Posts in "Mobile security"

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and validate performance data from … Read More

zIPS and “Android for Work”

zIPS, the leading mobile threat defense solution, now provides tailored protection for Android for Work use cases. Enterprise IT and security professionals have been working with corporate end-users for decades to keep their desktops, laptops and servers secure. So you might think that those professionals would have a lock on what users will tolerate when … Read More

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (password zimperium_ndays) Vulnerability Details An XPC service com.apple.coreservices.appleid.authentication can be accessed by any application on iOS … Read More

NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected … Read More