Posts in "Threat Research"

Detecting Unknown Threats Time After Time

Zuk Avraham, Founder Follow Zuk Avraham (@ihackbanme) Last week, Ian Beer, from the Google Project Zero research team, released his local elevation of privileges exploit targeting iOS 10.1.1 [1]. We immediately understood that we had another opportunity to assess a new zero day exploit against our Machine-Learning attack and exploit detection engine – z9 z9 … Read More

Analysis of multiple vulnerabilities in AirDroid

  Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2: 06:01PM PDT: edited timeline to reflect 4.0.0 and 4.0.1 release dates and confirming that both versions are still vulnerable. Edit3: Dec 12th, 2016, 10:41AM PDT: edited timeline to reflect security testing on 4.0.2 … Read More

Zimperium users are safe from Gooligan

Zimperium users are safe from Gooligan. A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users. “Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk Avraham. Gooligan fully compromised the … Read More

CVE-2015-3864 Metasploit module now available for testing

By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck) Last year, we disclosed a series of critical vulnerabilities within Android’s multimedia processing code — libstagefright. We promised to release the exploit for testing purposes and quickly published our exploit for CVE-2015-1538 targeting the Galaxy Nexus running Android 4.0.4. We delivered this exploit via … Read More