When most people think of Zimperium, they may recognize us as the leader in enterprise mobile device and app security. Or, they have seen the recent news on the Defense Information Systems Agency (DISA), a U.S. Department of Defense (DoD) organization, selecting us to deliver comprehensive Mobile Endpoint Protection (MEP) to the unclassified government furnished … Read More
Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020 Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS restrictions to enumerate installed applications … Read More
Nearly 75% used AT&T or AT&T and Yahoo logos Scammers – masquerading as more than 25 different companies, brands and government agencies – used 265 Google Forms in an effort to steal user passwords and credentials. According to our findings, the links remained active for several months after being added to public phishing databases. All … Read More
2020 has been crazy… to say the least. But in many ways, 2020 has thrust a huge spotlight on something we’ve known for quite some time – – mobile threats are real and mobile devices and apps need protection. It truly is crazy how many stories we’ve seen – and the year isn’t over yet … Read More
Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and an independent security researcher, Dany … Read More
