Zimperium’s “State of Enterprise Mobile Security” Report Says Every Enterprise has Mobile Security Threats and Attacks

  Mobile devices continue to be the target of attack at increasing rates.  There is a relatively simple explanation for this – in a typical organization today, 60% of the endpoints containing or accessing enterprise data are mobile; the majority of which do not have any security protection today. It is no longer a matter … Read More

CVE-2018-4087 PoC: Escaping the sandbox by misleading bluetoothd

Following my previous blog post titled “New Crucial Vulnerabilities in Apple’s bluetoothd daemon”, I am releasing the vulnerability PoC. The PoC is released for educational purposes and evaluation by IT Administrators and Pentesters alike, and should not be used in any unintended way. Furthermore, this PoC and any other related material, is published only after … Read More

N-Days Exploits: NDAY-2017-0103 Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect this exploit on all affected … Read More