Posts in "Threat Research"

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (password zimperium_ndays) Vulnerability Details An XPC service can be accessed by any application on iOS … Read More

N-Days Exploits: NDAY-2017-0103 Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected … Read More

Mobile Device Threat Data – Q1 2017

14% of Devices Contain Malware 4% detected a Man-in-the-Middle Attack 1 of 3 Devices Not Running Latest Version Mobile devices are now standard computing platforms in businesses of all sizes. U.S. consumers now spend over 5 hours per day on mobile devices [1]. The average time spent per day on mobile devices has increased every … Read More

Mobile Security Perceptions vs. Reality

47% of cybersecurity professionals saw a year over year increase in mobile device threats We’ve teamed up with LinkedIn’s 350,000+ Information Security Community to bring you real answers on mobile security. Late last year, the Information Security Community launched its 2nd annual mobile security survey to find out what the community had to say about … Read More

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known versions of the malware were … Read More