As part of our platform research in Zimperium zLabs, I have recently disclosed a critical vulnerability affecting multiple high-privileged Android services to Google. Google designated it as CVE-2018-9411 and patched it in the July security update (2018-07-01 patch level), including additional patches in the September security update (2018-09-01 patch level). I also wrote a proof-of-concept … Read More
Webinar will reveal how companies across multiple industries are protecting their mobile devices from attacks. Zimperium is providing customers, media and the general public with a live webinar in which they will learn about the mobile threats facing multiple industries – including financial services, consulting, healthcare, legal and local government – through real-life examples from Zimperium’s … Read More
Webinar will reveal how oil and gas companies can protect their mobile devices from attacks. Zimperium is providing customers, media and the general public with a live webinar in which they will learn about the mobile threats facing the oil and gas industry through real-life examples from one of Zimperium’s oil and gas customers. The … Read More
Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4282 Summary As a part of our ongoing mobile platform research, zLabs recently discovered a read-out-of-bounds vulnerability in the AppleT8015PPM.kext that allows an attacker to read out of its supplied structureInput. The read data is being used as a dictionary. Details Selector … Read More
Researchers: Ori Karliner (@oriHCX) Relevant Operating Systems: FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, WHIS OpenRTOS and SafeRTOS (With WHIS Connect middleware TCP/IP components) . CVE List: As a part of our ongoing IoT platform research, zLabs recently analyzed some of the leading operating systems in the IoT market, including FreeRTOS. … Read More
