April 16 – 20, 2018. Moscone Center, San Francisco. The Zimperium team will be showcasing the latest in enterprise mobile security at RSAC 2018 and we look forward to seeing you there! Stop by our Exhibitor Booth #N4710 (Moscone North) for an in-depth look at our industry-leading research and Mobile Threat Defense solutions. We’ll be offering the exclusive opportunity to […]
Resources
Webinar: Mobile Security Threats Targeting the Financial Industry
Zimperium, the global leader in enterprise mobile security, will host a webinar titled, “Banking Information is at Risk of Theft on Mobile Devices.” Research shows that the number of global mobile banking users will reach 2 billion by 2020, exceeding the number of traditional online banking users. While today’s smartphones […]
Webinar: Compliance and The Forgotten Endpoint
Zimperium, the global leader in enterprise mobile security, will host a webinar titled, “Compliance and Mobile Devices: The Forgotten Endpoint.” Organizations in practically every industry, including financial services, retail, healthcare and more, are required to meet cybersecurity compliance requirements set by federal and state regulators. Penalties for non-compliance include massive fines […]
CVE-2017-13253: Buffer overflow in multiple Android DRM services
Follow @tamir_zb As part of our platform research in Zimperium zLabs, we recently disclosed a buffer overflow vulnerability affecting multiple Android DRM services to Google. Google classified it as high-severity, designated it as CVE-2017-13253 and have patched it in the March security update. In this blog post, we’ll cover the […]
Threat Advisory: RedDrop
RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and exfiltrate sensitive data, but unfortunately that doesn’t make it unique. While there appears to be an elaborate network behind it, RedDrop is simply another Android […]
Fake BBC News App: Analysis
Follow @fvrmatteo On February 26, 2018, we received a notification from the detection system about a malicious sample with a suspicious package and Play Store name. We quickly verified the automatic analysis and confirmed the sample was actively trying to scam users to download it instead of the original BBC […]
CVE-2018-4087 PoC: Escaping the sandbox by misleading bluetoothd
Following my previous blog post titled “New Crucial Vulnerabilities in Apple’s bluetoothd daemon”, I am releasing the vulnerability PoC. The PoC is released for educational purposes and evaluation by IT Administrators and Pentesters alike, and should not be used in any unintended way. Furthermore, this PoC and any other related […]
LiberiOS & Electra: iOS 11 jailbreaks… easily detected by Zimperium z9
The mobile security arms race continues, OS update after OS update. With every update, it is a race against time before someone releases a new exploit that can allow users to jailbreak devices… or worse, remote attackers to compromise devices. While jailbreaking a mobile device can be fine (or even […]
Hey you, get off that cloud! Said no Zimperium person ever…
Zimperium Delivers First Mobile Security Solution Available On Any Cloud. Zimperium is proud to be the global leader in enterprise mobile security. We got there by one simple rule: listen to your customer. Our customers told us they didn’t want to be locked-in to any one cloud platform. They often […]
Don’t be caught on the wrong side of an attack
Using only cloud sourcing as the basis for mobile threat defense is the wrong side of an attack. We respect the boldness of a competitor’s CEO taking on the leader in his market. In a very literal sense, he laid his and his company’s cards on the table. This is […]
Mobile Security Updates
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox