Zimperium Recognized in 2018 Cybersecurity Excellence Awards

The 2018 Cybersecurity Excellence Awards recently recognized Zimperium Mobile Threat Defense as the silver winner in the “Best Mobile Security Product” category. The 2018 Cybersecurity Excellence Awards are highly competitive. There were 400 entries in more than 70 categories. All of the winners and finalists reflect the very best in today’s cybersecurity industry and we are … Read More

Dissecting mobile native code packers. A case study.

As mobile malware advances to the levels of desktop malware, it’s not uncommon to stumble upon protected APKs while analysing malware. Most of the times, the sample is simply obfuscated via classes/variables name stripping from the DEX file and/or strings obfuscation; but other times several layers divide the researcher from the original code, including: anti-debug: … Read More

New Crucial Vulnerabilities in Apple’s bluetoothd daemon

By: Rani Idan Follow Rani Idan (@raniXCH) As part of our platform research team in Zimperium zLabs, we investigated iOS mach message IPC, focusing on available services accessible from within the iOS sandbox. The goal of this effort was to assess potential opportunities to gain privilege escalation and escape the sandbox, which is a core part … Read More

Threat Advisory: Skygofree

Skygofree, another in the long line of Android based spyware, is being touted as one of the most advanced targeted surveillance tools ever seen on mobile devices. Skygofree is designed to enable surveillance and full device control by remote attackers. On unprotected mobile devices, Skygofree allows attackers to perform advanced attacks including location-based sound recording, … Read More

Threat Advisory: Meltdown & Spectre

According to the team at Graz University of Technology that responsibly disclosed the new bugs, Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can … Read More