On June 28th, a group of eight academics across three different universities released a research paper outlining a new Android vulnerability called “RAMpage”. It’s a variation of previous attacks that use the Rowhammer hardware vulnerability to run malicious code by changing what’s stored in a device’s memory (RAM) and has the potential of data loss … Read More
Posts in "Threat Research"
Last Monday, security researchers from iOS jailbreak firm, Pangu Lab, announced a vulnerability that they believe affects around 10% of all iOS apps. In a blog on its newly created information site, https://zipperdown.org/ , Pangu stated that its researchers noticed “a common programming error, which leads to severe consequences such as data overwritten and even … Read More
zANTI is an easy to use penetration testing and a security analysis toolkit. With zANTI you can simulate real-world, commonly-used malicious cyberattack techniques. Using zANTI, you will quickly discover unsafe elements in your networks, and in your devices that are connected to those networks. Using zANTI, you will understand unsafe conditions on your devices in three layers: OS, applications and actual … Read More
Follow @tamir_zb As part of our platform research in Zimperium zLabs, we recently disclosed a buffer overflow vulnerability affecting multiple Android DRM services to Google. Google classified it as high-severity, designated it as CVE-2017-13253 and have patched it in the March security update. In this blog post, we’ll cover the details of the vulnerability. First, … Read More
RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and exfiltrate sensitive data, but unfortunately that doesn’t make it unique. While there appears to be an elaborate network behind it, RedDrop is simply another Android spyware variant that utilizes well-known … Read More