P for Privacy – The Background Story of CVE-2020-9773

Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020  Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS restrictions to enumerate installed applications … Read More

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

The Federal Bureau of Investigation (FBI) recently issued an announcement encouraging Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework. The announcement – in-part – states, “FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. US hotels, predominantly in major cities, have … Read More

Top 5 Mobile Security Stories of a Crazy 2020

2020 has been crazy… to say the least.  But in many ways, 2020 has thrust a huge spotlight on something we’ve known for quite some time – – mobile threats are real and mobile devices and apps need protection. It truly is crazy how many stories we’ve seen – and the year isn’t over yet … Read More