In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole […]
Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the […]
These last few days could have CIOs and CISOs very nervous. Two news stories about mobile devices pose real threats for enterprises around the world: From Forbes, “millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google’s own security research team.” Also from Forbes, […]
Researcher: Chilik Tamir (@_coreDump) Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This vulnerability was reportedly exploited in the wild, and it was designated as CVE-2019-3568. A previous post by Zimperium gave some preliminary information about the vulnerability, impacted WhatsApp products, an alleged […]
According to The Wall Street Journal’s article Apple Loses Bid to End App Antitrust Case in Supreme Court, “Consumers can sue Apple Inc. for forcing them to buy apps exclusively from the tech giant, the Supreme Court ruled Monday, threatening billions of dollars in revenue that the company is counting […]
We recently blogged about the enterprise requirement for mobile threat defense (MTD) solutions to support various, and often multiple Mobile Device Management (MDM) or Unified Endpoint Management (UEM) solutions (something Zimperium uniquely provides today). As the leader in enterprise mobile security, Zimperium has the most extensive MDM integrations across all […]
Seven thousand events per second. Six hundred million events per day. Two hundred billion (that’s with a “B”) events per year. That is how many events Zimperium processes while providing the world’s best enterprise mobile threat defense (MTD) solution! Not only do we have the best solution, we have the […]
Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4109 As a part of zLabs platform research team (and as a researcher in general), I often find myself wandering in IDA, reversing random pieces of code. In this blog post, I’m going to show a […]
Zimperium is announcing the availability of the latest version of zIAP, our industry-leading, machine learning-based mobile security solution developed specifically to embed into existing mobile apps. Organizations who build mobile apps frequently struggle with how to successfully meet the critical need to protect sensitive data, reduce fraud and ensure security […]
Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4282 Summary As a part of our ongoing mobile platform research, zLabs recently discovered a read-out-of-bounds vulnerability in the AppleT8015PPM.kext that allows an attacker to read out of its supplied structureInput. The read data is being used […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox