Posts in "Threat Research"

NDAY-2017-0106: Elevation of Privilege in NVIDIA nvhost-vic driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0106 CVE: CVE-2016-2434 Type: Elevation of Privileges Platform: Android 6.0.1 Device type: Nexus 9 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected devices. Android bulletin: … Read More

Read More

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (password zimperium_ndays) Vulnerability Details An XPC service com.apple.coreservices.appleid.authentication can be accessed by any application on iOS … Read More

Read More

NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected … Read More

Read More

Mobile Device Threat Data – Q1 2017

14% of Devices Contain Malware 4% detected a Man-in-the-Middle Attack 1 of 3 Devices Not Running Latest Version Mobile devices are now standard computing platforms in businesses of all sizes. U.S. consumers now spend over 5 hours per day on mobile devices [1]. The average time spent per day on mobile devices has increased every … Read More

Read More

Mobile Security Perceptions vs. Reality

47% of cybersecurity professionals saw a year over year increase in mobile device threats We’ve teamed up with LinkedIn’s 350,000+ Information Security Community to bring you real answers on mobile security. Late last year, the Information Security Community launched its 2nd annual mobile security survey to find out what the community had to say about … Read More

Read More