Malicious Websites Have Been Exploiting iOS Devices For Years

In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole attack example, please see our … Read More

New iOS Jailbreak Tools put Organizations at Risk

According to iDownloadBlog.com (iDB), “in an unforeseen turn of events, hacker Pwn20wnd released v3.5.0 of the unc0ver jailbreak tool to the general public Sunday morning with official support for iOS 12.4, the latest available firmware release from Apple with support for Apple Card.”  While users wanting to bypass existing Apple operating system precautions and take … Read More

Zimperium’s “State of Enterprise Mobile Security” Report Says Every Enterprise has Mobile Security Threats and Attacks

  Mobile devices continue to be the target of attack at increasing rates.  There is a relatively simple explanation for this – in a typical organization today, 60% of the endpoints containing or accessing enterprise data are mobile; the majority of which do not have any security protection today. It is no longer a matter … Read More

Zimperium Customers Protected From Monokle Malware

According to Threatpost, another new malicious Android app – dubbed “Monokle”- is gaining attention. While Monokle has some interesting capabilities (e.g., making extensive use of Android accessibility services to exfiltrate data and predictive-text dictionaries to understand a target’s interests), it is still basically another malicious app. Monokle is a highly-targeted malicious app (Monokle has been … Read More

Latest Android Malware is Not a Surprise; Zimperium Customers Protected

According to news reports, a new strain of Android malware has infected 25 million devices and modified legitimate apps with a malicious ads module.   It’s believed the malware originated from a Chinese internet company that helps Chinese Android developers publish and promote their apps in foreign markets. The malware was disguised as Google-related updaters and … Read More