In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole […]
Liberation. It’s a powerful word. It’s about freedom from limits on thought or behavior. The reason why I bring this up is because I recently heard from a prospect of mine, here in London, who mentioned he was liberating his employees by giving them the ability to work away from […]
According to iDownloadBlog.com (iDB), “in an unforeseen turn of events, hacker Pwn20wnd released v3.5.0 of the unc0ver jailbreak tool to the general public Sunday morning with official support for iOS 12.4, the latest available firmware release from Apple with support for Apple Card.” While users wanting to bypass existing Apple […]
“The good, the bad and the ugly” is a well-known expression, but when it comes to mobile phishing, I suggest shifting the order. Let’s talk about the bad, the ugly and the good. The Bad: Mobile Takes Phishing from Bad to Worse Phishing is one of the most dominant attack […]
Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the […]
These last few days could have CIOs and CISOs very nervous. Two news stories about mobile devices pose real threats for enterprises around the world: From Forbes, “millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google’s own security research team.” Also from Forbes, […]
This is the second webinar in a two-part series on how two non-profit organizations, the Center for Internet Security (CIS) and MITRE have adapted best practice guidelines to include mobile. The first webinar focused on CIS’ 20 Critical Security Controls. CISOs and CIOs know MITRE ATT&CK is a globally-accessible […]
Mobile devices continue to be the target of attack at increasing rates. There is a relatively simple explanation for this – in a typical organization today, 60% of the endpoints containing or accessing enterprise data are mobile; the majority of which do not have any security protection today. It […]
CISOs and CIOs don’t have it easy. I know. Understatement. As technology evolves, both must stay true to the times while maintaining their company’s compliance, security and safety. In 2008, the Center for Internet Security (CIS) was established and published best practice guidelines for computer security, known as the “Critical […]
I had to do it. Afterall, I talk about it with customers and prospects daily. Had to see for myself. About a week ago, I was on a train in Australia. Heading from Melbourne to my home in Essendon at about 4:50pm. There were about 60 passengers riding along and […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox