Currently browsing: iOS

Zimperium and Intertrust Partner to Provide End-to-End Security for IoT devices

Zimperium and Intertrust’s partnership offers best-in-class protection for edge devices in trusted data ecosystems Today, Zimperium and Intertrust announced a partnership to provide end-to-end security and data management for IoT devices, apps and media services operating in Zero Trust environments. Under the terms of the partnership, Intertrust will offer Zimperium’s […]

Read more

Pegasus Spyware Resurfaces with Newly Revealed Zero-Click Vulnerability

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting further details around their discovery of a zero-click vulnerability targeting Apple devices across the entire endpoint ecosystem. In response to the disclosure, Apple has released security updates for all their devices from mobile to desktop. […]

Read more

Sideloaded Applications: The Risk of Fewer Restrictions

Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your corporate infrastructure? The premise of a third-party app store is relatively innocent on the surface, with hundreds of repositories set up to enable mobile […]

Read more

P for Privacy – The Background Story of CVE-2020-9773

Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020  Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS […]

Read more

c0ntextomy – Let’s Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and […]

Read more

Malicious Websites Put iOS Devices At Risk

In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole […]

Read more

Get started with Zimperium today