Mtd

August 4, 2025

Extended Rapid Response: Zimperium Expands Detection of PlayPraetors Android RAT Campaign with Additional Samples and Targets

Zimperium expands detection of PlayPraetors Android RAT campaign—targeting 11K+ devices via fake Play Stores, overlays, and real-time fraud.

Read More

July 10, 2025

The Critical Role of Supply Chain Resilience in Today's Digital Landscape

Businesses must recognize that operational resilience extends beyond cybersecurity; it encompasses the entire supply chain, ensuring that even routine updates do not disrupt operations.

Read More

July 7, 2025

Banks Admit Cybersecurity is the Biggest Threat. Now What?

In JPMorgan Chase's 2018 annual report, CEO Jamie Dimon states in a widely read letter to shareholders the following. “The threat of cybersecurity may

Read More

June 3, 2025

Rapid Response: Zimperium Detects GhostSpy Android RAT

CYFIRMA recently uncovered GhostSpy, a highly stealthy and persistent web-based Android Remote Access Trojan (RAT).

Read More

May 29, 2025

Rapid Response: Zimperium Detects All Reported Samples of Evolving Zanubis Android Banking Trojan

As Zanubis and other banking trojans continue to adapt and become more sophisticated, Zimperium remains committed to delivering advanced, proactive protection to secure mobile users and financial institutions worldwide.

Read More

May 15, 2025

Preventing Malicious Mobile Apps from Taking Over iOS through App Vetting

This blog post explores the importance of app vetting and provides actionable steps to help organizations safeguard their mobile ecosystems.

Read More

May 14, 2025

Securing Every Android Work Device: Zimperium and Android Enterprise Enable Smarter, Safer Access

Organizations today face an undeniable truth: mobile devices are the modern gateway to the enterprise. As hybrid work continues and BYOD becomes pervasive, the traditional perimeter has all but disappeared.

Read More

April 23, 2025

From Lock Screen to Wallets: BTMOB RAT Now Targets Alipay PINs

On February 12, Cyble reported the discovery of a new variant of the BTMOB spyware, named BTMOB RAT v2.5. This malicious software is being distributed through deceptive phishing sites impersonating popular streaming services like iNat TV and fraudulent cryptocurrency mining platforms.

Read More

April 22, 2025

Rapid Response: Zimperium Detects SuperCardX NFC Relay Fraud Operation

A recent report by Cleafy uncovered SuperCardX, a sophisticated Malware-as-a-Service (MaaS) operation used for conducting NFC relay fraud.

Read More

April 16, 2025

Your Apps are Leaking: The Hidden Data Risks on your Phone, Part 1

Learn about the hidden data risks in mobile apps, focusing on cloud and cryptography vulnerabilities that could expose sensitive information. Discover how to protect your enterprise.

Read More

April 14, 2025

Pragmatic Crocodilus: A New Variant In the Horizon

Following ThreatFabric’s publication on Crocodilus, a sophisticated Android banking trojan, our zLabs team conducted a deeper investigation into its broader ecosystem.

Read More

November 13, 2024

Mishing: The Rising Mobile Attack Vector Facing Every Organization

Mishing refers to mobile-targeted phishing attacks exploiting devices via email, text messages, voice calls, or QR codes to steal sensitive information. These attacks leverage mobile-specific features and user behaviors, posing significant risks to corporate networks and data. Understanding and mitigating mishing is crucial for maintaining enterprise mobile security.

Read More

November 7, 2024

2022 Predictions: 5 Mobile Threats to Look for This Year

Recent years have made abundantly clear that attempting to predict what’s to come in the future can be a pretty dicey proposition. However, it is also

Read More

November 7, 2024

Chrome OS Now Second-Most Popular Desktop Operating System

For the first time in the annual desktop operating system market share reports, Chrome OS has passed macOS. According to 2020 numbers from market data

Read More

November 7, 2024

4 Reasons Why Companies Need To Protect Employee Phones Today

  If you search “data breach” on Google, you’ll get a variety of articles ranging from Equifax to the latest Quest Diagnostics data breach. However,

Read More

October 30, 2024

Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.

Read More

October 21, 2024

Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.

Read More

October 11, 2024

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Our analysis of TrickMo suggests that many of these samples remain undetected by the broader security community.

Read More

October 10, 2024

ISM’s Guidelines for Enterprise Mobility

In this blog, we will analyze the ISM’s mobile controls, explore the risks they aim to mitigate, and outline practical approaches for addressing each control.

Read More

October 7, 2024

Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

Zimperium’s Mobile Threat Defense (MTD) and its Mobile App Protection Suite (MAPS) solution provide robust protection against Octo2, detecting all known samples in a zero-day fashion.

Read More

October 7, 2024

iOS and the WebP Vulnerability

In this blog post we will underline the differences and the similarities on how iOS developers reacted to the WebP vulnerability and our observed patching trends of those iOS applications. 

Read More

October 1, 2024

Zimperium Coverage on COLDRIVER Phishing Campaign 

The recently uncovered "River of Phish" campaign, attributed to the Russian threat actor COLDRIVER, targets Western and Russian civil society through sophisticated spear-phishing attacks.

Read More

September 26, 2024

Zimperium Detects New Android Spyware Targeting South Korea

Security researchers at Cyble have uncovered a new Android spyware campaign primarily targeting individuals in South Korea. This sophisticated malware, masquerading as legitimate applications, poses a significant threat to user privacy and data security.

Read More

September 17, 2024

Zimperium Mobile Threat Defense (MTD) Achieves IRAP PROTECTED Status

Zimperium has achieved the Australian Government security status of  PROTECTED after successfully completing an assessment performed by the Information Security Registered Assessors Program (IRAP) for its sovereign-hosted Mobile Threat Defense (MTD) solution.

Read More

September 9, 2024

Unmasking SpyAgent: Zimperium’s Zero-Day Defense Against Cryptocurrency Theft

Zimperium’s Zero-Day defense against a sophisticated Android malware campaign involving SpyAgent, a spyware strain designed to steal cryptocurrency credentials.

Read More

September 5, 2024

Preventing Infections of N-Day Exploits Delivered via Malicious Websites

State-backed attackers and commercial surveillance vendors repeatedly using N-day exploits to target known vulnerabilities in devices. 

Read More

September 4, 2024

Zimperium Welcomes Shashank Pathak to Our Go-to-Market Team in India

As we continue to strengthen our presence in India and South Asia, we are excited to announce the appointment of Shashank Pathak to our Go-to-Market team.

Read More

August 20, 2024

Securing Agency Devices: The Critical Need for Mobile App Vetting

This blog will explore the various types of risky apps and the concerns they pose, emphasizing the need for stringent mobile app vetting processes.

Read More

August 12, 2024

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

Learn the top 7 source code obfuscation techniques.

Read More

July 23, 2024

Zimperium is Named a Leader in the Forrester Wave™ for MTD

We are excited to share that Zimperium has been named a Leader in The Forrester Wave ™ : Mobile Threat Defense Solutions, Q3 2024.

Read More

July 15, 2024

Phishing Campaigns and Rafel RAT: A Dangerous Duo

Among the myriad of tools employed in malicious activities, Remote Access Trojans (RATs) stand out for their ability to provide attackers with unfettered access to compromised systems.

Read More

July 8, 2024

Understanding Rafel RAT and Its Role in Mobile Ransomware Attacks

Rafel RAT is a type of malware that allows attackers to gain complete control over a victim's mobile device. Once installed, Rafel RAT can perform a

Read More

July 2, 2024

Medusa Reborn: Zimperium’s Robust Defense

For the past two years, Zimperium has released the Mobile Banking Heist Report, providing in-depth research on the latest malware families, new attack

Read More

July 1, 2024

Unmasking Rafel RAT: Android Infiltration Campaign

Application sideloading opens the door to significant security vulnerabilities increasing the attack surface users are exposed to.

Read More

May 1, 2024

More Malware May be Exposed to iOS Devices Because of Supreme Court Ruling

According to The Wall Street Journal’s article Apple Loses Bid to End App Antitrust Case in Supreme Court, “Consumers can sue Apple Inc. for forcing them

Read More

April 2, 2024

Mobile Endpoint Security and Antivirus | Differences Between the Two

The challenge with explaining something new is making that new thing relatable to something someone else already knows and understands. This is why the

Read More

February 13, 2024

Mobile Device Management & Mobile Threat Defense: A Love Story

MDM and MTD were made for each other. It was love at first byte. Read the love story. Live the romance. Truly better together.

Read More

February 8, 2024

The Risks of Quishing and How Enterprises Can Stay Secure

Cybercriminals are exploiting QR codes through phishing attacks, called quishing, which are exposing employees and organizations to the risk  of data loss, credential theft, and unauthorized access to corporate networks.

Read More

January 30, 2024

IBM Security MaaS360 Announces Partnership with Zimperium

IBM Security joins forces with Zimperium to offer organizations a comprehensive solution to manage and protect their mobile ecosystem.

Read More

January 22, 2024

New Year, New Hires, New Devices: Kick Start the Year with Endpoint Security

As we welcome the new year, businesses around the world are gearing up for growth and expansion. Let’s dive into some of the threats mobile devices can face and explore how Zimperium Mobile Threat Defense (MTD) can help enterprises protect your enterprise. 

Read More

November 8, 2023

Zimperium Impresses; Named Top Cybersecurity Startup for 2021

“So, get ready to be really impressed,” Max Kurton of EM360 - a global technology platform - exclaimed as he revealed Zimperium as the number one

Read More

November 8, 2023

Zimperium Selected CIO Applications Europe’s Top 10 Most Proficient Enterprise Mobility Solution Providers of 2019

The editorial team at CIOApplications Europe, along with a distinguished panel of CEOs, CIOs, VCs, and industry analysts, have named Zimperium to its list

Read More

November 8, 2023

Malicious WiFi Connections: Welcome to RSA Conference 2019

Nicolás Chiaraviglio (@chiconara) We recently blogged about attacks perpetrated at WiFi networks in Barcelona before and during the 2019 Mobile World

Read More

November 8, 2023

Top 5 Mobile Security Stories of 2019

Mobile security has certainly seen its fair share of headlines in 2019 prompting individuals and enterprises to realize mobile devices are another

Read More

November 8, 2023

Meet Zimperium at RSA Conference 2018

April 16 - 20, 2018. Moscone Center, San Francisco. The Zimperium team will be showcasing the latest in enterprise mobile security at RSAC 2018 and we

Read More

November 8, 2023

Modern Mobile Device Protection: Why Legacy Approaches Fall Short

There is no question that using mobile devices is an integral part of an organization's overall business strategy. As the mobile threat landscape continues to evolve, organizations must evaluate their current approaches and embrace new security practices in order to secure their mobile endpoints.

Read More

November 8, 2023

Global Mobile Threat Report: Emerging Endpoint Security Risks in 2022

The ownership and use of smartphones has grown increasingly ubiquitous. By 2021, the percentage of adults in the U.S. who owned a smartphone grew to 85%1.

Read More

November 8, 2023

The Mobile Malware Chronicles: Necro.N - Volume 101

Zimperium researchers analyze Necro.N and focuses on the differences and elements.

Read More

November 8, 2023

Q&A with CISA’s Jen Easterly: Every Part Of Our Interconnected Ecosystem Needs Securing, Including Mobile

Jen Easterly, the new Director of the Cybersecurity & Infrastructure Security Agency CISA, recently sat down for a great, relaxed, and open discussion

Read More

November 1, 2023

Harnessing NIST Standards for Your Mobile-First Security Strategy

This webinar teaches how cybersecurity professionals rely on resources, such as NIST standards, to develop their mobile device security approach.

Read More

October 4, 2023

Okta Identity Threat Protection Platform

Zimperium MTD integrates real-time threat intelligence & rich threat context into the Okta Identity Threat Protection platform for rapid risk assessment.

Read More

September 27, 2023

Predator Spyware Strikes Again

On September 22nd, Citizen Lab, in collaboration with Google Project Zero, released a joint report revealing that Ahmen Eltantawy, a former Egyptian

Read More

August 29, 2023

Unveiling the Tactics of Lapsus$: A Review of Internal Attacks Vectors, Mobile Device Exploitation, and Social Engineering Techniques

On August 10, 2023, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board (CSRB) report summarizing the findings of its

Read More

May 18, 2023

OilAlpha: Learn How Zimperium MTD Protects Against This New Threat

Learn about emerging threats from the OilAlpha group and how Zimperium MTD customers are protected against the OilAlpha group and other similar threats.

Read More

May 8, 2023

NIS2 - Applying the New NIS Directive to Mobile Devices

Learn all about the NIS2 and how the EU Parliament’s updated NIS directive applies to mobile devices.

Read More

April 13, 2023

Risky Apps: How They Can Pose Threats to Your Security

BYOD devices may include risky apps used for non-work purposes. These apps can create data protection risks that a mobile threat defense should address.

Read More

March 29, 2023

Mobile Sypware Threats Put Businesses & Government Agencies at Risk

Learn how increasing mobile spyware threats threaten businesses & government agencies and how mobile threat defense solutions can provide protection.

Read More

March 23, 2023

Taxed Not Hacked: Protect Sensitive Tax Data from Cybercrime

Sensitive financial data is shared online during tax season. Learn how to protect confidential tax information from cybercrime this tax season.

Read More

March 9, 2023

New Apple Vulnerabilities Identified: Top Takeaways from Recent Discovery

New Apple vulnerabilities have been disclosed. Learn the details, our conclusions, and some important lessons about mobile application security.

Read More

February 2, 2023

The Security Gaps Left by EDR and How MTD Can Help

Take a look at the emerging threats and uncover the shortcomings of enterprise detection and response (EDR) solutions in addressing these threats. Read on to learn why mobile threat defense (MTD) solutions represent a critical requirement for today’s enterprises. Learn more.

Read More

January 24, 2023

Complying with CMMC Configuration Management Requirements: Why Patching Isn’t Enough

In order to comply with CMMC requirements, teams will need to institute robust mobile device security. In this post, we will provide some background on CMMC and why patching alone is not enough to meet these requirements. Learn more.

Read More

January 11, 2023

Zimperium Mobile Threat Defence Delivers 99% Efficacy in Independent Tests: See the Report from AV-TEST

In recent independent testing from AV-TEST, Zimperium’s mobile threat defense solution, zIPS, delivered top-tier results—better than 99% accuracy in about all scenarios. Read on to find out more about the tests and how zIPS fared. 

Read More

December 22, 2022

Why Multi-Factor Authentication (MFA) is Not Enough to Meet CMMC Requirements

As DIB contractors implement security controls aligned to CMMC practices, MTD is fundamental to securing CUI, especially for organizations with distributed workforces. Learn why MFA and other security practices are not enough to meet CMMC requirements.

Read More

December 15, 2022

MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter

The Zimperium zLabs team recently discovered a Flutter application with malicious code. The Flutter-obfuscated malware campaign, MoneyMonger, is solely distributed through third-party app stores and sideloaded onto the victim’s Android device and most commonly take advantage of social engineering through phishing messages, compromised websites, rogue WiFi networks, and social media to distribute the download links. Read more to learn how Zimperium customers are protected.

Read More

November 23, 2022

The Risks of Holiday Shopping and What to Do About Them

This holiday season, be on the look for cyber criminals looking to steal your credentials and credit card info and how to protect yourself from these threats. Read more.

Read More

October 19, 2022

RSA & Zimperium: Enhancing the Security of Multifactor Authentication

RSA, the leader in trusted identity and access management solutions, has announced Mobile Lock, a new feature developed in partnership with Zimperium that’s built into the RSA Authenticator mobile application to provide a new layer of protection around authenticating users into a secure environment. Learn more.

Read More

October 18, 2022

Zimperium Wins ‘Device Theft Prevention and Protection Solution of the Year’ in the 2022 Cybersecurity Breakthrough Awards

Zimperium has been named winner of this year’s “Cybersecurity Breakthrough Awards.” Recognized as the ‘Device Theft Prevention and Protection Solution of the Year,’ Zimperium was recognized for protecting the entire mobile ecosystem, identifying and revealing the most significant threats facing mobile devices and applications. Learn more.

Read More

October 18, 2022

More Than MDM: Mobile Device Security for CMMC Compliance

To meet CMMC compliance, you need to prove that you have a comprehensive approach to mobile device security. Learn how Zimperium zIPS MTD solution helps enterprises and government agencies in the DIB to meet current CMMC standards as part of their mobile device security controls.

Read More

October 5, 2022

We Smell A RatMilad Android Spyware

The Zimperium zLabs research team discovered spyware targeting Middle Eastern enterprise mobile devices and began monitoring the activity of a novel Android spyware family that we have since named RatMilad. Learn how Zimperium zIPS customers are protected against RatMilad spyware. Read more.

Read More

September 28, 2022

Mobile Attack Chains: The Real World Risks to Enterprise Security

Identifying a problem is a critical first step, but there can be a big leap between detecting an issue and fixing it. This is very much the case when it

Read More

September 27, 2022

Phishing Is On The Rise. Why You Need a Mobile Security Strategy

When protecting against phishing, it’s vital to defend the mobile endpoint. Learn how implementing a mobile-specific strategy, and a MTD solution can help protect your organization from phishing. Read more.

Read More

August 24, 2022

How Federal Agencies Should Prioritize and Address the Requirements Set forth by OMB

Federal agencies face a unique set of challenges. Since the publication of the Executive Order on Improving the Nation’s Cybersecurity (“EO”), the Office

Read More

August 11, 2022

Zimperium is the Only Pure-Play Mobile Threat Defense Provider Recognized in New GigaOm Anti-Phishing Radar Report

When it comes to phishing, there’s bad news and worse news, but also some good news. The bad news? Email-based phishing remains a persistent, pervasive

Read More

August 3, 2022

Mobile Security Is Critical: Verizon’s Refreshed Outlook on the Need for Mobile Threat Defense

61% of Global Organizations Suffered a Mobile Breach in the Last 12 Months As the modern workforce has evolved, so has the technology that is relied upon.

Read More

August 2, 2022

4 Common types of Malware and What's the Difference (Trojan, Spyware, Viruses, Ransomware)

Malware is malicious code that threat actors use to compromise data collected, stored, processed, or transmitted by mobile devices, computers, servers, or

Read More

July 28, 2022

How to Address the Mobile Security Implications Posed by the New mHealth Era

For years, healthcare has been going through a digital transformation, and in many organizations, the pandemic has radically accelerated this trend.

Read More

July 20, 2022

Keeping Texas Secure: Zimperium Earns Highest Level of TX-RAMP Certification

Zimperium has a long history of helping government organizations protect the mobile devices that are becoming an increasingly important part of daily life

Read More

June 16, 2022

Zimperium Reinforces Its Public Sector Commitment with New Data Connector for Microsoft Sentinel in Azure Government

The rising threats against government agencies are an ongoing concern in today’s threat landscape. With nation-state actors targeting local, state, and

Read More

April 7, 2022

The State of Browser Extension Malware

It is time for us to change how we think about malware. No longer is it limited to one specific operating system or device type. Like with phishing

Read More

February 16, 2022

Zimperium Joins NIST Project on Zero Trust Architectures

Zimperium has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology

Read More

February 9, 2022

Mobile Threat Defense for OMB Memorandum M-22-09

OMB Memorandum M-22-09: Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. On January 26, 2022, the Office of Management and Budget

Read More

January 26, 2022

Financially Motivated Mobile Scamware Exceeds 100M Installations

Research by Aazim Bill SE Yaswant and Nipun Gupta While some financially motivated scams may seem simple on the surface, the truth of the matter is that

Read More

December 6, 2021

Pegasus Spyware Found on U.S. State Department iPhones

On December 3rd, Christopher Bing and Joseph Menn at Reuters disclosed that iPhones of numerous U.S. State Department employees were hacked by an unknown

Read More

October 13, 2021

5 Steps to Stronger K-12 Chromebook Security

As a second installment related to October’s Cybersecurity Awareness Month, we wanted to highlight the fact that we’re two months into the new school year

Read More

September 23, 2021

The Evolution of Mobile Specific Phishing

Over the last few months, the Zimperium zLabs team has been actively monitoring the rise in phishing attacks and some new data started to stand out. While

Read More

September 14, 2021

Pegasus Spyware Resurfaces with Newly Revealed Zero-Click Vulnerability

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting further details around their discovery of a

Read More

August 12, 2021

Zimperium Announces Government User Group

The modern public sector organization faces an increasingly sophisticated array of cyber threats, putting critical data and infrastructure constantly at

Read More

July 27, 2021

IDC Research Validates Mobile Endpoints Are Under Attack

Mobile security is critical to supporting the modern workspace and Zero Trust If there was one thing that has been said more than anything over the past

Read More

July 23, 2021

Combating Pegasus with Zimperium and ZecOps

In light of the latest leaked data highlighting the Pegasus spyware and its use in targeting thousands of individuals around the world, it is time to

Read More

July 19, 2021

Pegasus Mobile Spyware used to target journalists, activists, and more

A massive data leak revealed an iOS spyware malware called Pegasus had been used by authoritative governments to target over 50,0000 journalists,

Read More

July 17, 2021

WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected

On July 17, 2021, the world became aware of WifiDemon, a critical zero-touch remote-code execution vulnerability impacting iOS devices. Research conducted

Read More

May 24, 2021

The President’s Executive Order on Cybersecurity is a Massive Shift for Security

The latest ransomware attack on Colonial Pipeline highlights the worst secret in cybersecurity; our nation’s critical infrastructure is not prepared to

Read More

May 18, 2021

Sideloaded Applications: The Risk of Fewer Restrictions

Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your

Read More

May 14, 2021

Covering Mobile Endpoints in EPP: Zimperium partners with the most Gartner MQ leaders

The 2021 Magic Quadrant for Endpoint Protection Platforms (EPP) by Gartner was recently released covering the full spread of strong EPP vendors in the

Read More

April 14, 2021

Zimperium and Ping Identity Extend Zero Trust Controls to the Most Vulnerable Endpoint: Mobile

Integration of Zimperium’s mobile device risk attestation into the PingFederate platform enables real-time Zero Trust authorizations and access to

Read More

April 5, 2021

Gartner 2021 Market Guide for Mobile Threat Defense

“Security and risk management leaders who need to strengthen their mobile security posture should adopt MTD products to improve their overall security

Read More

March 15, 2021

Top 4 Threats to O365 on Mobile Devices (and How to Stop Them)

Enterprises are continuing to work remotely and use BYO mobile devices. Doing so enables cost savings from a corporate standpoint and better user

Read More

January 29, 2021

Apple’s Latest Security Fix Shows Why Enterprises Need MTD

Apple’s high-profile release of iOS 14.4, including security fixes for three critical vulnerabilities said to have been exploited by hackers in the wild,

Read More

December 16, 2020

CISOs and CIOs: Protecting Traditional Endpoints Isn’t Enough

As government cyber teams feverishly perform damage control from the SolarWinds hack, one major question for CISOs and CIOs cannot be ignored: “Protecting

Read More

December 1, 2020

Why Leading Cities and States Should be Protecting ‘Digital Citizens’ from Mobile Threats

When most people think of Zimperium, they may recognize us as the leader in enterprise mobile device and app security. Or, they have seen the recent news

Read More