back in March, and rolled the feature out internationally a couple of months later. According to a new report, however, iDevice users should be aware that Apple’s two-step authentication does not protect iCloud backups, and nevertheless leaves users vulnerable to the kind of hack which last year controversially struck Wired’s Matt Honan.» Read more

  34. Apple two-factor security efforts “half-hearted,” says security researcher GigaOM 03/06/2013

    «Like many large tech companies, Apple has recently introduced a two-step security measure for Apple users. But Elcomsoft software finds that iCloud data and device backups are left unprotected, and that the company needs to do more to improve user protection.» Read more

  35. Apple IDs vulnerable even after 'two-factor authentication' Mobile & Apps 01/06/2013

    «Apple was looking at its new two-factor authentication to improve the security for the Apple ID and iCloud access, but it seems like the Cupertino-based tech giant has to work harder to provide better protection to its users' data.» Read more

  36. iCloud users take note: Apple two-step protection won’t protect your data Ars Technica 31/05/2013

    «If you think your pictures, contacts, and other data are protected by the two-step verification protection Apple added to its iCloud service in March, think again. According to security researchers in Moscow, the measure helps prevent fraudulent purchases made with your Apple ID but does nothing to augment the security of files you store. To be clear, iCloud data is still secure so long as the password locking it down is strong and remains secret. But in the event that your account credentials are compromised—which is precisely the eventuality Apple's two-factor verification is intended to protect against—there's nothing stopping an adversary from accessing data stored in your iCloud account. Researchers at ElcomSoft—a developer of sophisticated software for cracking passwords—made this assessment in a blog post published Thursday.» Read more

  37. Apple's new security system has holes CNNMoney 31/05/2013

    «Apple recently beefed up its authentication system in an effort to thwart hackers, but a new report shows the security measure is lacking in one huge area. Back in March, Apple (AAPL, Fortune 500) unveiled an optional "two-factor authentication" login method for its Apple ID. It's a basic security tool already used by Google (GOOG, Fortune 500), Facebook (FB) and Dropbox that requires both a password and a piece of data, such as a string of numbers sent via text message. Twitter also recently unveiled such a system following a series of prominent hacks of Twitter accounts. But security software company ElcomSoft explained in a blog post Thursday that Apple's new security measures protect users only in a few situations: app and music purchases, managing an Apple ID account or receiving customer support related to Apple ID. It does nothing to protect other important information, like photos and other files stored on its iCloud service.» Read more

  38. Apple’s two-factor authentication is not very thorough Infosecurity 31/05/2013

    «Back in February, Norwegian hackers were raiding teenage girls’ iCloud accounts, downloading photos and offering them for sale. By March, Apple had introduced and started to roll out optional two-factor authentication to improve security. But it’s not that good, reports Elcomsoft.» Read more

  39. Apple 2FA doesn't cover iCloud SC Magazine, Australia 31/05/2013

    «Attackers can bypass Apple's two-factor authentication to download and install a victim's iPhone and iPad backups, a security firm has revealed. The Cupertino company deployed two-factor authentication for Apple identities in March, requiring a second form of verification for account management and iTunes or App Store purchases. But it did not extend the security across its iCloud service, meaning an attacker with a target's username and password in hand could still download and restore an iOS backup.» Read more

  40. iCloud not protected by Apple’s two-factor authentication, say researchers SlashGear 31/05/2013

    «Apple introduced two-factor authentication (or two-step verification if you’d like to call it that) with iCloud back in March, adding an extra layer of security to its cloud backup system. However, security researchers say that iCloud is still vulnerable to a break-in if your password is stolen.» Read more

  41. Apple's two-factor security isn't as good as Microsoft or Google's, say experts The Register 31/05/2013

    «But according to research from security biz Elcomsoft, Apple did a "half-hearted job" of implementing its verification system, "leaving ways for the intruder to access users’ personal information, bypassing the (optionally enabled) two-factor authentication". Specifically iOS Backups and iCloud data is not protected by two-factor authentication.» Read more

  42. Apple’s Two-Step iCloud Authentication Deemed Unsecure By Third-Party Security Firm redOrbit.com 31/05/2013

    «Apple recently rolled out two-step authentication check for iCloud to protect users from having their account info changed without an additional, one-time password. They were a tad late to the game, however, as companies like Dropbox, Google, Facebook, Twitter and others have already implemented this additional security step for their users.» Read more

  43. Apple's two-factor authentication leaves holes for hackers NBC News 31/05/2013

    «If you signed up for Apple's latest security feature, known as two-factor authentication, you'd be right to feel that your online info is a bit more secure — but researchers have found that there are still some major gaps in its protection that you should be aware of.» Read more

  44. Apple's new security system fails to protect files stored in iCloud, says security firm Read more: Apple's new security system fails to protect files stored in iCloud, says security firm FierceMobileIT 31/05/2013

    «Apple's (NASDAQ: AAPL) new two-factor authentication system does not apply to iCloud backups, enabling a hacker with a user's Apple ID and password to download and access information stored in iCloud, according to Vladimir Katalov with security firm ElcomSoft. Read more: Apple's new security system fails to protect files stored in iCloud, says security firm - FierceMobileIT http://www.fiercemobileit.com/story/apple-new-security-system-fails-protect-files-stored-icloud-says-security-f/2013-05-31#ixzz2V9p8DSUF Subscribe at FierceMobileIT» Read more

  45. Elcomsoft Details Lapses in Apple’s Two-Factor Authentication Approach TidBITS 30/05/2013

    «When Apple added optional two-factor authentication for Apple IDs recently, many applauded the move (as we did in “Apple Implements Two-Factor Authentication for Apple IDs,” 21 March 2013). Requiring both a static password and a temporary code for logins from new devices reduces the chance of an undesirable party — online criminal, spurned lover, or repressive government — gaining access to your account. Two-factor authentication doesn’t eliminate the possibility of an account being compromised, but it sets the bar significantly higher.» Read more

  46. Apple’s Two-Step Authentication Doesn’t Protect Your iCloud Backups Cult of Mac 30/05/2013

    «Apple's two-step authentication process is designed to make your Apple ID more secure...» Read more

  47. Security Researcher Raises Concerns over Apple's Two-Step Authentication iMore.com 30/05/2013

    «CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.» Read more

  48. Apple iPhone Decryption Backlog Stymies Police InformationWeek 14/05/2013

    «Apple is overwhelmed by requests from law enforcement agencies to decrypt seized iPhones, and its waiting list is so long that it may take months before new requests get handled. That revelation, first reported by CNET, was gleaned from a search warrant affidavit for a seized iPhone last summer by a federal agent who was investigating a Kentucky man on crack cocaine distribution charges.» Read more

  49. Apple deluged by police demands to decrypt iPhones CNET 10/05/2013

    «ATF says no law enforcement agency could unlock a defendant's iPhone, but Apple can "bypass the security software" if it chooses. Apple has created a police waiting list because of high demand. [...] Elcomsoft claims its iOS Forensic Toolkit can perform a brute-force cryptographic attack on a four-digit iOS 4 or iOS 5 passcode in 20 to 40 minutes. "Complex passcodes can be recovered, but require more time," the company's marketing literature says.» Read more

  50. Apple Decrypts iPhone For the Police, But It Makes Them Wait [Report] Cult of Mac 10/05/2013

    «Apple Decrypts iPhone For the Police, But It Makes Them Wait.» Read more

  51. Picture imperfect The Economist 09/03/2013

    «A feature introduced several years ago by Canon and Nikon, the two leading camera manufacturers, gives photographers a way to prove, if challenged, that their images have not been manipulated. When a picture is taken, the cameras attach a coded signature that is destroyed if the image is modified and resaved. An intact signature, then, should prove that a photo is genuine. But researchers at ElcomSoft, a computer-security firm based in Moscow, have shown that the system is easily fooled. Counterfeiters can copy an image’s security signature and reapply it after retouching, says Vladimir Katalov, ElcomSoft’s boss.» Read more

  52. Forensic tool to decrypt TrueCrypt, Bitlocker and PGP contains and disks released Ghacks 07/02/2013

    «Elcomsoft’s Forensic Disk Decryptor works well if you can get your hands on a memory dump or hibernation file. All attack forms require local access to the system. It can be a useful tool if you forgot the master key and desperately need access to your data. While it is quite expensive, it costs €299, it may be your best hope of retrieving the key, provided that you are using hibernation or have a memory dump file that you have created while the container or disk were mounted on the system. Before you make a purchase, run the trial version to see if it can detect the keys.» Read more

  53. ElcomSoft: Nvidia Tesla K20 Beats a Dual GPU Configuration in Password Cracking Bright Side Of News 07/02/2013

    «When Nvidia announced the 7+ billion transistor part codenamed GK110 as the chip behind the Tesla K20 and upcoming high-end Quadro and GeForce boards, a lot of questions were asked just how much compute power was taken out of GK104 chips, which now power the majority of Nvidia's lineup (GeForce GTX 660 Ti/670/680/690, Quadro K3000/K4000/K5000, Tesla K10). Thanks to ElcomSoft, we now know the answer to that question.» Read more

  54. BitLocker, PGP and TrueCrypt encryption weakened by new attack tool PC Advisor 03/01/2013

    «Russian password-cracking wizards ElcomSoft have announced a new product that can retrieve decryption keys for BitLocker, PGP and open source favourite TrueCrypt as long as the encrypted volumes were not securely demounted.» Read more

  55. Elcomsoft’s Forensic Decryption Software Moves the Needle for Practical Cryptography SiliconANGLE 24/12/2012

    «Cryptography is the go-to defense for cybersecurity, it’s essentially the strongbox of the computing era—and just like a strongbox it’s not designed to keep the contents perfectly safe from all perpetrators, it’s designed to resist their attempts to get at it. It’s still possible for the Hole In The Wall gang to derail your train, make off with your payroll safe, and blow it open with TNT. However, given that technology to defeat locks advances with technology to make better locks, we can expect more subtle forms of extracting encrypted contents than TNT (brute force.) News is that Elcomsoft just released a Forensic Disk Decryptor running at about $299. According to the press, this software can beat protected volumes generated by popular crypography apps such as BitLocker, PGP and TrueCrypt» Read more

  56. BitLocker, PGP, TrueCrypt cracked real-time with $299 tool VR-Zone 21/12/2012

    «A Russian security firm has announced that their forensic disk decryptor software package can now access any information on disks that have been encrypted with industry standard programs. The program cost $299 and will work against BitLocker, PGP, and TrueCrypt; but even worse it can do it in real-time.» Read more

  57. $300 tool can decrypt PGP, TrueCrypt files without a password geek.com 21/12/2012

    «Russian company ElcomSoft today threw their grey hat firmly into the top-secret ring of internationally important security companies. Though the actual innovation is quite simple, the company today announced a $500 piece of hardware that could change the face of electronic security for some time to come.» Read more

  58. Still putting your crypto-protected PC in hibernate? $300 app can hack it ArsTechnika 21/12/2012

    «Cracking PGP, TrueCrypt, and other strong encryption packages just got more affordable, with the release of a $300 package that can pluck decryption keys out of computer memory in certain cases.» Read more

  59. Commercial tool nabs BitLocker, Truecrypt passwords SC Magazine AU 21/12/2012

    «A Russian forensics outfit has launched a tool to pluck passwords used in Microsoft BitLocker, Symantec PGP whole disk encryption and TrueCrypt. Decryption keys were extracted from the software when encrypted volumes were mounted, including when the Windows machines were powered off.» Read more

  60. World’s Most Used Encryption Technologies, Cracked in No Time with $299 Forensics Tool HOTforSecurity 21/12/2012

    «With more and more sensitive data on mobile devices, software encryption has witnessed quite a boom in recent years. Backed by independent developers (such as TrueCrypt) or built into the operating system directly (BitLocker), software encryption managed to keep data away from prying eyes. Until now. Russian data recovery specialist Elcomsoft, announced immediate availability for their Elcomsoft Forensic Disk Decryptor, software that can unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. While these data containers are virtually unbreakable without the password used at encryption time, they can be easily decrypted using an unconventional approach: retrieving the key from the system memory.» Read more

  61. WARNING: Losing your privacy: one security utility at a time ... Your encrypted disk may not be safe anymore! One Citizen Speaking... 21/12/2012

    «Elcomsoft, a Russian company has now provided the world with a new utility to allow the examination of encrypted disks protected with BitLocker, PGP and TrueCrypt. For those who do not remember, Elcomsoft was the first company charged by the United States Government with violating the Digital Millennium Copyright Act for publishing the workarounds to crack Adobe’s pathetic PDF security. The presenter, Dmitry Sklyarov, was arrested by the U.S. authorities and held without bail – causing a major uprising in the tech community. (Full disclosure: I was involved in the case and presented live code examples to the FBI that there was a legitimate and fair use case to be made for Elcomsoft’s products under the DMCA.) And I was just as outraged over the jailing of Dimity as the rest of the tech community. To allow Adobe to continue the fiction that their products were safe and secure for use in the financial industry was a breach of faith and trust.» Read more

  62. PGP, TrueCrypt-encrypted files CRACKED by £300 tool TheRegister 20/12/2012

    «ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data. Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods and forensic specialists. PGP and TrueCrypt set the industry standard for whole-disk or partition encryption.» Read more

  63. This $299 tool is reportedly capable of decrypting BitLocker, PGP, and TrueCrypt disks in real-time TheNextWeb 20/12/2012

    «Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008. The price tag isn’t outrageous, but EFDD will still set you back a solid $299.» Read more

  64. Forensic Tool Cracks BitLocker, PGP, TrueCrypt Containers InformationWeek Security 20/12/2012

    «The software from ElcomSoft -- a Russian provider of encryption-cracking software and other digital forensic tools -- accomplishes the feat not by cracking the containers themselves, but rather by exploiting the fact that once the containers are accessed, the decryption passwords get stored in computer memory. The software is designed to be used by digital forensic investigators -- for example, when investigating suspected insider theft incidents.» Read more

  65. Forensic access to encrypted BitLocker, PGP and TrueCrypt containers Help Net Security 20/12/2012

    «The complete decryption mode provides full, unrestricted forensic access to all information stored on encrypted volumes. Alternatively, by mounting encrypted containers as drive letters, investigators gain immediate, real-time access to protected volumes. In real-time mode, information read from encrypted containers is decrypted on-the-fly. The software offers true zero-footprint operation with no alterations or modifications to original content ever.» Read more

  66. New tool targets BitLocker, TrueCrypt full disk encryption FierceCIO 20/12/2012

    «Russian digital forensics firm ElcomSoft has unveiled a new Forensic Disk Decryptor software that it says can make it possible to decrypt encrypted file volumes protected by tools such as BitLocker, PGP and TrueCrypt. [...] ElcomSoft has a long track record of successfully crafting attacks against security mechanisms such as the image verification system for Nikon and Canon cameras, the on-board encryption employed by the iPhone 3GS and even the encryption used by the BlackBerry Desktop Software to protect data backups.» Read more

  67. Popular disk encryption systems cracked Simon Edwards 20/12/2012

    «If you want your laptop's data to remain secure, even when stolen, one excellent solution is to encrypt the hard disk's partitions or even the whole disk. Popular options include Microsoft's BitLocker, Symantec's PGP Whole Disk Encryption and the open source TrueCrypt software. Elcomsoft has just announced that all of these encryption systems can be cracked by its new product, Elcomsoft Forensic Disk Decryptor.» Read more

  68. Deeply Flawed Apple-Owned Fingerprint Reader Software a Tough Fix Threatpost 11/10/2012

    «Caudill and fellow researcher Brandon Wilson recreated work done by Russian security company ElcomSoft, which specializes in password recovery solutions. Both were able to extract Windows passwords from the popular fingerprint reader, technology that was acquired by Apple earlier this year.» Read more

  69. Apple subsidiary still not patching ‘security’ software that leaves Dell, Samsung, Lenovo PCs vulnerable (updated) VentureBeat 10/10/2012

    «Almost three months ago, Apple bought AuthenTec, a security company that builds sensors for PCs and phones to verify users and protect communications. One of the company’s products was Protector Suite, a secure way to log into Windows machines with your fingerprint. The only problem? The software stores inadequately encrypted passwords in the Windows Registry. In fact, according to ElemSoft, the passwords were almost in plain text. To put it bluntly, this “security solution” actually made PCs more vulnerable.» Read more

  70. Microsoft Office 2013's enhanced protection scheme cracked ahead of official launch Networkworld / Microsoft Insights 03/10/2012

    «Russian corporate security and IT audit firm ElcomSoft claims to have developed tools with the ability to recover plain-text passwords used to encrypt documents in Microsoft Office 2013. In addition to a host of improvements and other changes, Microsoft beefed up the encryption scheme used to secure users’ data in Office 2013. With Office 2010, Microsoft used an SHA-1 class algorithm with a 128-bit key to encrypt plain-text password-protected documents. With Office 2013, though, Microsoft has moved to a technically more secure SHA-2 class SHA512 algorithm to calculate the hash values for the encryption keys, but it appears even that wasn’t enough. ElcomSoft, a privately owned company headquartered in Moscow, has announced that it has already developed tools to crack Microsoft’s latest protection schemes. Shocking, I know.» Read more

  71. Office 2013 encryption cracked Simon Edwards Blog 26/09/2012

    «According to Elcomsoft's researchers, Microsoft has done a great job beefing up the encryption of its Office documents. This has forced those who want to break it to move from brute forcing techniques to more advanced methods.» Read more

  72. Elcomsoft, UPEK & more Security Nirvana 15/09/2012

    «Elcomsoft has announced that certain versions of fingerprint software named Protector Suite made by UPEK (now part of Authentec) stores your Windows password in a 'scrambled' format in registry. This allows an attacker through different entry points to get easy access to a users Windows password. I have no reason not to believe Elcomsoft in their claims, but UPEK/Autentec seriously disagrees. In the middle of this I happen to have some questions, and an opinion regarding biometric software today.» Read more

  73. Hacking Your Fingerprint: ElcomSoft Finds Security Holes in Biometric Readers Bright Side Of News* 13/09/2012

    «When purchasing notebooks for the enterprise, one of most common requirements is that they have a fingerprint reader, since biometric is considered safe. However, while it may be hard to fake your footprints - a gaping hole was found in the software suite which can expose all of your saved passwords.» Read more

  74. Plenty for crypto fans at 44Con SC Magazine UK 12/09/2012

    «Field Programmable Gate Arrays (FPGAs) allow cost-effective and highly tailored hardware acceleration for a wide range of computing problems and are a very economical solution to the processing needs of modern password cracking.» Read more

  75. iPhone Security Unbreakable? Security Gurus Disagree InformationWeek 23/08/2012

    «Earlier this year, for example, researchers from Moscow-based digital forensic toolmaker Elcomsoft analyzed 13 Apple iOS password managers--a.k.a. password keepers, wallets, and safes--to see if they securely stored passwords. Elcomsoft's interest was more than academic, since the company has long sold tools used by law enforcement agencies to crack iPhone data security. It wanted to know if password safes might provide a further hurdle to forensic investigators.» Read more

  76. ElcomSoft and Pico Computing Demonstrate World’s Fastest Password Cracking Solution VR-Zone 18/07/2012

    «There's no secret that graphics cards such as NVIDIA GeForce, Tesla as well as AMD Radeon are being used by security agencies worldwide. Their goal is to crack the passwords of suspects as much as 10-20x faster than the most expensive Intel processor is able to do. Today, another company is claiming its stake in lucrative security business.» Read more

  77. ElcomSoft and Pico Computing Demonstrate Password Cracking Solution DFINews 18/07/2012

    «ElcomSoft Co. Ltd. has released password cracking solutions supporting Pico’s range of high-end hardware acceleration platforms. ElcomSoft has updated its range of password recovery tools, employing Pico FPGA-based hardware to greatly accelerate the recovery of passwords.» Read more

  78. ElcomSoft, Pico Computing show world's fastest password-cracking solution Homeland Security News Wire 18/07/2012

    «Pico Computing manufactures a range of high-end hardware acceleration platforms, offering a computational equivalent of more than 2,000 dual-core processors in a single 4U chassis; ElcomSoft updates its range of password recovery tools, employing Pico Field Programmable Gate Array (FPGA)-based hardware to accelerate the recovery of passwords» Read more

  79. Elcomsoft iOS Forensic Tookit review Macworld 06/07/2012

    «Extract all data, passcodes and keychains from a locked iPad, iPhone, or iPod touch with professional-grade security software. Forensics extraction is the process of getting into a computer device (in this case an iOS device) and extracting all the data from it. And Elcomsoft's iOS Forensics Toolkit is an incredibly powerful piece of kit that enables you to hack into, and extract pretty much everything on an iPhone (passcodes, keys, files, messages, audio recordings, and so on).» Read more

  80. Forensic tool discovers iCloud backup IDM 21/05/2012

    «ElcomSoft has updated its Phone Password Breaker tool with the ability to retrieve user content from password-protected backups created by Apple iOS devices and BlackBerry smartphones, as well as the ability to retrieve iPhones’ user data from iCloud.» Read more

  81. Beware of iCloud! Snooping software lets police read everything on your iPhone in real-time without you ever knowing Daily Mail 18/05/2012

    «Police - or anyone with a piece of spying software - can track everything you do on your iPhone without needing physical access to your phone. The software, called Phone Password Breaker, can download all of the data from Apple's iCloud service - which backs up all of your pictures, text messages, emails, calendar appointments, call logs, website you have visited, and contacts. As iPhones sync nearly instantaneously with iCloud, anyone who is listening will have near-instantaneous access to your phone - without the owner noticing a thing.» Read more

  82. Forensic Tool Grabs iPhone, iPad Data Remotely InformationWeek 18/05/2012

    «Digital forensic investigators have a new technique for recovering the data stored on an iPhone or iPad: ElcomSoft has updated its Phone Password Breaker cracking tool to automatically retrieve iOS device backups from the Apple iCloud.» Read more

  83. New Forensics Tool Can Slurp A Phone’s Data Via The Cloud Gizmodo Australia 17/05/2012

    «The police don’t even need to touch your phone anymore to know how you’ve been using it. A new off-the-shelf forensics tool lets cops retrieve all the data they want from your iPhone by accessing its contents through iCloud.» Read more

  84. ElcomSoft's iOS Forensic Toolkit cracks iCloud backups Tab Times 17/05/2012

    «A Russian company called ElcomSoft says it’s figured out a way to access a user’s online backups stored in Apple’s iCloud service.» Read more

  85. Mobile password managers: Cracking the security mechanisms Michael Kassner (TechRepublic) 26/03/2012

    «Password managers for mobile devices are convenient. But are the cached passwords sufficiently protected? Michael Kassner asks two experts to explain the vulnerabilities.» Read more

  86. ElcomSoft: Smartphone Password Managers Not Secure SecurityWatch, Neil J. Rubenking 16/03/2012

    «If a disgruntled employee leaves company resources password-locked, ElcomSoft probably has a solution. With over 20 years of experience, the company "provides tools, training, and consulting services to law enforcement, forensics, financial and intelligence agencies." ElcomSoft researchers recently evaluated security in 17 password managers for iPhone and BlackBerry. Their conclusion? There isn't any.» Read more

  87. Elcomsoft Criticism of iOS Password Apps Overblown TidBITS 16/03/2012

    «Major password-keeping apps for iOS use encryption techniques that, depending on the strength of the master password, can be easily overcome in under a day, revealing all of the ostensibly secured passwords, security firm Elcomsoft said in a security conference presentation in the Netherlands.» Read more

  88. ElcomSoft's Password Manager Shakedown ZETETIC 16/03/2012

    «The results are shocking: of the 17 password management programs analyzed, they showed that most of the products, including many of today's most popular password managers» Read more

  89. The contradictions of password psychology InfoSecurity 22/02/2012

    «A new survey on attitudes towards passwords indicates an apparent contradiction: most people want stricter password security policies, but don’t bother changing their own default passwords.» Read more

  90. Security Implications of iOS. SANS Institute InfoSec Reading Room 04/08/2011

    «On May 23, Vladimir Katalov, CEO of ElcomSoft, announced they had found a way to decrypt the hardware protection (Katalov, 2011). This is significant because it revealed the data was not as secure as many thought.» Read more

  91. Forensics at BlackHat2011: iOS Password Decryption Method Revealed. The CyberJungle 03/08/2011

    «There are a number of technical barriers in extracting information from a password protected iOS device. Although earlier versions of iOS (pre 3GS) had data protection methods that are generally considered very weak, newer versions of the iOS have stronger encryption deployed. Many digital forensic examiners have hit a wall when try to acquire digital forensic from password protected iOS devices.» Read more

  92. Passwords alone can't protect your network. InfoWorld 18/01/2011

    «But cloud computing isn't even necessary to take advantage of the benefits of parallel computing. Using Distributed John the Ripper and other password crackers, such as Passware Password Kit Forensics or Elcomsoft's Distributed Password Recovery product, password hackers have long been able to take advantage of every CPU under their control.» Read more

  93. Flaws found in Canon Image Verification System. FierceCIO:TechWatch 14/12/2010

    «Elcomsoft was able to break the system by extracting the secret code used to create the verification data from the internal memory of different Canon camera models. The code is apparently the same across each model of camera; the company told PC World that it has extracted the keys for the EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D to date.» Read more

  94. Programmer cracks Canon photo encryption. ZDNet UK 13/12/2010

    «Programmer and encryption expert Dmitry Sklyarov has found a vulnerability in Canon's OSK-E3 system for ensuring that photos such as those used in police evidence gathering have not been tampered with.» Read more

  95. Canon's digital camera image originality not so original. Kevin Beaver's Security Blog 10/12/2010

    «Well, the folks at Elcomsoft have done it again. This time they've discovered a vulnerability in Canon's Original Data Security system demonstrating that digital image verification data can be forged. Apparently Canon has yet to respond.» Read more

  96. Canon camera encryption cracked. CNET News 10/12/2010

    «The programmer and encryption expert is Dmitry Sklyarov, and his company, Elcomsoft, has found a vulnerability in Canon's OSK-E3 system for ensuring that photos such as those used in police evidence-gathering haven't been tampered with.» Read more

  97. Canon cameras: encryption cracked by Russian programmer! Electricpig 10/12/2010

    «Fast forward to 2010 and Dmitry Sklyarov is back in the spot light, but this time with the help of his company, Elcomsoft. News came in this morning that Sklyarov and his company had found a vulnerability in Canon’s OSK-E3 system for ensuring that photos such as those used in police evidence haven’t been tampered with.» Read more

  98. Russian Software Firm Breaks Canon’s Authenticity Verification, Big Time. Rezalutions 01/12/2010

    «The credibility of photographic evidence becomes vital in numerous situations for insurance companies and courts, as they may accept digital image as indisputable evidence if it can be proven genuine. However, the discovered vulnerability in Canon Original Data Security system proves that verification data can be forged and, thus, the whole verification system cannot be relied upon.» Read more

  99. Russians on the moon? Canon's image verification system cracked. The H Security 01/12/2010

    «Hacker Dmitry Sklyarov has succeeded in extracting the secret signing key from numerous digital SLR cameras and has used it to sign modified images which Canon's latest OSK-E3 security kit verifies as legitimate. Canon's Original Data Security System is intended to show whether changes have been made to photographs and to verify date and location information.» Read more

  100. Analyst finds flaws in Canon image verification system. CIO 01/12/2010

    «But the digital signature can be forged due to design flaws in Canon's system, according to Dmitry Sklyarov, an IT security analyst with Elcomsoft, which specializes in password recover systems. Sklyarov was due to give a presentation on the flaws at the Confidence IT security event in Prague on Tuesday afternoon.» Read more

  101. Canon image originality verification proven useless. Boing Boing 30/11/2010

    «After performing analysis of Canon hardware, ElcomSoft researchers were able to extract secret keys used to calculate authentication data from Canon EOS digital cameras, and use the keys for adding authenticity signatures to a set of manipulated digital images.» Read more

  102. Canon image originality verification proven useless. Help Net Security 30/11/2010

    «After performing analysis of Canon hardware, ElcomSoft researchers were able to extract secret keys used to calculate authentication data from Canon EOS digital cameras, and use the keys for adding authenticity signatures to a set of manipulated digital images.» Read more

  103. Analyst finds flaws in Canon image verification system. Network World 30/11/2010

    «Elcomsoft has published photos -- including one with an astronaut planting the flag of the Soviet Union on the moon -- that, if checked using a smart card and special software from Canon, confirm that the photo has not been tampered with. .» Read more

  104. ElcomSoft cracks Canon’s Digital Signature Algorithm. VizWorld.com 30/11/2010

    «Unfortunately, ElcomSoft today revealed a vulnerability in their algorithm that allows anyone to cryptographically sign any image so that it appears authentic.» Read more

  105. Analyst Finds Flaws in Canon Image Verification System. PCWorld 30/11/2010

    «A cryptographic system used by Canon to ensure that digital images haven't been altered is flawed and can't be fixed, according to a Russian security company that specializes in encryption.» Read more

  106. Cryptographers crack system for verifying digital images. The Register 30/11/2010

    «Russian password-cracking company ElcomSoft said on Tuesday that it's able to extract the original signing key from the Canon Original Data Security Kit and use it to validate fake photos. Canon has billed the service as a way to verify the originality of an image and to confirm that global positioning coordinates, data, time, and other metadata hasn't been changed.» Read more

  107. ElcomSoft's Internet Password Breakers Scares the Crap Out of Us. HotHardware 10/11/2010

    «Listen up ladies and gents, if you aren't in the habit of changing up your passwords every once in awhile, consider doing so. Not only is it good practice in general, but as it turns out, your browser does a pretty piss-poor job of covering your tracks. Enter Russian software maker ElcomSoft, which just announced a password recovery tool called Internet Password Breaker that purportedly works with Firefox, Safari, Opera, and Chrome.» Read more

  108. Windows 7 doesn't end the need to monitor passwords. SearchEnterpriseDesktop.com 26/10/2010

    «It's scary to think about the amount of sensitive information that can be exposed. Don't write off a single incident as a local problem. Instead, consider a breach an enterprise problem, and invoke your incident-response plan -- assuming you even know about it. For example, Figure 1 shows a how Proactive System Password Recovery can easily glean a WPA2 preshared key (PSK) from a Windows 7 machine.» Read more

  109. BlackBerry backup encryption 'broken' by Russians. Computerworld UK 04/10/2010

    «According to Elcomsoft, a weakness in the way BlackBerry has implemented the apparently secure 256-bit AES encryption in its PC and Mac backup program BlackBerry Desktop Software makes it possible to carry out a successful password recovery attack on the backup archive with relative ease.» Read more

  110. ElcomSoft cracks BlackBerry encryption. TG Daily 02/10/2010

    «ElcomSoft has coded a "password breaker tool" to unlock backups created by RIM BlackBerry smartphones. The utility - which is supposedly targeted at forensic investigators - also offers support for cracking a wide range of iOS-based devices.» Read more

  111. BlackBerry Backup Encryption Weak According to Password Cracking Company. BlackBerry Leaks 02/10/2010

    «The BlackBerry encryption algorithm uses AES with a 256-bit key, which is theoretically strong enough. However, the CEO of ElcomSoft, Vladimir Katalov, claims there is a problem with the key generation... Katalov says that even without GPU acceleration, a seven character long password with both uppercase and lowercase letters would be recovered in under three days. But, cracking a single-case password would only take half an hour.» Read more

  112. Cracking passwords with video cards. The Economist 10/09/2010

    «The Russian firm Elcomsoft literally accelerated the trend for short and weak password recovery by tapping into the graphics processing units (GPUs) that power modern computer video cards. A CPU is generalized for all tasks; a GPU specializes and can be vastly faster for specific calculations that align with password cracking. Using a GPU can speed up by as much as a hundredfold certain kinds of brute-force efforts, in which a strong password algorithm is challenged by iterating through every possible character combination at ever-longer lengths.» Read more

  113. We take a look at Elcomsoft iPhone Password Breaker… Its Good. Security Active Blog 04/09/2010

    «Fast forward to 2010 and I find myself looking at iPhones and their suitability for use in the corporate world, and then I hear again about Elcomsoft releasing an iPhone Password Breaker (EPPB). So here we are, reviewing this product, and seeing just how it works and if it does what it says on the tin.» Read more

  114. Short passwords 'hopelessly inadequate', say boffins. The Register 16/08/2010

    «The number crunching abilities of graphics processors were recently applied to commercial password auditing and recovery tools from Russian developer ElcomSoft. It's a safe assumption that black hats are able to use the same type of technology for less laudable purposes.» Read more

  115. Secured iOS Backups Reduce Security, But Not By Much. TidBITS 09/08/2010

    «At first, I thought Elcomsoft had discovered a major flaw in the way that iOS allows iTunes to back up the data store of an iPhone, iPad, or iPod touch. The Russian security firm creates software designed to test the quality of passwords for many different software packages and systems by trying to crack them; it also advertises its software for forensic use.» Read more

  116. iOS 4 Password Breaker by Elcomsoft Now Available. iSmashPhone 07/08/2010

    «Elcomsoft, a Russia-based company that specializes in password cracking, has released their latest version of Password Breaker, which recovers passwords stored in iOS4 devices.» Read more

  117. iPhone Cracking Software Retrieves Passwords. The New New Internet 06/08/2010

    «ElcomSoft of Moscow claims the iPhone Password Breaker software can recover encrypted keychains used by the iPhone 4 to store passwords used for email, third-party software and websites. The software can be used by forensic investigators to recover data without changing the content of the phone, the company says.» Read more

  118. Elcomsoft offers iPhone password cracker. V3.co.uk 06/08/2010

    «Elcomsoft's iPhone Password Breaker is pitched at forensic investigators, and can dig into the handset's operating system and recover previously unavailable content, according to the firm.» Read more

  119. Apple iPhone, iPad Security Goes Into the Toilet and Down the Tubes. BNET 06/08/2010

    «However, a jailbreak exploit — which Apple still hasn’t patched — could also download malware that would easily accomplish this task. Then again, someone could use the password recovery application from Elcomsoft to get into an iPhone backup and grab the information that way.» Read more

  120. Another iPhone Vulnerability: Access iOS Backups Data with iPhone Password Breaker. ReadWriteWeb 05/08/2010

    «Russian computer forensics software company ElcomSoft offers a product called iPhone Password Breaker that enables uses to access backup data from iOS devices. Today the company announced an update to the software that enables users to crack iOS 4 keychains - which may include e-mail and other passwords - without altering the phone's content. ElcomSoft claims to be the first company to be able to crack keychain passwords. According to the company's press release, "Prior to the release of the updated iPhone Password Breaker, the keychains were considered impossible to obtain."» Read more

  121. White hat or black hat? iPhone password cracker rears its head. The Next Web 05/08/2010

    «According to The Register, a Russian password-cracking company has figured out a way to sniff out iPhone passwords without having to jailbreak the device.» Read more

  122. Elcomsoft Releases IPhone 4 Password Cracker. PCWorld 05/08/2010

    «Russian password-cracking company Elcomsoft has released new software that can in some instances figure out the password used to encrypt backed-up iPhone data.» Read more

  123. nVidia GeForce GTX 480 & GTX 480 SLI Review. Bright Side Of News 26/03/2010

    «Starting with today's review, we're introducing ElcomSoft as a part of our test suite. ElcomSoft is a company that produces mission critical analysis and forensics software. With clients such as Interpol and numerous government agencies around the globe, the company has been on a forefront of GPGPU since day one. We used two of their applications: iPhone Password Breaker and Wireless Security Auditor and pitched the GeForce GTX 480 versus the ATI Radeon HD 5870 1GB. The results will probably shock you.» Read more

  124. ATI Graphic cards turbo charge password recovery. The Register 17/03/2010

    «Russian password cracking firm ElcomSoft is using the latest graphics cards from ATI to double the speed of its iPhone password breaker and wireless security auditor products.» Read more

  125. ATI Radeon HD 5970 is the king of iPhone, Wi-Fi password cracking. Bright Side Of News 16/03/2010

    «In the world of GPGPU i.e. GPU Computing, there aren't many companies that really push the term of usability and efficiency. Luckily, Russian ElcomSoft is one of those companies. We already wrote about the company and their very interesting password-cracking products.» Read more

  126. Risk Awareness Enables Improved Prevention of Internet Based Attacks. Pro Security Zone 18/02/2010

    «In the age of information technologies, each employee – not only IT department staff – should be familiar with how to keep their valuable data safe and secure. To fulfill this task in a proper way one should try to halt hidden security threats, with those lying on the surface, in order to avoid grave consequences and damage for the whole company. Employees’ information security literacy is a job of both IT guys and HR professionals. That is the reason we listed the most wide-spread hidden security threats for you to be aware of.» Read more

  127. iPhone Password Breaker Hacks Its Way Into Any iPhone. iPhone Download Blog 17/02/2010

    «There is a new tool out called iPhone Password Breaker that can get access to any password-protected backups for all iPhones and iPod Touch.

    Supposedly used for forensic investigations, I can see many ways how iPhone Password Breaker could be used by jealous husbands, or angry wives, for example…

    Note that this tool will not help you bypass the password protection of an iPhone or iPod Touch. It will bypass the password protection of a backup.»
    Read more

  128. Hack iPhone Backups Using iPhone Passcode Breaker. The iPhone Guru 17/02/2010

    «If you make a backup of an iPhone with a passcode enabled on it, the backup is protected by the same passcode. Elcomsoft has a new utility out that will recover that password from the encrypted backup itself and use that to open the backup file. Makes you feel awesome about how secure your iPhone backups are doesn’t it?.» Read more

  129. It’s Better To Prevent Than To Cure. Katonda 11/02/2010

    «Last week a company that rents an office floor next to ours fell prey to a malicious attack. The employees of the company use instant messengers to communicate with their existing and potential customers.

    Although it is a common knowledge that the improper use of instant messengers can pose a great risk to an enterprise, people still click on the links they receive.»
    Read more

  130. Kit cracks iPhone backup passwords. The Register 04/02/2010

    «The Elcomsoft iPhone Password Breaker, which was released for free into beta, recovers passwords for iPhones and iPod Touches by trying thousands of phrases per second. It performs wordlist-based attacks only, but the final version will allow dictionary attacks that can be customized.» Read more

  131. Encrypting your iPhone backups? Time to choose a better password. MobileCrunch 04/02/2010

    «The iPhone Password Breaker application is dictionary-based, meaning it gains access by cycling through a massive dictionary of words and common passwords (like the aforementioned “cat”, “sex”, and “tetherball”) and their variations (such as “c4t”, “s3x”, and “t3th3rb4ll”) until it finds the right one.» Read more

  132. Wi-Fi hacking: don't panic yet. PC Pro 11/01/2010

    «Not that WPA2 itself is bullet-proof: far from it if the Russians are to be believed. ElcomSoft, a member of the Russian Cryptology Association, has developed a product that can combine readily available and relatively cheap graphics cards from ATI and Nvidia to accelerate the “recovery” of WPA2 encryption passwords.» Read more

  133. Password recovery performance. Security Nirvana 08/12/2009

    «Ok, here's just a quick posting to show off performance numbers when using a single cpu or a Nvidia GTX295 graphics card to recover passwords that has been stored using various hashing functions (recovery here is commonly referred to as "password cracking"). I requested this information from my contact Andrey Belenko at Elcomsoft, based on their product "EDPR - Elcomsoft Distribued Password Recovery", which i am the happy owner of for a 20-client license. (A big "thank you" to Andrey for providing the statistics!). All this as part of my ongoing "research" into passwords.» Read more

  134. Cracking keys on the cheap in the cloud. The H Security 03/11/2009

    «They ran a distributed brute force attack on the file using Amazon's EC2 web service. The software (EDPR) for the attack came from Russian company ElcomSoft. On a dual Core PC running Windows 7, determining the password by trial and error would have taken 2,100 days. 10 virtual computers running EDPR simultaneously, reduced this to just 122 days. One hour of EC2 processing time in this case costs $0.30 per instance, meaning that it cost just under $9,000 to crack the key. Since, according to Electric Alchemy, EDPR scales in a more or less linear fashion, using 100 instances, the same result could be achieved for the same price in just 12 days.» Read more

  135. Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR. Electric Alchemy 30/10/2009

    «When faced with the task of brute forcing PGP passphrases, we immediately thought of Elcomsoft. We had witnessed the drama at Infosec 2009 in London when PGP had banners removed from Elcomsoft's booth, and that made a lasting impression. We downloaded the trial version of Elcomsoft's Distributed Password Recovery software, but found that unfortunately it was not able to properly parse the old PGP ZIP files.» Read more

  136. Balancing Windows security with reasonable password policies. SearchWindowsServer.com 07/10/2009

    «At the end of the day, the password decryption capabilities of tools such as Ophcrack and Elcomsoft's Proactive System Password Recovery can render Windows passwords useless. But that's not the point. One still shouldn't be able to use a good vulnerability scanner such as QualysGuard or Acunetix Web Vulnerability Scanner to crack Windows passwords. If a security consultant or auditor can do it, then a malicious insider or external attacker can do it as well. It's just a matter of time.» Read more

  137. A closer look at Elcomsoft Advanced Office Password Breaker 3 Enterprise Edition. Help Net Security 14/08/2009

    «Advanced Office Password Breaker is a handy tool that will make your life easier. It does not recover the original passwords, it just removes them. It's fast and effective, and a real asset in offices. It supports MS Office Word and Excel 97 and 2000 and supports Office 97/2000 compatible documents saved with MS Office XP and 2003.» Read more

  138. Run encryption the right way to ensure wireless network security. SearchCompliance.com 08/04/2009

    «As long as you have some WPA or WPA2 data capture files -- something that can be gleaned using a wireless network sniffer such as Airodump-ng (part of the Aircrack-ng suite), CommView for WiFi or AirMagnet WiFi Analyzer -- EWSA can harness the processing power of certain Nvidia Corp. and ATI video cards and perform dictionary cracks against WPA and WPA2 pre-shared keys in a fraction of the time it would normally take a computer's standard CPU by itself. EWSA can also be used to dump the pre-shared key hashes from the Windows registry (yet another reason to encrypt your laptop hard drives!).» Read more

  139. Are passwords safe? ServerManagement 11/02/2009

    «Passwords have traditionally been considered the easiest and most popular method of authentication. It is one of the most convenient methods for users as it does not require special skills or additional equipment, and it is secure - or is it? Password authentication is as simple as ABC. Inventing and memorizing a strong password (or several passwords) is all what it takes, isn't it?» Read more

  140. GPUs Used to Successfully Crack Wi-Fi Passwords. HotHardware 15/01/2009

    «Because of the computational power of today's GPUs, GPUs are starting to be harnessed more and more to help out CPUs with some hardcore number crunching. That is the concept behind Nvidia's CUDA, ATI's Stream, and Apple's OpenCL frameworks. There aren't many apps available yet that take advantage of these relatively new technologies, but the ranks are slowly growing. The latest GPU-assisted app to come available is one designed for IT managers to make sure their wireless networks are secure--and inevitably for hackers to try to break into wireless networks.» Read more

  141. GPU-based WPA/WPA2 crack struggles with good passwords. Ars Technica 01/12/2008

    «Elcomsoft claimed its Password Recovery product, which can also be used in a distributed fashion across a network for faster cracks, could speed up WPA/WPA2 passphrase guessing by a factor of 100. But what did that mean in practical terms? How long a passphrase and how fast to crack it?» Read more

  142. Are VPNs the best way to secure wireless LANs? SearchSecurity 23/10/2008

    «ElcomSoft's application of GPU processing to wireless password cracking poses a problem for any users of WiFi corporate networks - so much so that Global Secure Systems has advised companies to either abandon wireless altogether, or to deploy VPNs for all wireless connections, even internally.» Read more

  143. Don't have security nightmares. BBC News 21/10/2008

    «...he latest version of a password recovery tool from Elcomsoft takes advantage of the astonishing processing power of the latest range of Nvidia graphics processing units (GPUs) to crack the WPA and WPA2 wireless security protocols in a matter of hours or even minutes, rendering most commercial wireless networks open to attack.» Read more

  144. Elcomsoft uses NVIDIA GPUs to crack WPA2. TMCnet 17/10/2008

    «The new-generation Tesla S1070 Computing System helps in recovering variety of system and document passwords. It is 100 times faster in password recovery than by using modern dual or quad-core CPUs. According to the Elcomsoft, its Distributed Password Recovery is a high-end solution for forensic and government agencies, data recovery and password recovery services and corporate users with multiple networked workstations connected over a LAN or the Internet.» Read more

  145. ElcomSoft Breaks Wi-Fi Encryption Faster with GPU Acceleration. NordicHardware 14/10/2008

    «About a year ago we told you about how Russian software developer Elcomsoft had patented a new technology for cracking password using graphics cards. It was working on an application that took advantage of the powerful NVIDIA GPU for "reclaiming lost passwords" encrypted by WPA and WPA2 encryptions. In the end, any users with a NVIDIA graphics cards and Elcomsoft software could crack WiFi passwords with ease. With two GeForce 280 GTX graphics cards the otherwise ttime consuming process was 100 times faster, than a regular processor.» Read more

  146. Company puts NVIDA GPUs to work cracking wireless security. Ars Technica 13/10/2008

    «There's a certain short-term window of opportunity here for the quick-minded and well-padded hacker, but long term, software like Elcomsoft's could actually lead to the creation of better encryption standards. Cryptologists working on future standards (AES2, or what have you) will also be able to test those standards more quickly, and for far less money. It's safe to assume that NVIDIA will have introduced faster GPUs by this time, giving future developers an even greater advantage compared to what researchers have previously worked with. For the moment, Elcomsoft's software scales to "just" 64 CPU cores with four GPUs per node for a total of 256 GPUs, but this number will undoubtedly ramp as well. Short-term, this is less-than-great news for the security industry. Long-term, it might improve cryptology standards across the board.» Read more

  147. Elcomsoft uses NVIDIA GPUs to crack WPA2. Engadget 13/10/2008

    «Elcomsoft has been using NVIDIA's CUDA GPU computing architecture to accelerate its Distributed Password Recovery tool for a while now, but it looks like the latest version of the cracking utility takes it to the next level -- it can break a WPA2 password using two GeForce GTX 280-based boards 100 times faster than with just a CPU.» Read more

  148. ElcomSoft uses NVIDIA GPUs to speed up WPA/WPA2 brute-force attack. ZDNet 12/10/2008

    «Elcomsoft Distributed Password Recovery does more than WiFi passwords - you also get the ability to crack a number of documents and files such as Microsoft Office, PGP, ZIP, PDF, OpenDocument, and a number of others.» Read more

  149. WiFi is no longer a viable secure connection. SC Magazine 10/10/2008

    «WiFi is no longer secure enough to protect wireless data. Global Secure Systems has said that a Russian's firm's use of the latest NVidia graphics cards to accelerate WiFi Ұassword recovery' times by up to an astonishing 10,000 per cent proves that WiFi's WPA and WPA2 encryption systems are no longer enough to protect wireless data.» Read more

  150. Turbo-charged wireless hacks threaten networks. The Register 10/10/2008

    «The raw horsepower of graphics chips, normally used as 3D graphic accelerators by gamers, can also be applied for a variety of other number-crunching password-breaking uses beyond uncovering WiFi passwords. Elcomsoft Distributed Password Recovery can also be used to recover Windows startup passwords, crack MD5 hashes, and unlock password-protected documents created by Microsoft Office or PDF files created by Adobe Acrobat, according to ElcomSoft.» Read more

  151. Commercial WPA/WPA2 Cracking Software Accelerated by GPUs. WiFi Net News 09/10/2008

    «The Russian firm offers what it delicately terms password recovery software. They've now paired their WPA/WPA2 key crackin with the power of graphic processing units (GPUs), the brains that drive video cards, and which can carry out certain kinds of calculations vastly faster than CPUs, a computer's main processor.» Read more

  152. Cracking billions of passwords a minute with NVIDIA cards. The Tech Herald 07/10/2008

    «Password auditing and recovery tools are fast and inexpensive, thus having one of the many password recovery tools available online in the IT department is just smart. Yet, while there are many recovery tools available, how many of them can clock a smooth billion passwords a second?» Read more

  153. Wi-Fi Encryption Broken by ElcomSoft. PCDistrict 10/09/2008

    «The recovery of WPA and WPA2 encryption used in the Wi-Fi protocol has been accelerated by ElcomSoft Co. Ltd. by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only.» Read more

  154. The Art of Recovering Passwords. Techans 08/09/2008

    «We are unaware of any free utility which can recover passwords from Microsoft Excel, Word, Powerpoint, Access files. But if you don't mind paying, then Elcomsoft'sAdvanced Office Password Recovery will do the job for you.» Read more

  155. ElcomSoft Recovers Lost Passwords, Audits Security. Processor.com 29/08/2008

    «One indication of the challenges of heightened computer security, according to ElcomSoft, is that nearly half of support calls to IT are related to lost or forgotten passwords, with each incident costing the company an average of $30 to $50 to resolve.» Read more

  156. 23 Powerful Utilities. PC Magazine 14/05/2008

    «Locking your car to keep the street punks from stealing it is smart. But when you lock the keys inside it, that's a whole different security problem. In the same way, Windows handily encrypts private files, but many common events can leave you locked out as well. If you've just plain forgotten the password, you're screwed. Had you previously backed up your encryption credentials, you could regain access to your files, but few users have the foresight and technical skill to do this. Don't worry: ElcomSoft's Advanced Encrypting File System Data Recovery (AEFSDR) can get you out of this jam.» Read more

  157. Geforce cracks Windows passwords. vnunet.com 26/10/2007

    «Security firms warned today that laptop hard disks should be encrypted as a matter of urgency following the release of a utility that uses graphics cards to crack Windows passwords. An eight-character Windows password can be cracked in less than five days using version 2.0 of Moscom-based Elmscroft's Distributed Password Recovery System in conjunction with an Nvidia Geforce 8 card - something that would take months with a standard processor. The time can be reduced further by adding graphics processors (GPUs) either within the same machine, or several machines, or both.» Read more

  158. Password cracking, the new use for high speed GPUs. TG Daily 24/10/2007

    «It may not be the most popular thing to consider, but high-end graphics cards contain a very powerful internal computing engine, called the GPU. This massively parallel device can attack a problem in parallel, rather than serial as most CPUs are required to process data. This means it can compute many hundreds of simultaneous calculations. This is actually how 3D graphics cards get their high-speed gaming abilities. Still, a new use has been found for this robust computing engine: password cracking.» Read more

  159. Developer deploys graphics cards to accelerate password cracks. The Register 24/10/2007

    «Nvidia's GeForce 8 series of graphics chips can be used to crack Windows NT LAN Manager (NTLM) passwords 25 times more quickly than was previously possible, security software developer Elcomsoft has claimed. The Russia-based company this week announced the second major release of its Distributed Password Recovery application, a tool designed to recover forgotten or lost passwords for a wide range of application and document types, including PDP-protected ZIP files, Adobe Acrobat PDFs, Lotus Notes ID files and Microsoft Office documents.» Read more

  160. Interview with Vladimir Katalov, CEO of ElcomSoft. Help Net Security 07/09/2006

    «Vladimir Katalov is working in ElcomSoft from the very beginning. He created the first program the password recovery software line has started from: Advanced ZIP Password Recovery. Now he coordinates the software development process inside the company and develops strategic plans for future versions.» Read more