Analysing Apple Pay Transactions
https://blog.elcomsoft.com/2018/08/analysing-apple-pay-transactions/ [blog.elcomsoft.com]
2018-08-31 23:45
tags:
business
finance
investigation
iphone
opsec
security
Apple Pay serves as a digital wallet, digitizing user’s payment cards and completely replacing traditional swipe-and-sign and chip-and-PIN transactions at compatible terminals. However, unlike traditional wallets, Apple Pay also keeps detailed information about the user’s point of sale transactions. Due to the sheer amount of highly sensitive information processed by the system, Apple Pay is among the most securely protected vaults in compatible devices. In this article we’ll show you where and how this information is stored in the file system, how to extract it from the iPhone and how to analyse the data.
source: green
Forensic Implications of Software Updates: iOS, Android, Windows 10 Mobile
https://blog.elcomsoft.com/2018/01/forensic-implications-of-software-updates-ios-android-windows-10-mobile/ [blog.elcomsoft.com]
2018-01-18 17:45
tags:
android
development
iphone
security
windows
How, who, and when mobile updates are delivered.
source: grugq
New Security Measures in iOS 11 and Their Forensic Implications
https://blog.elcomsoft.com/2017/09/new-security-measures-in-ios-11-and-their-forensic-implications/ [blog.elcomsoft.com]
2017-09-11 01:00
tags:
iphone
opsec
security
The purpose of these measures is better protecting the privacy of Apple customers and once again increasing security of device data. While some measures (such as the new S.O.S. sequence) are widely advertised, some other security improvements went unnoticed by the public. Let us have a look at the changes and any forensic implications they have.
source: grugq
Bypassing Apple’s Two-Factor Authentication
https://blog.elcomsoft.com/2016/12/bypassing-apples-two-factor-authentication/ [blog.elcomsoft.com]
2016-12-16 16:40
tags:
auth
iphone
mac
security
swtools
Kind of a commercial for Elcom’s tools, but a reminder that leaving auth tokens scattered about (perhaps unknowingly) can be bad for security.