written and researched by Nicolás Chiaraviglio and Santiago A. Rodriguez As mentioned in our blog post on mobile phishing, there are different types of phishing attacks. Here, we’ll dig deeper into the different types that exist. Moreover, we’ll take a look at phishing kits, a tool that allows non-technical scammers […]
written and researched by Nicolás Chiaraviglio and Santiago A. Rodriguez CISOs worldwide are scrambling to address phishing attacks. In the second quarter of 2019 alone, there were close to 130 million phishing attacks, taking place on different types of devices within an enterprise – – desktops, laptops and mobile devices. […]
Introduction Thousands of new malicious apps are being released for mobile devices every day. And thousands more variations of older malware are being released too. Unfortunately, many of these new/old threats are not being detected by the existing mobile malware technology. Organizations need next generation machine learning-based solutions that can […]
Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo) Advertising and click fraud campaigns are one of the most common mobile malware-based monetization techniques. Although they are considered a lawful income source in most app markets, they can put the user’s privacy at risk and even cause economic damage. Once […]
Researchers: Ori Karliner (@oriHCX) Relevant Operating Systems: FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, WHIS OpenRTOS and SafeRTOS (With WHIS Connect middleware TCP/IP components) . CVE List: [wpsm_comparison_table id=”4″ class=””] As a part of our ongoing IoT platform research, zLabs recently analyzed some of the leading […]
Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo) Introduction Since the beginning of 2018, researchers in Zimperium’s zLabs have been tracking a rise in the frequency and sophistication of applications that have been loaded outside of the official Google Play Store. Many of these have leveraged social engineering techniques […]
This week at HITB Singapore, Zimperium zLabs’ security researcher, Rani Idan (@raniXCH), is conducting a session titled “The Road to iOS Sandbox Escape.” Rani’s fellow zLab’s researcher, Adam Donenfeld (@doadam), is also conducting a session titled “Viewer Discretion Advised: (De)coding an iOS Vulnerability.” Here is the abstract for Rani’s session. We will post the recording of the session […]
This week at HITB Singapore, Zimperium zLabs’ security researcher, Adam Donenfeld (@doadam) is conducting a session titled “Viewer Discretion Advised: (De)coding an iOS Vulnerability.” Another zLabs researcher, Rani Idan (@raniXCH), is also doing a session titled “The Road to iOS Sandbox Escape.” Here is the abstract for Adam’s session. We will post the recording of the session when it […]
This week at BSides Las Vegas, zLabs’ security researcher, Tamir Zahavi-Brunner (@tamir_zb) is conducting a session titled “Treble or Trouble: Where Android’s latest security enhancements help, and where they fail.” Tamir’s work is another example of why zLabs is recognized as the world’s most qualified and talented collection of researchers focused 100% exclusively on mobile Here […]
Long Term Evolution (LTE) is the latest mobile telephony standard designed to bring many security improvements over the predecessor standard known as the Global System for Mobile (GSM). In a new research paper, security researchers from Ruhr-Universität Bochum and New York University Abu Dhabi outline attacks that could allow sophisticated […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox