Why Leading Cities and States Should be Protecting ‘Digital Citizens’ from Mobile Threats

When most people think of Zimperium, they may recognize us as the leader in enterprise mobile device and app security. Or, they have seen the recent news on the Defense Information Systems Agency (DISA), a U.S. Department of Defense (DoD) organization, selecting us to deliver comprehensive Mobile Endpoint Protection (MEP) to the unclassified government furnished … Read More

P for Privacy – The Background Story of CVE-2020-9773

Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020  Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS restrictions to enumerate installed applications … Read More

Top 5 Mobile Security Stories of a Crazy 2020

2020 has been crazy… to say the least.  But in many ways, 2020 has thrust a huge spotlight on something we’ve known for quite some time – – mobile threats are real and mobile devices and apps need protection. It truly is crazy how many stories we’ve seen – and the year isn’t over yet … Read More

c0ntextomy – Let’s Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and an independent security researcher, Dany … Read More