Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2: 06:01PM PDT: edited timeline to reflect 4.0.0 and 4.0.1 release dates and confirming that both versions are still vulnerable. Edit3: Dec 12th, 2016, 10:41AM PDT: edited timeline to reflect security testing on 4.0.2 … Read More
Zimperium users are safe from Gooligan. A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users. “Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk Avraham. Gooligan fully compromised the … Read More
Mobile devices are critical in today’s connected business world. Yet, very few companies have visibility into mobile platforms to identify cyberattacks, vulnerabilities and unknown threats targeting their customers’ personal data and confidential business information. Softbank gets it. As the third largest public company in Japan, SoftBank is a Japanese multinational telecommunications and Internet corporation that … Read More
Whether deployed to steal ammo for political scandals or classified documents for military sabotage, a cyberattack on a mobile device with access to sensitive information is a matter of national security. And yet, mobile devices are often left out of the national security conversation. Obama’s recently implemented Cybersecurity National Action Plan makes no mention of … Read More
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck) Last year, we disclosed a series of critical vulnerabilities within Android’s multimedia processing code — libstagefright. We promised to release the exploit for testing purposes and quickly published our exploit for CVE-2015-1538 targeting the Galaxy Nexus running Android 4.0.4. We delivered this exploit via … Read More
