Posts in "Mobile security"

Detecting Unknown Threats Time After Time

Zuk Avraham, Founder Follow Zuk Avraham (@ihackbanme) Last week, Ian Beer, from the Google Project Zero research team, released his local elevation of privileges exploit targeting iOS 10.1.1 [1]. We immediately understood that we had another opportunity to assess a new zero day exploit against our Machine-Learning attack and exploit detection engine – z9 z9 … Read More

Analysis of multiple vulnerabilities in AirDroid

  Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2: 06:01PM PDT: edited timeline to reflect 4.0.0 and 4.0.1 release dates and confirming that both versions are still vulnerable. Edit3: Dec 12th, 2016, 10:41AM PDT: edited timeline to reflect security testing on 4.0.2 … Read More

SoftBank goes live with Security Checker, Powered by ZIMPERIUM™

Mobile devices are critical in today’s connected business world. Yet, very few companies have visibility into mobile platforms to identify cyberattacks, vulnerabilities and unknown threats targeting their customers’ personal data and confidential business information. Softbank gets it. As the third largest public company in Japan, SoftBank is a Japanese multinational telecommunications and Internet corporation that … Read More

Mobile Security Is National Security

Whether deployed to steal ammo for political scandals or classified documents for military sabotage, a cyberattack on a mobile device with access to sensitive information is a matter of national security. And yet, mobile devices are often left out of the national security conversation. Obama’s recently implemented Cybersecurity National Action Plan makes no mention of … Read More

Browser-based CVE-2015-3864 Metasploit Module Now Available for Testing

By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck) Last year, we disclosed a series of critical vulnerabilities within Android’s multimedia processing code — libstagefright. We promised to release the exploit for testing purposes and quickly published our exploit for CVE-2015-1538 targeting the Galaxy Nexus running Android 4.0.4. We delivered this exploit via … Read More