WJN Cybersecurity Company

Follow WJN Cybersecurity Company
Share on
Copy link to clipboard

#Infrastructure #ICT #CyberSecurity

WJNLLC


    • Feb 18, 2021 LATEST EPISODE
    • weekly NEW EPISODES
    • 70 EPISODES


    Search for episodes from WJN Cybersecurity Company with a specific topic:

    Latest episodes from WJN Cybersecurity Company

    iOS Recovery Mode Analysis: Reading iOS Version from Locked and Disabled iPhones

    Play Episode Listen Later Feb 18, 2021


    The iPhone recovery mode has limited use for mobile forensics. However, even the limited amount of information available through recovery mode can be essential for an investigation. Recovery access can be also the only available analysis method if the device becomes unusable, is locked or disabled after ten unsuccessful unlocking attempts, or had entered the […]

    Breaking Jetico BestCrypt

    Play Episode Listen Later Feb 3, 2021


    BestCrypt, developed by the Finnish company Jetico, is a cross-platform commercial disk encryption tool. Available for Windows, Linux, macOS and Android platforms, BestCrypt is delivered in two editions, one offering full-disk encryption and the other encrypting virtual disk volumes stored in containers, the latter being supported with our tools. BestCrypt Encryption Algorithms Similar to open-source […]

    Passcode Unlock and Physical Acquisition of iPhone 4, 5 and 5c

    Play Episode Listen Later Feb 2, 2021


    Passcode unlock and true physical acquisition are now available for iPhone 4, 5, and 5c devices – with caveats. Learn about the benefits and limitations of passcode unlocks and true physical imaging of Apple’s legacy devices. Looking for a step by step walkthrough? Check out our imaging guide! Unlocking the iPhone 4, 5 and iPhone […]

    iPhone 4, iPhone 5 and iPhone 5c Physical Acquisition Walkthrough

    Play Episode Listen Later Feb 2, 2021


    True physical acquisition is back – but only for a handful of old devices. We’re adding support for unlocking and forensically sound extraction of some of Apple’s legacy iPhones. For iPhone 4, 5, and 5c devices, we’re adding software-based passcode unlocking and device imaging functionality. Moreover, on some models you won’t even need to break […]

    NAS Forensics: Synology, ASUSTOR, QNAP, TerraMaster and Thecus Encryption Compared

    Play Episode Listen Later Feb 1, 2021


    More than a year ago, we started researching the available encryption options in off the shelf network attached storage devices. We started with Synology devices, followed by Asustor, TerraMaster, Thecus, and finally Qnap. The manufacturers exhibit vastly different approaches to data protection, with different limitations, security implications and vulnerabilities. Today we are publishing the aggregate […]

    End-to-End Encryption in Apple iCloud, Google and Microsoft Accounts

    Play Episode Listen Later Jan 21, 2021


    The proliferation of always connected, increasingly smart devices had led to a dramatic increase in the amount of highly sensitive information stored in manufacturers’ cloud accounts. Apple, Google, and Microsoft are the three major cloud providers who also develop their own hardware and OS ecosystems. In this report, we’ll see how these companies protect their […]

    Secure Instant Messengers

    Play Episode Listen Later Jan 20, 2021


    In today’s world of everyone wanting a slice of one’s personal information, users become more and more concerned about the privacy. The WhatsApp/Facebook integration raised an additional concern, considering that Facebook-owned Messenger requests the largest number of invasive permissions among all commonly used messengers. Data privacy and security concerns are mounting like a snowball. 2020 […]

    DFU Mode Cheat Sheet

    Play Episode Listen Later Jan 14, 2021


    The Device Firmware Upgrade mode, or simply DFU, just got a second breath. The ability to image the file system, decrypt the keychain and even do passcode unlocks on some older iPhone models has been made possible thanks to the checkm8 exploit and the checkra1n jailbreak, both of which require switching the phone into DFU. […]

    Apple, FBI and iPhone Backup Encryption: Everything You Wanted to Know

    Play Episode Listen Later Jan 7, 2021


    Shame on us, we somehow missed the whole issue about Apple dropping plan for encrypting backups after FBI complained, even mentioned in The Cybersecurity Stories We Were Jealous of in 2020 (and many reprints). In the meantime, the article is full of rumors, guesses, and unverified and technically dubious information. “Fake news”, so to say. […]

    Apple Scraps End-to-End Encryption of iCloud Backups

    Play Episode Listen Later Jan 6, 2021


    Reportedly, Apple dropped plan for encrypting backups after FBI complained. Apple’s decision will undoubtedly cause turmoil and will have a number of consequences. In this article, I want to talk about the technical reasons for encrypting or not encrypting cloud backup, and compare Apple’s approach with the data encryption strategies used by Google, who have […]

    Understanding BitLocker TPM Protection

    Play Episode Listen Later Jan 5, 2021


    Investigating a BitLocker-encrypted hard drive can be challenging, especially if the encryption keys are protected by the computer’s hardware protection, the TPM. In this article, we’ll talk about the protection that TPM chips provide to BitLocker volumes, and discuss vulnerabilities found in today’s TPM modules. What is TPM Trusted Platform Module (TPM) is a standard […]

    2020 in Review: What Was New in Desktop and Mobile Forensics

    Play Episode Listen Later Dec 28, 2020


    This year is different from many before. The Corona pandemic, the lack of travel and canceled events had changed the business landscape for many forensic companies. Yet, even this year, we made a number of achievements we’d love to share. iOS Acquisition Our major achievement this year is about the iPhone extraction. For the first […]

    NAS Forensics: QNAP Encryption Analysis

    Play Episode Listen Later Dec 23, 2020


    A year ago, we analyzed the encryption used in Synology NAS devices. We were somewhat disappointed by the company’s choice to rely on a single encryption layer with multiple functional restrictions and security reservations. Today we are publishing the results of our analysis of data encryption used in QNAP devices. Spoiler: it’s very, very different. […]

    iPhone Backups: Top 5 Default Passwords

    Play Episode Listen Later Dec 22, 2020


    The iPhone backup is one of the hottest topics in iOS forensics. iTunes-style backups are the core of logical acquisition used by forensic specialists, containing overwhelming amounts of evidence that is is unrivaled on other platforms. The backups, as simple as they seem, have many “ifs” and “buts”, especially when it comes to password protection. […]

    New Privacy Features: iOS 14.0 through 14.3

    Play Episode Listen Later Dec 18, 2020


    Apple has long provided its users the tools to control how apps and Web sites use their personal data. The release of iOS 14 brought a number of new privacy features, while iOS 14.3 adds an important extra. At the same time, one of the most interesting privacy features is facing tough opposition from a […]

    Breaking Passwords with NVIDIA RTX 3080 and 3090

    Play Episode Listen Later Dec 17, 2020


    Today we have an important date. Advanced Office Password Recovery turned 16. What started as an instant recovery tool for legacy versions of Microsoft Word had now become a GPU-accelerated toolkit for breaking the many Microsoft formats. Today we’re releasing a major update, giving Advanced Office Password Recovery and Distributed Password Recovery tools the ability […]

    Recovering Screen Time Passwords

    Play Episode Listen Later Dec 15, 2020


    The Screen Time password has been long recommended as an extra security layer. By setting a Screen Time password without any additional restrictions, Apple users could easily dodge attempts of changing or removing the screen lock passcode, resetting the iTunes backup password, or removing the activation lock. For a long time, removing the Screen Time […]

    Elcomsoft vs. Hashcat Part 4: Case Studies

    Play Episode Listen Later Dec 9, 2020


    This is the final part of the series of articles comparing Elcomsoft Distributed Password Recovery with Hashcat. We’ve already compared the features, the price and performance of the two tools. In this study, we tried breaking passwords to several common formats, including Word document, an encrypted ZIP archive, and a VeraCrypt container. We summarized our […]

    How to Remove The iPhone Passcode You Cannot Remove

    Play Episode Listen Later Dec 8, 2020


    From time to time, we stumble upon a weird issue that interferes with the ability to install a jailbreak. One of such problems appearing literally out of the blue is the issue of being unable to remove the screen lock password on some iPhone devices. What could be the reason and how to work around […]

    The Evolution of iOS Acquisition: Jailbreaks, Exploits and Extraction Agent

    Play Episode Listen Later Dec 3, 2020


    The past two years have become a turning point in iOS acquisition. The release of a bootrom-based exploit and the corresponding jailbreak made BFU acquisition possible on multiple devices regardless of security patches. Another exploit covers the entire iOS 13 range on all devices regardless of their hardware revision. ElcomSoft developed a jailbreak-free extraction method […]

    iOS Extraction Without a Jailbreak: iOS 9 through iOS 13.7 on All Devices

    Play Episode Listen Later Dec 3, 2020


    After adding jailbreak-free extraction for iOS 13.5.1 through 13.7, we now support every Apple device running any version of iOS from 9.0 through 13.7 with no gaps or exclusions. For the first time, full file system extraction and keychain decryption are possible on all devices running these iOS versions. Full iOS 13 support without a […]

    Elcomsoft vs. Hashcat Part 3: Attacks, Costs, Performance and Extra Features

    Play Episode Listen Later Dec 2, 2020


    Elcomsoft Distributed Password Recovery and Hashcat support a number of different attacks ranging from brute-force all the way to scriptable, dictionary-based attacks. The costs and performance are extremely important factors. We charge several hundred dollars for what, in the end, can be done with a free tool. Which tool has better performance, and are the […]

    Forensically Sound Cold System Analysis

    Play Episode Listen Later Dec 1, 2020


    As opposed to live system analysis, experts performing the cold analysis are not dealing with authenticated user sessions. Instead, cold analysis can be viewed as an intermediary measure with live system analysis on the one end and the examination of a forensic disk image on another. Why and when would you use cold system analysis, […]

    The ABC’s of Password Cracking: The True Meaning of Speed

    Play Episode Listen Later Nov 30, 2020


    When adding a new encryption format or comparing the performance of different password recovery tools, we routinely quote the recovery speed expressed in the number of passwords per second. But what is the true meaning of password recovery speeds? Do the speeds depend solely, or at all, on the encryption algorithm? What’s “military grade” encryption, […]

    Elcomsoft System Recovery: a Swiss Army Knife of Desktop Forensics

    Play Episode Listen Later Nov 26, 2020


    Accessing a locked system is always a challenge. Encrypted disks and encrypted virtual machines, encrypted files and passwords are just a few things to mention. In this article we are proposing a straightforward workflow for investigating computers in the field. Note: you may be able to perform live system analysis if the computer being investigated […]

    Elcomsoft vs. Hashcat Part 2: Workflow, Distributed and Cloud Attacks

    Play Episode Listen Later Nov 25, 2020


    The user interface is a major advantage of Elcomsoft tools. Setting up attacks in Elcomsoft Distributed Password Recovery is simpler and more straightforward compared to the command-line tool. In this article, we’ll talk about the general workflow, the use and configuration of distributed and cloud attacks in both products. We received lots of feedback after […]

    Elcomsoft vs. Hashcat: Addressing Feedback

    Play Episode Listen Later Nov 25, 2020


    After publishing the first article in the series, we received numerous comments challenging our claims. We carefully reviewed every comment, reread and reevaluated our original article.  Elcomsoft vs. Hashcat Rev.1.1 is here. The unsupported algorithms In our original article, we made the following claim: “While both Hashcat and Elcomsoft Distributed Password Recovery advertise hundreds of […]

    Extracting Evidence from iPhone Devices: Do I (Still) Need a Jailbreak?

    Play Episode Listen Later Nov 23, 2020


    If you are familiar with iOS acquisition methods, you know that the best results can be obtained with a full file system acquisition. However, extracting the file system may require jailbreaking, which may be risky and not always permitted. Are there any reasons to use jailbreaks for extracting evidence from Apple devices? In the time […]

    Mobile Forensics – Advanced Investigative Strategies

    Play Episode Listen Later Nov 16, 2020


    Four years ago, we published our first book: Mobile Forensics – Advanced Investigative Strategies. We are really proud of this achievement. Do you want to know the story behind it and what’s changed since then in mobile and cloud forensics? Here are some insides (but please do not tell anyone!) If you read “Novel Notes” […]

    Apple Watch Forensics Reloaded

    Play Episode Listen Later Nov 13, 2020


    Is it possible to extract any data from an Apple Watch? It’s relatively easy if you have access to the iPhone the device is paired to, or if you have a backup of that iPhone. But what if the watch is all you have? If there is no paired iPhone, no backup and no iCloud […]

    iOS 14.2, iOS 12.4.9, the Updated checkra1n 0.12 Jailbreak and File System Extraction

    Play Episode Listen Later Nov 11, 2020


    It’s been a week since Apple has released iOS 14.2 as well as iOS 12.4.9 for older devices. Just a few days later, the developers updated the checkra1n jailbreak with support for new devices and iOS versions. What does that mean for iOS forensics? Let’s have a look; we have done some testing, and our […]

    Protecting iMessage Communications

    Play Episode Listen Later Nov 4, 2020


    How secure are your chats in your favorite instant messenger? Can someone intercept and read your secret conversations, and can you do something about it? Apple users have access to the highly popular instant messaging system, the iMessage. But how secure it really is? Let’s find out. When it comes to instant messaging, there are […]

    Breaking Intuit Quicken and QuickBooks Passwords in 2021

    Play Episode Listen Later Nov 2, 2020


    Intuit Quicken is one of the oldest tools of its kind. Over the years, Quicken had become the de facto standard for accounting, tax reporting and personal finance management in North America. Finances is an extremely sensitive area that demands adequate protection of the user data. However, prior to 2003, Quicken employed a weak protection […]

    Five Hundred Posts

    Play Episode Listen Later Oct 30, 2020


    Believe me or not, but this is exactly the 500th post in our blog! The first one was posted in March 2009 and was about Distributed Password Recovery and GPU acceleration. At that time, we even did not do mobile or cloud forensics. Today it’s not about our achievements. I want to thank you for […]

    The Forensic View of iMessage Security

    Play Episode Listen Later Oct 29, 2020


    Apple iMessage is an important communication channel and an essential part of forensic acquisition efforts. iMessage chats are reasonably secure. Your ability to extract iMessages as well as the available sources of extraction will depend on several factors. Let’s discuss the factors that may affect your ability to extract, and what you can do to […]

    May the [Brute] Force Be with You!

    Play Episode Listen Later Oct 28, 2020


    Remember the good old times when there was a lot of applications with “snake oil” encryption? You know, the kind of “peace of mind” protection that allowed recovering or removing the original plaintext password instantly? It is still the case for a few “we-don’t-care” apps such as QuickBooks 2021, but all of the better tools […]

    Extracting the iPhone: (No) Tools Required?

    Play Episode Listen Later Oct 27, 2020


    If the iPhone is locked with a passcode, it is considered reasonably secure. The exception are some older devices, which are relatively vulnerable. But what if the passcode is known or is not set? Will it be easy to gain access to all of the data stored in the device? And why do we have […]

    13 Years of GPU Acceleration

    Play Episode Listen Later Oct 22, 2020


    Today, we have an important date. It’s been 13 years since we invented a technique that reshaped the landscape of modern password recovery. 13 years ago, we introduced GPU acceleration in our then-current password recovery tool, enabling the use of consumer-grade gaming video cards for breaking passwords orders of magnitude faster. With today’s proliferation of […]

    iOS Extraction Without a Jailbreak: Finally, Zero-Gap Coverage for iOS 9 through iOS 13.5 on All Devices

    Play Episode Listen Later Oct 21, 2020


    We have plugged the last gap in the range of iOS builds supported on the iPhone 5s and 6. The full file system extraction and keychain decryption is now possible on these devices regardless of the version of iOS they are running – at least if that’s iOS 9 or newer. For all other iOS […]

    The Rise of the Virtual Machines

    Play Episode Listen Later Oct 20, 2020


    Criminals are among the most advanced users of modern technology. They learned how to hide information in their smartphones and how to encrypt their laptops. They communicate via secure channels. Their passwords never leak, and they do their best to leave no traces. Forensic investigators encounter new challenges every other day. In this article, we […]

    Ruling Out the Encryption

    Play Episode Listen Later Oct 20, 2020


    We all have habits. Morning coffee (no sugar, just some milk), two eggs (sunny side up), reading mail wile you are not completely awaken, and a lot more. We all follow some kind of rules we have set for ourselves. We all have some favorites: names, cities and even numbers; maybe an important date or […]

    Breaking Encrypted Virtual Machines: Recovering VMWare, Parallels, and VirtualBox Passwords

    Play Episode Listen Later Oct 20, 2020


    Virtual machines use a portable, hardware-independent environment to perform essentially the same role as an actual computer. Activities performed under the virtual umbrella leave trails mostly in the VM image files and not on the host computer. The ability to analyze virtual machines becomes essential when performing digital investigations. Many types of virtual machines used […]

    Everything You Wanted to Ask About Cracking Passwords

    Play Episode Listen Later Oct 15, 2020


    Making tools for breaking passwords, I am frequently asked whether it’s legal, or how it works, or what one can do to protect their password from being cracked. There are people who have “nothing to hide”. There are those wearing tin foil hats, but there are a lot more people who can make a reasonable […]

    Stick It To The Man

    Play Episode Listen Later Oct 9, 2020


    The year was 2008, and I had been staying at a hotel in Bogota. This trip was just one of many to Columbia that year. Before my trip, I’d had my former girlfriend, Darci, stop by and help me swap out the hard drive in my MacBook Pro laptop. Remember, this is 2008, and at […]

    Apple Mobile Devices Cheat Sheet

    Play Episode Listen Later Oct 6, 2020


    When investigating iOS devices, you may have seen references to the SoC generation. Security researchers and developers of various iOS jailbreaks and exploits often list a few iPhone models followed by a note that mentions “compatible iPad models”. This is especially common when discussing iOS forensics, particularly referring to the chyeckra1n jailbreak. What do those […]

    Mobile Forensics: Are You Ready for iOS 14?

    Play Episode Listen Later Oct 5, 2020


    The number of iOS 14 users is on the raise, and we will see it running on most Apple devices pretty soon. Apple had already stopped signing the last version of iOS 13 on all but legacy hardware. Soon, we will only see it running on the iPhone 5s and iPhone 6 which didn’t get […]

    Playing devil’s advocate: iPhone anti-forensics

    Play Episode Listen Later Sep 30, 2020


    Everyone’s iPhones contain overwhelming amounts of highly sensitive personal information. Even if some of that data is not stored on the device, the iPhone itself or the data inside can work as a key to other many things from bank accounts to private family life. While there are many possible vectors of attack, the attacker […]

    The Issue of Trust: Untrusting Connected Devices from Your iPhone

    Play Episode Listen Later Sep 29, 2020


    When connecting an iPhone to a computer for the first time, you’ll see the prompt asking you whether to trust the computer. Trusting a computer enables your phone and computer to exchange information. However, should the trusted computer fall into the wrong hands, the pairing record from that computer could be used to pull information […]

    Using Screen Time Password to Protect iPhone Local Backups

    Play Episode Listen Later Sep 28, 2020


    The iOS backup system is truly unrivalled. The highly comprehensive, versatile and secure backups can be created with Apple iTunes. For the user, local backups are a convenient and easy way to transfer data to a new device or restore an existing one after a factory reset. For forensic experts, iOS backups are an equally […]

    iOS 14 Forensics: What Has Changed Since iOS 13.7?

    Play Episode Listen Later Sep 24, 2020


    iOS 14 is officially out. It’s a big release from the privacy protection standpoint, but little had changed for the forensic expert. In this article, we’ll review what has changed in iOS 14 in the ways relevant for the forensic crowd. iOS 14: supported devices iOS and iPadOS 14 are updated for the same devices […]

    It’s Hashed, Not Encrypted

    Play Episode Listen Later Sep 9, 2020


    How many times have you seen the phrase: “Your password is securely encrypted”? More often than not, taking it at face value has little sense. Encryption means the data (such as the password) can be decrypted if you have the right key. Most passwords, however, cannot be decrypted since they weren’t encrypted in the first […]

    Claim WJN Cybersecurity Company

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel