Ios

May 1, 2024

More Malware May be Exposed to iOS Devices Because of Supreme Court Ruling

According to The Wall Street Journal’s article Apple Loses Bid to End App Antitrust Case in Supreme Court, “Consumers can sue Apple Inc. for forcing them

Read More

March 9, 2023

New Apple Vulnerabilities Identified: Top Takeaways from Recent Discovery

New Apple vulnerabilities have been disclosed. Learn the details, our conclusions, and some important lessons about mobile application security.

Read More

December 16, 2021

Zimperium and Intertrust Partner to Provide End-to-End Security for IoT devices

Zimperium and Intertrust’s partnership offers best-in-class protection for edge devices in trusted data ecosystems Today, Zimperium and Intertrust

Read More

November 30, 2021

Why the Software Bill Of Materials(SBOM) Must Extend to the Mobile App Supply Chain

  Supply Chain attacks are not a new problem, but their frequency has been increasing since 2013 when Target was breached. But the recent attacks on

Read More

September 14, 2021

Pegasus Spyware Resurfaces with Newly Revealed Zero-Click Vulnerability

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting further details around their discovery of a

Read More

July 17, 2021

WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected

On July 17, 2021, the world became aware of WifiDemon, a critical zero-touch remote-code execution vulnerability impacting iOS devices. Research conducted

Read More

May 18, 2021

Sideloaded Applications: The Risk of Fewer Restrictions

Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your

Read More

February 26, 2021

Apple’s Upcoming iOS 14.5 Update Once Again Illustrates Mobile Threats are Real

Apple is making a new change in the way it secures the code running in its mobile operating system. This signals - yet again - that threats to mobile

Read More

November 18, 2020

P for Privacy - The Background Story of CVE-2020-9773

Affected Component: all iOS versions < 14.0 LSDIconCache Latest Vulnerable Version: iOS 13.7 Vendor: Apple, Inc. CVE: CVE-2020-9773 Disclosure Timeline

Read More

September 24, 2020

c0ntextomy - Let's Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in

Read More

November 1, 2019

CVE-2019-8804: An inconsistency in Wi-Fi network configuration 

Researcher: Christy Philip Mathew (@christypriory) Relevant Devices: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th

Read More

August 30, 2019

Malicious Websites Put iOS Devices At Risk

In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection

Read More

August 15, 2019

What exactly is a mobile ______ attack?

Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing

Read More

August 13, 2019

To Be...Protected, or not To Be...Protected. That is the Question.

These last few days could have CIOs and CISOs very nervous. Two news stories about mobile devices pose real threats for enterprises around the world: From

Read More

June 14, 2019

WhatsApp Buffer Overflow Vulnerability: Under the Scope

Researcher: Chilik Tamir (@_coreDump)   Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This

Read More

February 26, 2019

Zimperium Integrates with IBM MaaS360 with Watson

We recently blogged about the enterprise requirement for mobile threat defense (MTD) solutions to support various, and often multiple Mobile Device

Read More

December 4, 2018

Zimperium Scales into the Billions (that’s with a “B”)

Seven thousand events per second. Six hundred million events per day. Two hundred billion (that’s with a “B”) events per year. That is how many events

Read More

November 12, 2018

CVE-2018-4109: Overwriting kernel memory with a few video packets

Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4109   As a part of zLabs platform research

Read More

November 8, 2018

Your App, Our Security: Zimperium Launches Latest Version of Machine Learning-Based Security for Mobile Apps

Zimperium is announcing the availability of the latest version of zIAP, our industry-leading, machine learning-based mobile security solution developed

Read More

October 23, 2018

CVE-2018-4282: Out-of-bounds read vulnerability in AppleT8015PPM.kext

Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4282   Summary As a part of our ongoing mobile

Read More

September 11, 2018

Zimperium Announces Support for Google Cloud

Zimperium is proud to be the global leader in enterprise mobile security. While many of our detection and architectural innovations have come from the

Read More

August 27, 2018

zLabs at HITB Singapore: (De)coding an iOS Vulnerability

This week at HITB Singapore, Zimperium zLabs’ security researcher, Adam Donenfeld (@doadam) is conducting a session titled “Viewer Discretion Advised:

Read More

August 27, 2018

zLabs at HITB Singapore: The Road to iOS Sandbox Escape

This week at HITB Singapore, Zimperium zLabs’ security researcher, Rani Idan (@raniXCH), is conducting a session titled "The Road to iOS Sandbox Escape."

Read More

May 18, 2018

ZipperDown Vulnerability: 100 Million iOS Users (Not Using Zimperium) at Risk of Exploit

Last Monday, security researchers from iOS jailbreak firm, Pangu Lab, announced a vulnerability that they believe affects around 10% of all iOS apps. In a

Read More

August 24, 2017

ziVA: Zimperium's iOS Video Audio Kernel Exploit

Follow @doadam Following my previous post, I’m releasing ziVA: a fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS

Read More

August 9, 2017

ZPI: One approach to rule them all

In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works "Adaptation in Natural and Artificial

Read More

August 8, 2017

Jailbreak versus Compromise...

We see a lot of confusion in the market about precisely what it means to jailbreak a device--and that confusion could lead to serious problems, especially

Read More

July 20, 2017

Zimperium zLabs iOS Security Advisories

As part of zLab's platform research team, I've tried to investigate an area of the kernel that wasn't thoroughly researched before.  After digging into

Read More

July 11, 2017

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in

Read More

May 25, 2017

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information

Read More

March 9, 2017

“Vault 7”: Nation-states have the same tools as hackers-for-hire, so what?

Yesterday, WikiLeaks published documents suggesting the CIA had access to, and developed, tools that can be used to hack smartphones and other Internet

Read More

February 12, 2016

Reflecting on Recent iOS and Android Security Updates

By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) The last thirty

Read More

January 23, 2016

Analysis of iOS & OS X Vulnerability: CVE-2016-1722

By:Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) Apple released iOS 9.2.1 update, the first iOS security update

Read More

September 25, 2015

iOS 9 security: A reality check

By zLabs :: Jimmy Shah Apple has released iOS 9 with a large number of security fixes. Zimperium recommends that iOS users install the latest iOS update.

Read More

July 7, 2015

Top iOS Security Researcher Joins zLabs

Zimperium kickstarted Q3, 2015 on a high note as Nikias Bassen, a world-renowned iOS security researcher, joined Zimperium. Nikias will be part of

Read More

June 10, 2015

Apple patches major security vulnerabilities in the watchOS

Is the Apple Watch secure? While everyone is tuned in to WWDC 2015, waiting for the latest moves and releases from San Francisco, there are those of us

Read More

October 2, 2014

Nation-state attacks exist on iOS

Yesterday reports surfaced about China potentially using malware targeted at iPhone users to spy on Hong Kong protesters. Is it possible that a

Read More