On July 17, 2021, the world became aware of WifiDemon, a critical zero-touch remote-code execution vulnerability impacting iOS devices. Research conducted and published by the ZecOps Mobile EDR team has proven that what was thought to be a network crash bug is in actuality a security risk for iOS devices. […]
Apple is making a new change in the way it secures the code running in its mobile operating system. This signals – yet again – that threats to mobile devices are very real. The change is currently in the beta version of the next iOS version – 14.5. It makes […]
Apple’s high-profile release of iOS 14.4, including security fixes for three critical vulnerabilities said to have been exploited by hackers in the wild, once again shows why enterprises need to deploy mobile threat defense (MTD) solutions. Whether it is the Jeff Bezos hack or the ‘scariest iPhone hack ever,’ vulnerabilities […]
Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline Bug discovered: December 1st, 2019 Vendor notified: December 17th, 2019 First patch attempt: March 24th, 2020 Final patch released: September 15th, 2020 Summary A sandboxed application can circumvent updated iOS […]
Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox