iOS 13 (Beta) Forensics
iOS 13 is on the way. While the new mobile OS is still in beta, so far we have not discovered many revolutionary changes in the security department. At the same time, there are quite a few things forensic specialists will need to know about the new iteration of Apple’s mobile operating system. In this article, we’ll be discussing the changes and their meaning for the mobile forensics.
by Vladimir Katalov
👉 https://blog.elcomsoft.com/2019/07/ios-13-beta-forensics/
#iOS13 #iPhone #smartphone #forensics #backups #decryption #dfir #software #encryption
iOS 13 is on the way. While the new mobile OS is still in beta, so far we have not discovered many revolutionary changes in the security department. At the same time, there are quite a few things forensic specialists will need to know about the new iteration of Apple’s mobile operating system. In this article, we’ll be discussing the changes and their meaning for the mobile forensics.
by Vladimir Katalov
👉 https://blog.elcomsoft.com/2019/07/ios-13-beta-forensics/
#iOS13 #iPhone #smartphone #forensics #backups #decryption #dfir #software #encryption
Accessing iCloud With and Without a Password in 2019
In iOS forensics, cloud extraction is a viable alternative when physical acquisition is not possible. The upcoming release of iOS 13 brings additional security measures that will undoubtedly make physical access even more difficult. While the ability to download iCloud backups has been around for years, the need to supply the user’s login and password followed by two-factor authentication was always a roadblock.
It took us more than a year to figure out a workaround allowing experts to transfer authentication tokens from the user’s computer...
👉 https://blog.elcomsoft.com/2019/07/accessing-icloud-with-and-without-a-password-in-2019/
#software #forensics #dfir #encryption #iOS13 #icloud #password #2FA #backup #decryption #messages #token #keychain
In iOS forensics, cloud extraction is a viable alternative when physical acquisition is not possible. The upcoming release of iOS 13 brings additional security measures that will undoubtedly make physical access even more difficult. While the ability to download iCloud backups has been around for years, the need to supply the user’s login and password followed by two-factor authentication was always a roadblock.
It took us more than a year to figure out a workaround allowing experts to transfer authentication tokens from the user’s computer...
👉 https://blog.elcomsoft.com/2019/07/accessing-icloud-with-and-without-a-password-in-2019/
#software #forensics #dfir #encryption #iOS13 #icloud #password #2FA #backup #decryption #messages #token #keychain
Apple TV Forensics 03: Analysis
This post continues the series of articles about Apple companion devices. If you haven’t seen them, you may want to read Apple TV and Apple Watch Forensics 01: Acquisition first. If you are into Apple Watch forensics, have a look at Apple Watch Forensics 02: Analysis as well. Today we’ll have a look at what’s inside of the Apple TV.
A recent market analysis shows that Apple has sold more than 13 million Apple TV devices worldwide since 2016. Since 2007, Apple manufactured 6 different Apple TV models.
Read the complete article 👉 https://blog.elcomsoft.com/2019/09/apple-tv-forensics-03-analysis/
#ios #appletv #security #forensics #chimera #elcomsoft #filesystem #tvos #jailbreak
This post continues the series of articles about Apple companion devices. If you haven’t seen them, you may want to read Apple TV and Apple Watch Forensics 01: Acquisition first. If you are into Apple Watch forensics, have a look at Apple Watch Forensics 02: Analysis as well. Today we’ll have a look at what’s inside of the Apple TV.
A recent market analysis shows that Apple has sold more than 13 million Apple TV devices worldwide since 2016. Since 2007, Apple manufactured 6 different Apple TV models.
Read the complete article 👉 https://blog.elcomsoft.com/2019/09/apple-tv-forensics-03-analysis/
#ios #appletv #security #forensics #chimera #elcomsoft #filesystem #tvos #jailbreak
Attached Storage Forensics: Security Analysis of Thecus NAS
Thecus has been manufacturing NAS devices for more than 15 years. The company develops an in-house Linux-based NAS OS, the ThecusOS. At this time, the most current version of the OS is ThecusOS 7. Thecus advertises secure data encryption in most of its NAS devices. The company’s volume-based encryption tool allows users to fully encrypt their entire RAID volume, defending essential data in instances of theft of the physical device. We found Thecus’ implementation of encryption somewhat unique. In this research, we’ll verify the manufacturer’s claims and check just how secure is Thecus’ implementation of 256-bit AES encryption.
by Oleg Afonin
👉🏻 https://blog.elcomsoft.com/2020/01/attached-storage-forensics-security-analysis-of-thecus-nas/
#ThecusOS #Thecus #NAS #Encryption #Forensics
Thecus has been manufacturing NAS devices for more than 15 years. The company develops an in-house Linux-based NAS OS, the ThecusOS. At this time, the most current version of the OS is ThecusOS 7. Thecus advertises secure data encryption in most of its NAS devices. The company’s volume-based encryption tool allows users to fully encrypt their entire RAID volume, defending essential data in instances of theft of the physical device. We found Thecus’ implementation of encryption somewhat unique. In this research, we’ll verify the manufacturer’s claims and check just how secure is Thecus’ implementation of 256-bit AES encryption.
by Oleg Afonin
👉🏻 https://blog.elcomsoft.com/2020/01/attached-storage-forensics-security-analysis-of-thecus-nas/
#ThecusOS #Thecus #NAS #Encryption #Forensics
Attached Storage Forensics: Security Analysis of TerraMaster NAS
TerraMaster is a relatively new company specializing in network attached storage and direct attached storage solutions. The majority of TerraMaster NAS solutions are ARM64 and Intel-based boxes aimed at the home and SOHO users. TerraMaster’s OS (TOS) is based on Linux. At this time, TOS 4.1 is the current version of the OS.
TerraMaster advertises secure AES encryption with unspecified key length through the entire range of its current NAS devices. This time around, we’re dealing with folder-based encryption that runs on top of the open-source encrypting file system eCryptfs. TerraMaster’s implementation of data encryption is extremely simplistic and lacks any sort of management for either the encryption key or the encrypted data.
by Oleg Afonin
👉 https://blog.elcomsoft.com/2020/01/attached-storage-forensics-security-analysis-of-terramaster-nas/
#TerraMaster #NAS #Encryption #Forensics #AES
TerraMaster is a relatively new company specializing in network attached storage and direct attached storage solutions. The majority of TerraMaster NAS solutions are ARM64 and Intel-based boxes aimed at the home and SOHO users. TerraMaster’s OS (TOS) is based on Linux. At this time, TOS 4.1 is the current version of the OS.
TerraMaster advertises secure AES encryption with unspecified key length through the entire range of its current NAS devices. This time around, we’re dealing with folder-based encryption that runs on top of the open-source encrypting file system eCryptfs. TerraMaster’s implementation of data encryption is extremely simplistic and lacks any sort of management for either the encryption key or the encrypted data.
by Oleg Afonin
👉 https://blog.elcomsoft.com/2020/01/attached-storage-forensics-security-analysis-of-terramaster-nas/
#TerraMaster #NAS #Encryption #Forensics #AES
The Worst Mistakes in iOS Forensics
What can possibly go wrong with that iPhone? I’ll have a look (oh, it’s locked!), then switch it off, eject the SIM card and pass it on to the expert. Well, you’ve just made three of the five most common mistakes making subsequent unlock and extraction attempts significantly more difficult. Learn about the most common mistakes and their consequences.
👉 https://blog.elcomsoft.com/2020/01/the-worst-mistakes-in-ios-forensics/
by Vladimir Katalov
#mistakes #mobileforensics #ios #apple #forensics #iossecurity #icloud #iphone #dataextraction #cloudsecurity #smartphone
What can possibly go wrong with that iPhone? I’ll have a look (oh, it’s locked!), then switch it off, eject the SIM card and pass it on to the expert. Well, you’ve just made three of the five most common mistakes making subsequent unlock and extraction attempts significantly more difficult. Learn about the most common mistakes and their consequences.
👉 https://blog.elcomsoft.com/2020/01/the-worst-mistakes-in-ios-forensics/
by Vladimir Katalov
#mistakes #mobileforensics #ios #apple #forensics #iossecurity #icloud #iphone #dataextraction #cloudsecurity #smartphone
Attached Storage Forensics: Security Analysis of ASUSTOR NAS
ASUSTOR advertises secure AES encryption with a 256-bit key. According to the manufacturer, AES-256 encryption is made available through the entire range of its current NAS devices. Unlike other manufacturers, ASUSTOR is very upfront regarding the type of encryption employed by its NAS devices: “ASUSTOR NAS offers folder based military grade AES 256-bit encryption”. As a result, we’re once again dealing with folder-based encryption running on top of the open-source encrypting file system eCryptfs. We’ve already seen eCryptfs-based encryption in attached storage devices made by Synology and TerraMaster. Does ASUSTOR have any surprises, or will its implementation of folder-based encryption suffer from the many restrictions and limitations? Let’s find out.
👉 https://blog.elcomsoft.com/2020/03/attached-storage-forensics-security-analysis-of-asustor-nas/
#ASUSTOR #aesencryption #storage #forensics #security #encryptionkey #decryption #eCryptfs
ASUSTOR advertises secure AES encryption with a 256-bit key. According to the manufacturer, AES-256 encryption is made available through the entire range of its current NAS devices. Unlike other manufacturers, ASUSTOR is very upfront regarding the type of encryption employed by its NAS devices: “ASUSTOR NAS offers folder based military grade AES 256-bit encryption”. As a result, we’re once again dealing with folder-based encryption running on top of the open-source encrypting file system eCryptfs. We’ve already seen eCryptfs-based encryption in attached storage devices made by Synology and TerraMaster. Does ASUSTOR have any surprises, or will its implementation of folder-based encryption suffer from the many restrictions and limitations? Let’s find out.
👉 https://blog.elcomsoft.com/2020/03/attached-storage-forensics-security-analysis-of-asustor-nas/
#ASUSTOR #aesencryption #storage #forensics #security #encryptionkey #decryption #eCryptfs
Elcomsoft Phone Breaker 9.61 adds iOS 14 support, fixes iCloud backups
Elcomsoft Phone Breaker 9.61 adds support for cloud backups created with devices running the beta version of iOS 14. In addition, the update fixes access to iCloud backups created in iOS 12 and 13. Updating is strongly recommended for everyone requiring access to iCloud backups.
👉https://www.elcomsoft.com/news/755.html
#ios14 #icloud #iphone #mobilesecurity #dfir #cloudsecurity #dataextraction #forensics
Elcomsoft Phone Breaker 9.61 adds support for cloud backups created with devices running the beta version of iOS 14. In addition, the update fixes access to iCloud backups created in iOS 12 and 13. Updating is strongly recommended for everyone requiring access to iCloud backups.
👉https://www.elcomsoft.com/news/755.html
#ios14 #icloud #iphone #mobilesecurity #dfir #cloudsecurity #dataextraction #forensics
HomePod Forensics I: Pwning the HomePod
In this article, we will discuss how to access the hidden port of the first-generation HomePod and extract its file system image. Note that this process requires disassembly, voids the HomePod warranty, and requires specific tools, including a custom 3D-printable USB adapter, a set of screws, and a breakout cable. Therefore, this method is not recommended for casual users and should only be used by professionals who have a thorough understanding of the process.
🧑💻 https://blog.elcomsoft.com/2023/03/homepod-forensics-i-pwning-the-homepod/
#checkm8 #EIFT #HomePod #IoT #forensics
In this article, we will discuss how to access the hidden port of the first-generation HomePod and extract its file system image. Note that this process requires disassembly, voids the HomePod warranty, and requires specific tools, including a custom 3D-printable USB adapter, a set of screws, and a breakout cable. Therefore, this method is not recommended for casual users and should only be used by professionals who have a thorough understanding of the process.
#checkm8 #EIFT #HomePod #IoT #forensics
Please open Telegram to view this post
VIEW IN TELEGRAM