Criminals may not have physical access to your device – but that won’t stop them from hacking your device remotely to steal sensitive and confidential data. The BYOD revolution is here to stay and enterprises need to adopt mobile security best practices that can help prevent cyberattacks like Shellshock, WireLurker, […]
Resources
DoubleDirect – Zimperium Discovers Full-Duplex ICMP Redirect Attacks in the Wild
By: Esteban Pellegrino, Zuk Avraham, Patrick Murray and Rachel Ackerly. Zimperium Mobile Security Labs have investigated during the last year a dangerous type of attack technique in the wild being exploited by attackers. Aptly named “DoubleDirect,” this attack is a type of “Man-in-the-Middle” attack (MITM) enabling an attacker to redirect […]
2015 Mobile Security Predictions – Mobile Attacks Move Mainstream
As 2014 inches to an end, Zimperium Mobile Security Labs researchers are actively preparing to stay one step ahead of attackers in the ever changing mobile security threat landscape. Due to the growing mobile device market, and the recent wave of attacks like Shellshock, Poodle, WireLurker and DoubleDirect, the Zimperium […]
Is Your Mobile Device Putting Your Company at Risk?
The Three Ways Your Mobile Device is Putting Your Company at Risk The explosion of mobile devices has changed the way people live and work. Enterprises want to take advantage of the productivity benefits mobile devices present without compromising an organization’s sensitive IP. With more business being conducted on the […]
Welcoming Shridhar Mittal to the Z family
Earlier this year I promised big changes at Zimperium. We announced our Series A funding, launched Zimperium Mobile Threat Defense system with the World’s first Mobile IPS, and most recently made zANTI2 our award-winning mobile assessment tool completely free for community usage. Well, I’m excited to say that we have […]
Nation-state attacks exist on iOS
Yesterday reports surfaced about China potentially using malware targeted at iPhone users to spy on Hong Kong protesters. Is it possible that a nation-state attack on an iOS device would be so bold as to use the words ODAY in its attack? Possibly… But what’s more important here is not […]
Shellshock – Find out if your mobile device is vulnerable
Today a new vulnerability was discovered called “Shellshock,” that targets BASH, a popular software widely used to control the command prompt on many *nix computers. Shellshock has the potential to wreak havoc on websites, web servers, PCs, routers and more because it enables hackers to gain complete control of an […]
JPMorgan Hacked: Wake Up Call For Enterprises to Secure Endpoints
Why $250 million didn’t protect JPMorgan from hackers… Late last month CBS Nightly News reported about a robbery at American’s biggest bank, JPMorgan. This attack was no ordinary hold-up. JP Morgan Chase fell victim to a targeted cyberattack, despite spending $250 million dollars on cybersecurity. According to the information disclosed […]
Security Limitations in Smartphones
In our previous blog post, we wrote about what’s planned for 2014. Since we’re aiming to change the world of mobile security, maybe a good place to start is to describe the security limitations on smart devices. Like a computer, right? Often, people think that mobile device security is exactly […]
LinkedIn 0day Vulnerability Puts Your Data at Risk
Today, corporate networks and websites face varying degrees of cyber-threats – ranging from widespread well-publicized threats like the recent Heartbleed bug, to those that are less well-known, but just as damaging, like “Man-in-the-Middle” (MITM) attacks. The latter cyber-threat threats are network attacks that allow hackers to intercept users’ internet communication, […]