Posts in "iOS"

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and validate performance data from … Read More

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (password zimperium_ndays) Vulnerability Details An XPC service com.apple.coreservices.appleid.authentication can be accessed by any application on iOS … Read More

Reflecting on Recent iOS and Android Security Updates

By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) The last thirty days proven to be yet another exciting time for the mobile security ecosystem. Apple and Google released updates for their respective mobile operating systems that fix several critical issues — including some in the kernel that … Read More

Analysis of iOS & OS X Vulnerability: CVE-2016-1722

By:Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) Apple released iOS 9.2.1 update, the first iOS security update in 2016. As part of this update, Apple fixed code execution vulnerability in syslogd that was reported by Zimperium zLabs researchers Nikias Bassen and Joshua J. Drake. In this blog we’ll share how we … Read More