Apple’s Latest Security Fix Shows Why Enterprises Need MTD

Apple’s high-profile release of iOS 14.4, including security fixes for three critical vulnerabilities said to have been exploited by hackers in the wild, once again shows why enterprises need to deploy mobile threat defense (MTD) solutions.  Whether it is the Jeff Bezos hack or the ‘scariest iPhone hack ever,’ vulnerabilities open the door for hackers … Read More

P for Privacy – The Background Story of CVE-2020-9773

Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020  Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS restrictions to enumerate installed applications … Read More

c0ntextomy – Let’s Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and an independent security researcher, Dany … Read More