Joker is No Laughing Matter: 64 New Variants Discovered in Less Than a Month

As part of Google’s App Defense Alliance, Zimperium helps make the Android ecosystem safer by processing all apps before they reach Google Play. However, malicious applications can find their way to user’s devices through third party stores, sideloaded applications and malicious websites that trick users into downloading and installing apps.  In this blog we will: … Read More

c0ntextomy – Let’s Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and an independent security researcher, Dany … Read More

Threat Advisory: BlackRock Mobile Malware

What is it? BlackRock – an advanced Android malware derived from Xeres malware – evades detection and steals login credentials or credit card data from 337 different mobile banking, shopping, lifestyle, and video apps. BlackRock was disclosed in July 2020 by ThreatFabric. The Zimperium z9 engine had begun detecting early variants of BlackRock in the … Read More

Mobile Pen Testing’s Secret Weapon: Continuous & Automated Scanning

This is the first of a two part series examining the different audiences benefiting from Zimperium’s zScan. This blog looks at pen testers. The second blog looks at enterprises developing mobile apps themselves or by third-party developers.    Companies providing mobile penetration testing or “pen testing” are keeping busy these days. More than two-thirds of enterprises … Read More