Posts in "Mobile Security"

CVE-2019-8545 : Vulnerability in IOHIDFamily.kext

Summary A local user may be able to cause unexpected system termination or read kernel memory. Details In the function IOHIDEventServiceFastPathUserClient::getSharedMemorySize, the ClientObject (Offset 0xE0 of the user client) is given to a function which assumes it is initialised (It should be initialised via external method 0 — IOHIDEventServiceFastPathUserClient::_open). Calling IOConnectMapMemory64 without calling _open (or … Read More

Zimperium’s zIAP Wins 2019 Fortress Cyber Security Mobile Application Security Award

The Business Intelligence Group today announced Zimperium’s zIAP as the winner of the 2019 Fortress Cyber Security Mobile Application Security Award. This is zIAP’s second consecutive win. The business award program identifies and rewards the world’s leading companies and products working to keep data and electronic assets safe among a growing threat from hackers. zIAP … Read More

Zimperium’s Compliance Webinar Series: CCPA Compliance for Mobile Devices – The 60% of Endpoints Often Unprotected

The California Consumer Privacy Act (CCPA) has been characterized as “the beginning of America’s General Data Protection Regulation (GDPR),” and its aim is to enhance privacy rights and consumer protection for residents of California. Businesses subject to CCPA must meet strict requirements relating to their use of personally identifiable consumer data.  Mobile devices and applications … Read More

Another Day, Another App Breach

  They say it happens in threes. This time, the three are: Flipboard, the social sharing site and news aggregator, reset millions of user passwords after hackers gained access to its systems several times over a nine-month period; Developer platform Stack Overflow earlier this month confirmed a breach involving “a very small number” of user … Read More