Posts in "Threat Research"

Machine Learning vs Signatures, Round N: Once Again, Zimperium Detects Malware No One Else Does

Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo)     Advertising and click fraud campaigns are one of the most common mobile malware-based monetization techniques. Although they are considered a lawful income source in most app markets, they can put the user’s privacy at risk and even cause economic damage. Once again, Zimperium’s machine-learning based solution, … Read More

The Other MWC, Revisited

Nicolás Chiaraviglio (@chiconara) (This post is a follow up of an earlier blog post) Last week, we released a blog warning about how hackers leverage massive events like the Mobile World Congress (MWC) to attack high profile corporates to steal company data. We showed the network attacks we detected last year in Barcelona, which we used to create … Read More

Malicious WiFi Connections: The Other MWC

Nicolás Chiaraviglio (@chiconara) The GSMA Mobile World Congress, taking place every year in Barcelona, is undoubtedly the most important event for the mobile industry – with an average attendance of more than 100k people each year. Every important company is represented, with salespeople and high ranking executives taking the chance to eat local food, visit the … Read More

Don’t Give Me a Brake – Xiaomi Scooter Hack Enables Dangerous Accelerations and Stops for Unsuspecting Riders

This proof-of-concept (PoC) is released for educational purposes and evaluation by researchers, and should not be used in any unintended way. Furthermore, this PoC and any other related material has been published only after disclosing it to Xiaomi Researcher: Rani Idan (@RaniXCH)   **UPDATE: Subsequent to the initial disclosure/posting, zLabs discovered a temporary mitigation solution. … Read More