HackDig : Dig high-quality web security articles for hacker

Mobile Threat Data Q2 2017

Zimperium is releasing its most recent summarized mobile threat data detected via our global enterprise customers. The data provides insight into what type of threats our customers are detecting by having the zIPS mobile threat defense app on corporate and BYO devices. zIPS enables companies to detect threats to mobile devices in real-time, so attacks via m
Publish At:2017-09-15 18:50 | Read:157 | Comments:0 | Tags:Mobile Threat Defense Threat Research

Your Guide to Mobile Threat Defense

“The signs are clear that mobile threats can no longer be ignored. Security and risk management leaders must familiarize themselves with mobile threat defense solutions and plan to gradually integrate them to mitigate mobile risks.”* *Gartner Market Guide for Mobile Threat Defense Solutions, Dionisio Zumerle, John Girard, 22 August 2017 Gartner r
Publish At:2017-09-13 11:35 | Read:187 | Comments:0 | Tags:Mobile Threat Defense Threat Research Gartner

Fake Snapchat in Google Play Store

Introduction   Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” .” appended to original name. Fake
Publish At:2017-08-11 02:50 | Read:415 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:336 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

Jailbreak versus Compromise…

We see a lot of confusion in the market about precisely what it means to jailbreak a device–and that confusion could lead to serious problems, especially with regard to the notion of a hacker performing a jailbreak to attack a device. The security industry is notoriously full of acronyms, buzzwords and generally opaque jargon. Here at Zimperium, we try
Publish At:2017-08-08 13:55 | Read:338 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense Exploit jailbreak

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and
Publish At:2017-07-11 22:35 | Read:397 | Comments:0 | Tags:0-Packet Android iOS Machine Learning Mobile Malware Mobile

Zimperium and Deutsche Telekom Offer Mobile Security to German Bundestag Elections

Here at Zimperium, we spend all day, every day, obsessing about mobile security and how we can provide a secure mobile experience. That’s not just because we are driven. It’s because the threats to mobile devices are both immediate and real. Every time someone uses an iPhone or an Android device to make a call, send or receive a text, check email
Publish At:2017-06-27 05:20 | Read:441 | Comments:0 | Tags:Mobile security Mobile Threat Defense Partners Deutsche Tele

Mobile Threat Defense for Intune

Zimperium’s z9 technology and mobile threat defense is available for Microsoft Enterprise Mobility + Security deployments. Customers using Intune can receive threat intelligence from mobile devices and implement the risk-based access policies popular with Intune deployments. John Michelsen has been leading the efforts with Microsoft and is excited to
Publish At:2017-06-12 15:25 | Read:432 | Comments:0 | Tags:Mobile Threat Defense Intune

NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type: Elevation of Privileges Platform: Android < 6.0 Device type: Huawei MT7-UL00, Nexus 7 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any
Publish At:2017-05-25 16:50 | Read:604 | Comments:0 | Tags:Android Mobile security Mobile Threat Defense N-Day Threat R

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (passwor
Publish At:2017-05-25 16:50 | Read:607 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense N-Day Threat Resea

NDAY-2017-0106: Elevation of Privilege in NVIDIA nvhost-vic driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0106 CVE: CVE-2016-2434 Type: Elevation of Privileges Platform: Android 6.0.1 Device type: Nexus 9 Zimperium protection: Detected the exploit without an update. Zimperium partners and customers do not need to take any action to detect th
Publish At:2017-05-25 16:50 | Read:606 | Comments:0 | Tags:Android Mobile Threat Defense N-Day Threat Research

Enterprise Mobile Security on Microsoft Azure

Zimperium now integrates with Microsoft Azure to detect and thwart advanced mobile attacks. Our mobile threat defense (MTD) platform easily integrates directly with Microsoft Azure to give enterprise customers all of the benefits of Zimperium’s award-winning platform in the Azure Cloud. Zimperium on Azure delivers real-time, on-device threat detection and re
Publish At:2017-05-15 17:15 | Read:519 | Comments:0 | Tags:Mobile security Mobile Threat Defense Azure Microsoft

NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosur
Publish At:2017-04-25 15:35 | Read:628 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known versions of the malware were removed from Google
Publish At:2017-04-25 15:35 | Read:564 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Three Reasons Why Encryption Could Be Hurting Mobile Security

In the aftermath of Edward Snowden’s revelations about mass-surveillance by the U.S. government in 2013, technology companies have made a serious effort to convince their customers that they are in support of strong privacy by incorporating encryption policies. Popular messaging apps like Signal, WhatsApp and Telegram have added end-to-end encryption protoco
Publish At:2017-03-22 10:45 | Read:735 | Comments:0 | Tags:Mobile Threat Defense Wikileaks

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud