24 September, 2016 | TidBITS - http://tidbits.com/

Apple to Fix iOS 10 Security Flaw with iTunes Backups

Russian security company Elcomsoft has discovered a major security flaw in iOS 10: encrypted iTunes backups made with iOS 10 allow password-cracking tools to make 6 million attempts per second, more than 40 times faster than with backups created with iOS 9. Apple has confirmed that the issue is real and plans to fix it in an upcoming security update.

23 September, 2016 | Tom's Hardware - http://www.tomshardware.com/

iOS 10 Vulnerability Makes Bruteforcing Backup Passwords Up To 2,500 Times Faster (Updated)

ElcomSoft, a Russian digital forensics and IT security firm, announced that it found a flaw in iOS 10’s backup password mechanism that allows its password cracking tools to bruteforce a password 2,500 times faster compared to when the old iOS 9 mechanism was being used.

23 September, 2016 | The International Business Times - http://www.ibtimes.com/

iOS 10 Found To Lack Security Checks Against Brute-Force Attacks

Apparently, Russian cybersecurity firm Elcomsoft has found out that the iOS 10 is lacking some implementations that could make it safe against hackers. The firm discovered recently that iOS 10 does not come with certain security checks that are present in iOS 9, as per Phone Arena.

23 September, 2016 | Graham Cluley - https://www.grahamcluley.com/2016/09/upgrading-ios-10-backups-lot-faster-crack

Upgrading to iOS 10 may have made your backups a lot faster to crack

The silver lining on the cloud is that ElcomSoft's discovery affects the local iTunes backups you might make of your iPhone or iPad. That means that any hacker wanting to exploit the weakness would have to target the computer you have made the backup onto, rather than something more chilling like trying to access the phone itself remotely.

23 September, 2016 | Motherboard - https://motherboard.vice.com/

iOS 10 Has a 'Severe' Security Flaw, Says iPhone-Cracking Company

In a blog post published Friday by Elcomsoft, a Russian company that makes software to help law enforcement agencies access data from mobile devices, researcher Oleg Afonin showed that changes in the way local backup files are protected in iOS 10 has left backups dramatically more susceptible to password-cracking attempts than those produced by previous versions of Apple’s operating system.

23 September, 2016 | Business Insider - http://www.businessinsider.com/

iOS 10 backups can be hacked 2,500 times faster than in iOS 9, researchers find

Moscow-based ElcomSoft discovered the flaw, which is centered around local password-protected iTunes backups. On iOS 10, these now have a weak secondary security mechanism which "skips certain security checks." This makes it possible to launch a brute-force attack – where different passwords are tested until the correct one is identified – up to 2,500 faster than iOS 9.

19 August, 2016 | TechSpot - http://www.techspot.com/

Cracking passwords using Nvidia's latest GTX 1080 GPU (it's fast)

Nvidia recently released their new GeForce GTX 1080 graphics card based on the new Pascal architecture. Elcomsoft Distributed Password Recovery 3.20 added support for the new architecture. What does it mean for us?

8 August, 2016 | WE ARE 4N6 - http://www.weare4n6.com/

THE FORENSIC WAY TO ACQUIRE EMAIL

Elcomsoft has updated Cloud Explorer to version 1.10. This new release adds the ability to download email messages from the user’s Gmail account for offline analysis. In order to do that, they had to develop a highly specialized email client. They opted to use Google’s proprietary Gmail API to download mail. In this article, they’ll explain their decision and detail the benefits you’ll be getting by choosing a tool that can talk to Gmail in Gmail language.

28 July, 2016 | WindowsPro - https://www.windowspro.de/news/neue-version-elcomsoft-password-recovery-fuer-mac-os/03257.html

Elcomsoft Password Recovery für Macs und Amazon-Coud

Die aktuelle Ausgabe weist verbesserte Funktionen für Mac OS X auf. So entschlüsselt die neue Version Passwörter von OS X-Benutzer­konten, DMG-Images und FileVault 2-Volumes. Dabei zielt die Software auf das Klartext-Passwort ab, das Mac-OS-Benutzerkonten zur Verschlüsselung der Volumes einsetzen.

26 June, 2016 | The Cheat Sheet - http://www.cheatsheet.com/

Nexus Phones: 5 Things to Consider Before Buying

That out-of-the-box encryption caught Android up with Apple’s iOS — even though as Elcomsoft’s Oleg Afonin reports, activating full-disk encryption on an Android phone often results in slower performance and lower battery life, which may be one reason why few Android users turn the feature on when it’s optional, and the majority of the users who do have encryption turned on are Nexus users.