Posts in "Threat Research"

What Verizon Missed in the Latest Threat Report

By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Shah (To download the detailed report, click here) Recently, Verizon published a report that says that malware on mobile is not an issue. We strongly suggest Verizon and other enterprises not underestimate the scale of one percent. The sheer number of mobile devices deployed mean that one … Read More

DoubleDirect – Zimperium Discovers Full-Duplex ICMP Redirect Attacks in the Wild

By: Esteban Pellegrino, Zuk Avraham, Patrick Murray and Rachel Ackerly. Zimperium Mobile Security Labs have investigated during the last year a dangerous type of attack technique in the wild being exploited by attackers. Aptly named “DoubleDirect,” this attack is a type of “Man-in-the-Middle” attack (MITM) enabling an attacker to redirect a victim’s traffic to the … Read More

Detection of TowelRoot & Exploits of CVE-2014-3153

Today we had the opportunity to see the engine of zIPS our Mobile IPS in action on a newly published vulnerability. As a reminder, we prefer complex problems, hence security on mobile devices is where we can think of out of the box ideas to solve security problems while still complying with smartphone rules and … Read More