Abstract When approaching the development of a mobile application, one of the key design decisions revolves around the server side aspect of the application. Specifically, storage of information relevant to the app’s usage, as well as the backend API’s allowing the app to query the server for information in real […]
Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020 Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS […]
Today, enterprises feature a mixture of corporate and employee-owned mobile devices with the average individual downloading anywhere from 60 to 90 apps onto his/her mobile device. A fact keeping many CISOs up at night because while most apps are safe, even one malicious app – inadvertently downloaded – can compromise […]
Researcher: Chilik Tamir (@_coreDump) Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This vulnerability was reportedly exploited in the wild, and it was designated as CVE-2019-3568. A previous post by Zimperium gave some preliminary information about the vulnerability, impacted WhatsApp products, an alleged […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox
Qualified organizations will try zIPS, Zimperium's mobile threat defense solution, for free and receive recommendations on how to immediately remediate issues and alleviate risks. This includes 3 steps: