zANTI is an easy to use penetration testing and a security analysis toolkit. With zANTI you can simulate real-world, commonly-used malicious cyberattack techniques. Using zANTI, you will quickly discover unsafe elements in your networks, and in your devices that are connected to those networks. Using zANTI, you will understand unsafe conditions on your devices in three […]
Currently browsing: Threat Research
CVE-2017-13253: Buffer overflow in multiple Android DRM services
Follow @tamir_zb As part of our platform research in Zimperium zLabs, we recently disclosed a buffer overflow vulnerability affecting multiple Android DRM services to Google. Google classified it as high-severity, designated it as CVE-2017-13253 and have patched it in the March security update. In this blog post, we’ll cover the […]
Threat Advisory: RedDrop
RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and exfiltrate sensitive data, but unfortunately that doesn’t make it unique. While there appears to be an elaborate network behind it, RedDrop is simply another Android […]
Fake BBC News App: Analysis
Follow @fvrmatteo On February 26, 2018, we received a notification from the detection system about a malicious sample with a suspicious package and Play Store name. We quickly verified the automatic analysis and confirmed the sample was actively trying to scam users to download it instead of the original BBC […]
CVE-2018-4087 PoC: Escaping the sandbox by misleading bluetoothd
Following my previous blog post titled “New Crucial Vulnerabilities in Apple’s bluetoothd daemon”, I am releasing the vulnerability PoC. The PoC is released for educational purposes and evaluation by IT Administrators and Pentesters alike, and should not be used in any unintended way. Furthermore, this PoC and any other related […]
LiberiOS & Electra: iOS 11 jailbreaks… easily detected by Zimperium z9
The mobile security arms race continues, OS update after OS update. With every update, it is a race against time before someone releases a new exploit that can allow users to jailbreak devices… or worse, remote attackers to compromise devices. While jailbreaking a mobile device can be fine (or even […]
Dissecting mobile native code packers. A case study.
As mobile malware advances to the levels of desktop malware, it’s not uncommon to stumble upon protected APKs while analysing malware. Most of the times, the sample is simply obfuscated via classes/variables name stripping from the DEX file and/or strings obfuscation; but other times several layers divide the researcher from […]
New Crucial Vulnerabilities in Apple’s bluetoothd daemon
By: Rani Idan Follow Rani Idan (@raniXCH) As part of our platform research team in Zimperium zLabs, we investigated iOS mach message IPC, focusing on available services accessible from within the iOS sandbox. The goal of this effort was to assess potential opportunities to gain privilege escalation and escape the sandbox, […]
Threat Advisory: Meltdown & Spectre
According to the team at Graz University of Technology that responsibly disclosed the new bugs, Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other […]
Zimperium Global Threat Report – Q3 2017
Zimperium has released it’s latest summary report on mobile threats seen at its customers. The latest report summarizes mobile threats recorded from July 1 to September 30, 2017, for device risks, network threats, and app malware, click bots, and privacy abuse. Data in the “Zimperium Global Threat Report” is initiated by Zimperium’s mobile […]