As the worldwide leader in mobile threat defense (MTD), no company protects more enterprise mobile devices than Zimperium. As a result, we have incredibly rich and unmatched forensic data about mobile device, network, phishing and app risks and attacks from all around the world. Based on popular demand, Zimperium held a free webinar on July … Read More
Posts in "Threat Research"
“Watering Hole” is a cyber attack strategy in which the victim is a particular group (organization, industry, or region). In this attack, the attacker typically observes which websites or applications the group often uses and infects one or more of them with malware. Eventually, some members of the targeted group become infected. The method … Read More
Researcher: Chilik Tamir (@_coreDump) Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This vulnerability was reportedly exploited in the wild, and it was designated as CVE-2019-3568. A previous post by Zimperium gave some preliminary information about the vulnerability, impacted WhatsApp products, an alleged exploit and how Zimperium could … Read More
Summary A local user may be able to cause unexpected system termination or read kernel memory. Details In the function IOHIDEventServiceFastPathUserClient::getSharedMemorySize, the ClientObject (Offset 0xE0 of the user client) is given to a function which assumes it is initialised (It should be initialised via external method 0 — IOHIDEventServiceFastPathUserClient::_open). Calling IOConnectMapMemory64 without calling _open (or … Read More
A new WhatsApp vulnerability has attracted the attention of the press and security professionals around the world. Zimperium zLabs will be creating a detailed blog soon, but we wanted to provide our readers with preliminary information now. What follows is a quick summary of the vulnerability. It has been rumored that the vulnerability was exploited … Read More