Posts in "Threat Research"

N-Days Exploits: NDAY-2017-0103 Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected … Read More

Mobile Device Threat Data – Q1 2017

14% of Devices Contain Malware 4% detected a Man-in-the-Middle Attack 1 of 3 Devices Not Running Latest Version Mobile devices are now standard computing platforms in businesses of all sizes. U.S. consumers now spend over 5 hours per day on mobile devices [1]. The average time spent per day on mobile devices has increased every … Read More

Mobile Security Perceptions vs. Reality

47% of cybersecurity professionals saw a year over year increase in mobile device threats We’ve teamed up with LinkedIn’s 350,000+ Information Security Community to bring you real answers on mobile security. Late last year, the Information Security Community launched its 2nd annual mobile security survey to find out what the community had to say about … Read More

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known versions of the malware were … Read More

NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosure. We plan to release additional … Read More