Mtd

Extended Rapid Response: Zimperium Expands Detection of PlayPraetors Android RAT Campaign with Additional Samples and Targets

Zimperium expands detection of PlayPraetors Android RAT campaign—targeting 11K+ devices via fake Play Stores, overlays, and real-time fraud.

Read More

The Critical Role of Supply Chain Resilience in Today's Digital Landscape

Businesses must recognize that operational resilience extends beyond cybersecurity; it encompasses the entire supply chain, ensuring that even routine updates do not disrupt operations.

Read More

Banks Admit Cybersecurity is the Biggest Threat. Now What?

In JPMorgan Chase's 2018 annual report, CEO Jamie Dimon states in a widely read letter to shareholders the following. “The threat of cybersecurity may

Read More

Rapid Response: Zimperium Detects GhostSpy Android RAT

CYFIRMA recently uncovered GhostSpy, a highly stealthy and persistent web-based Android Remote Access Trojan (RAT).

Read More

Rapid Response: Zimperium Detects All Reported Samples of Evolving Zanubis Android Banking Trojan

As Zanubis and other banking trojans continue to adapt and become more sophisticated, Zimperium remains committed to delivering advanced, proactive protection to secure mobile users and financial institutions worldwide.

Read More

Preventing Malicious Mobile Apps from Taking Over iOS through App Vetting

This blog post explores the importance of app vetting and provides actionable steps to help organizations safeguard their mobile ecosystems.

Read More

Securing Every Android Work Device: Zimperium and Android Enterprise Enable Smarter, Safer Access

Organizations today face an undeniable truth: mobile devices are the modern gateway to the enterprise. As hybrid work continues and BYOD becomes pervasive, the traditional perimeter has all but disappeared.

Read More

From Lock Screen to Wallets: BTMOB RAT Now Targets Alipay PINs

On February 12, Cyble reported the discovery of a new variant of the BTMOB spyware, named BTMOB RAT v2.5. This malicious software is being distributed through deceptive phishing sites impersonating popular streaming services like iNat TV and fraudulent cryptocurrency mining platforms.

Read More

Rapid Response: Zimperium Detects SuperCardX NFC Relay Fraud Operation

A recent report by Cleafy uncovered SuperCardX, a sophisticated Malware-as-a-Service (MaaS) operation used for conducting NFC relay fraud.

Read More

Your Apps are Leaking: The Hidden Data Risks on your Phone, Part 1

Learn about the hidden data risks in mobile apps, focusing on cloud and cryptography vulnerabilities that could expose sensitive information. Discover how to protect your enterprise.

Read More

Pragmatic Crocodilus: A New Variant In the Horizon

Following ThreatFabric’s publication on Crocodilus, a sophisticated Android banking trojan, our zLabs team conducted a deeper investigation into its broader ecosystem.

Read More

Mishing: The Rising Mobile Attack Vector Facing Every Organization

Mishing refers to mobile-targeted phishing attacks exploiting devices via email, text messages, voice calls, or QR codes to steal sensitive information. These attacks leverage mobile-specific features and user behaviors, posing significant risks to corporate networks and data. Understanding and mitigating mishing is crucial for maintaining enterprise mobile security.

Read More

2022 Predictions: 5 Mobile Threats to Look for This Year

Recent years have made abundantly clear that attempting to predict what’s to come in the future can be a pretty dicey proposition. However, it is also

Read More

Chrome OS Now Second-Most Popular Desktop Operating System

For the first time in the annual desktop operating system market share reports, Chrome OS has passed macOS. According to 2020 numbers from market data

Read More

4 Reasons Why Companies Need To Protect Employee Phones Today

  If you search “data breach” on Google, you’ll get a variety of articles ranging from Equifax to the latest Quest Diagnostics data breach. However,

Read More

Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.

Read More

Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.

Read More

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Our analysis of TrickMo suggests that many of these samples remain undetected by the broader security community.

Read More

ISM’s Guidelines for Enterprise Mobility

In this blog, we will analyze the ISM’s mobile controls, explore the risks they aim to mitigate, and outline practical approaches for addressing each control.

Read More

Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

Zimperium’s Mobile Threat Defense (MTD) and its Mobile App Protection Suite (MAPS) solution provide robust protection against Octo2, detecting all known samples in a zero-day fashion.

Read More

iOS and the WebP Vulnerability

In this blog post we will underline the differences and the similarities on how iOS developers reacted to the WebP vulnerability and our observed patching trends of those iOS applications. 

Read More

Zimperium Coverage on COLDRIVER Phishing Campaign 

The recently uncovered "River of Phish" campaign, attributed to the Russian threat actor COLDRIVER, targets Western and Russian civil society through sophisticated spear-phishing attacks.

Read More

Zimperium Detects New Android Spyware Targeting South Korea

Security researchers at Cyble have uncovered a new Android spyware campaign primarily targeting individuals in South Korea. This sophisticated malware, masquerading as legitimate applications, poses a significant threat to user privacy and data security.

Read More

Zimperium Mobile Threat Defense (MTD) Achieves IRAP PROTECTED Status

Zimperium has achieved the Australian Government security status of  PROTECTED after successfully completing an assessment performed by the Information Security Registered Assessors Program (IRAP) for its sovereign-hosted Mobile Threat Defense (MTD) solution.

Read More

Unmasking SpyAgent: Zimperium’s Zero-Day Defense Against Cryptocurrency Theft

Zimperium’s Zero-Day defense against a sophisticated Android malware campaign involving SpyAgent, a spyware strain designed to steal cryptocurrency credentials.

Read More

Preventing Infections of N-Day Exploits Delivered via Malicious Websites

State-backed attackers and commercial surveillance vendors repeatedly using N-day exploits to target known vulnerabilities in devices. 

Read More

Zimperium Welcomes Shashank Pathak to Our Go-to-Market Team in India

As we continue to strengthen our presence in India and South Asia, we are excited to announce the appointment of Shashank Pathak to our Go-to-Market team.

Read More

Securing Agency Devices: The Critical Need for Mobile App Vetting

This blog will explore the various types of risky apps and the concerns they pose, emphasizing the need for stringent mobile app vetting processes.

Read More

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

Learn the top 7 source code obfuscation techniques.

Read More

Zimperium is Named a Leader in the Forrester Wave™ for MTD

We are excited to share that Zimperium has been named a Leader in The Forrester Wave ™ : Mobile Threat Defense Solutions, Q3 2024.

Read More

Phishing Campaigns and Rafel RAT: A Dangerous Duo

Among the myriad of tools employed in malicious activities, Remote Access Trojans (RATs) stand out for their ability to provide attackers with unfettered access to compromised systems.

Read More

Understanding Rafel RAT and Its Role in Mobile Ransomware Attacks

Rafel RAT is a type of malware that allows attackers to gain complete control over a victim's mobile device. Once installed, Rafel RAT can perform a

Read More

Medusa Reborn: Zimperium’s Robust Defense

For the past two years, Zimperium has released the Mobile Banking Heist Report, providing in-depth research on the latest malware families, new attack

Read More

Unmasking Rafel RAT: Android Infiltration Campaign

Application sideloading opens the door to significant security vulnerabilities increasing the attack surface users are exposed to.

Read More

More Malware May be Exposed to iOS Devices Because of Supreme Court Ruling

According to The Wall Street Journal’s article Apple Loses Bid to End App Antitrust Case in Supreme Court, “Consumers can sue Apple Inc. for forcing them

Read More

Mobile Endpoint Security and Antivirus | Differences Between the Two

The challenge with explaining something new is making that new thing relatable to something someone else already knows and understands. This is why the

Read More

Mobile Device Management & Mobile Threat Defense: A Love Story

MDM and MTD were made for each other. It was love at first byte. Read the love story. Live the romance. Truly better together.

Read More

The Risks of Quishing and How Enterprises Can Stay Secure

Cybercriminals are exploiting QR codes through phishing attacks, called quishing, which are exposing employees and organizations to the risk  of data loss, credential theft, and unauthorized access to corporate networks.

Read More

IBM Security MaaS360 Announces Partnership with Zimperium

IBM Security joins forces with Zimperium to offer organizations a comprehensive solution to manage and protect their mobile ecosystem.

Read More

New Year, New Hires, New Devices: Kick Start the Year with Endpoint Security

As we welcome the new year, businesses around the world are gearing up for growth and expansion. Let’s dive into some of the threats mobile devices can face and explore how Zimperium Mobile Threat Defense (MTD) can help enterprises protect your enterprise. 

Read More

Zimperium Impresses; Named Top Cybersecurity Startup for 2021

“So, get ready to be really impressed,” Max Kurton of EM360 - a global technology platform - exclaimed as he revealed Zimperium as the number one

Read More

Zimperium Selected CIO Applications Europe’s Top 10 Most Proficient Enterprise Mobility Solution Providers of 2019

The editorial team at CIOApplications Europe, along with a distinguished panel of CEOs, CIOs, VCs, and industry analysts, have named Zimperium to its list

Read More

Malicious WiFi Connections: Welcome to RSA Conference 2019

Nicolás Chiaraviglio (@chiconara) We recently blogged about attacks perpetrated at WiFi networks in Barcelona before and during the 2019 Mobile World

Read More

Top 5 Mobile Security Stories of 2019

Mobile security has certainly seen its fair share of headlines in 2019 prompting individuals and enterprises to realize mobile devices are another

Read More

Meet Zimperium at RSA Conference 2018

April 16 - 20, 2018. Moscone Center, San Francisco. The Zimperium team will be showcasing the latest in enterprise mobile security at RSAC 2018 and we

Read More

Modern Mobile Device Protection: Why Legacy Approaches Fall Short

There is no question that using mobile devices is an integral part of an organization's overall business strategy. As the mobile threat landscape continues to evolve, organizations must evaluate their current approaches and embrace new security practices in order to secure their mobile endpoints.

Read More

Global Mobile Threat Report: Emerging Endpoint Security Risks in 2022

The ownership and use of smartphones has grown increasingly ubiquitous. By 2021, the percentage of adults in the U.S. who owned a smartphone grew to 85%1.

Read More

The Mobile Malware Chronicles: Necro.N - Volume 101

Zimperium researchers analyze Necro.N and focuses on the differences and elements.

Read More

Q&A with CISA’s Jen Easterly: Every Part Of Our Interconnected Ecosystem Needs Securing, Including Mobile

Jen Easterly, the new Director of the Cybersecurity & Infrastructure Security Agency CISA, recently sat down for a great, relaxed, and open discussion

Read More

Harnessing NIST Standards for Your Mobile-First Security Strategy

This webinar teaches how cybersecurity professionals rely on resources, such as NIST standards, to develop their mobile device security approach.

Read More

Okta Identity Threat Protection Platform

Zimperium MTD integrates real-time threat intelligence & rich threat context into the Okta Identity Threat Protection platform for rapid risk assessment.

Read More

Predator Spyware Strikes Again

On September 22nd, Citizen Lab, in collaboration with Google Project Zero, released a joint report revealing that Ahmen Eltantawy, a former Egyptian

Read More

Unveiling the Tactics of Lapsus$: A Review of Internal Attacks Vectors, Mobile Device Exploitation, and Social Engineering Techniques

On August 10, 2023, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board (CSRB) report summarizing the findings of its

Read More

OilAlpha: Learn How Zimperium MTD Protects Against This New Threat

Learn about emerging threats from the OilAlpha group and how Zimperium MTD customers are protected against the OilAlpha group and other similar threats.

Read More

NIS2 - Applying the New NIS Directive to Mobile Devices

Learn all about the NIS2 and how the EU Parliament’s updated NIS directive applies to mobile devices.

Read More

Risky Apps: How They Can Pose Threats to Your Security

BYOD devices may include risky apps used for non-work purposes. These apps can create data protection risks that a mobile threat defense should address.

Read More

Mobile Sypware Threats Put Businesses & Government Agencies at Risk

Learn how increasing mobile spyware threats threaten businesses & government agencies and how mobile threat defense solutions can provide protection.

Read More

Taxed Not Hacked: Protect Sensitive Tax Data from Cybercrime

Sensitive financial data is shared online during tax season. Learn how to protect confidential tax information from cybercrime this tax season.

Read More

New Apple Vulnerabilities Identified: Top Takeaways from Recent Discovery

New Apple vulnerabilities have been disclosed. Learn the details, our conclusions, and some important lessons about mobile application security.

Read More

The Security Gaps Left by EDR and How MTD Can Help

Take a look at the emerging threats and uncover the shortcomings of enterprise detection and response (EDR) solutions in addressing these threats. Read on to learn why mobile threat defense (MTD) solutions represent a critical requirement for today’s enterprises. Learn more.

Read More

Complying with CMMC Configuration Management Requirements: Why Patching Isn’t Enough

In order to comply with CMMC requirements, teams will need to institute robust mobile device security. In this post, we will provide some background on CMMC and why patching alone is not enough to meet these requirements. Learn more.

Read More

Zimperium Mobile Threat Defence Delivers 99% Efficacy in Independent Tests: See the Report from AV-TEST

In recent independent testing from AV-TEST, Zimperium’s mobile threat defense solution, zIPS, delivered top-tier results—better than 99% accuracy in about all scenarios. Read on to find out more about the tests and how zIPS fared. 

Read More

Why Multi-Factor Authentication (MFA) is Not Enough to Meet CMMC Requirements

As DIB contractors implement security controls aligned to CMMC practices, MTD is fundamental to securing CUI, especially for organizations with distributed workforces. Learn why MFA and other security practices are not enough to meet CMMC requirements.

Read More

MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter

The Zimperium zLabs team recently discovered a Flutter application with malicious code. The Flutter-obfuscated malware campaign, MoneyMonger, is solely distributed through third-party app stores and sideloaded onto the victim’s Android device and most commonly take advantage of social engineering through phishing messages, compromised websites, rogue WiFi networks, and social media to distribute the download links. Read more to learn how Zimperium customers are protected.

Read More

The Risks of Holiday Shopping and What to Do About Them

This holiday season, be on the look for cyber criminals looking to steal your credentials and credit card info and how to protect yourself from these threats. Read more.

Read More

RSA & Zimperium: Enhancing the Security of Multifactor Authentication

RSA, the leader in trusted identity and access management solutions, has announced Mobile Lock, a new feature developed in partnership with Zimperium that’s built into the RSA Authenticator mobile application to provide a new layer of protection around authenticating users into a secure environment. Learn more.

Read More

Zimperium Wins ‘Device Theft Prevention and Protection Solution of the Year’ in the 2022 Cybersecurity Breakthrough Awards

Zimperium has been named winner of this year’s “Cybersecurity Breakthrough Awards.” Recognized as the ‘Device Theft Prevention and Protection Solution of the Year,’ Zimperium was recognized for protecting the entire mobile ecosystem, identifying and revealing the most significant threats facing mobile devices and applications. Learn more.

Read More

More Than MDM: Mobile Device Security for CMMC Compliance

To meet CMMC compliance, you need to prove that you have a comprehensive approach to mobile device security. Learn how Zimperium zIPS MTD solution helps enterprises and government agencies in the DIB to meet current CMMC standards as part of their mobile device security controls.

Read More

We Smell A RatMilad Android Spyware

The Zimperium zLabs research team discovered spyware targeting Middle Eastern enterprise mobile devices and began monitoring the activity of a novel Android spyware family that we have since named RatMilad. Learn how Zimperium zIPS customers are protected against RatMilad spyware. Read more.

Read More

Mobile Attack Chains: The Real World Risks to Enterprise Security

Identifying a problem is a critical first step, but there can be a big leap between detecting an issue and fixing it. This is very much the case when it

Read More

Phishing Is On The Rise. Why You Need a Mobile Security Strategy

When protecting against phishing, it’s vital to defend the mobile endpoint. Learn how implementing a mobile-specific strategy, and a MTD solution can help protect your organization from phishing. Read more.

Read More

How Federal Agencies Should Prioritize and Address the Requirements Set forth by OMB

Federal agencies face a unique set of challenges. Since the publication of the Executive Order on Improving the Nation’s Cybersecurity (“EO”), the Office

Read More

Zimperium is the Only Pure-Play Mobile Threat Defense Provider Recognized in New GigaOm Anti-Phishing Radar Report

When it comes to phishing, there’s bad news and worse news, but also some good news. The bad news? Email-based phishing remains a persistent, pervasive

Read More

Mobile Security Is Critical: Verizon’s Refreshed Outlook on the Need for Mobile Threat Defense

61% of Global Organizations Suffered a Mobile Breach in the Last 12 Months As the modern workforce has evolved, so has the technology that is relied upon.

Read More

4 Common types of Malware and What's the Difference (Trojan, Spyware, Viruses, Ransomware)

Malware is malicious code that threat actors use to compromise data collected, stored, processed, or transmitted by mobile devices, computers, servers, or

Read More

How to Address the Mobile Security Implications Posed by the New mHealth Era

For years, healthcare has been going through a digital transformation, and in many organizations, the pandemic has radically accelerated this trend.

Read More

Keeping Texas Secure: Zimperium Earns Highest Level of TX-RAMP Certification

Zimperium has a long history of helping government organizations protect the mobile devices that are becoming an increasingly important part of daily life

Read More

Zimperium Reinforces Its Public Sector Commitment with New Data Connector for Microsoft Sentinel in Azure Government

The rising threats against government agencies are an ongoing concern in today’s threat landscape. With nation-state actors targeting local, state, and

Read More

The State of Browser Extension Malware

It is time for us to change how we think about malware. No longer is it limited to one specific operating system or device type. Like with phishing

Read More

Zimperium Joins NIST Project on Zero Trust Architectures

Zimperium has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology

Read More

Mobile Threat Defense for OMB Memorandum M-22-09

OMB Memorandum M-22-09: Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. On January 26, 2022, the Office of Management and Budget

Read More

Financially Motivated Mobile Scamware Exceeds 100M Installations

Research by Aazim Bill SE Yaswant and Nipun Gupta While some financially motivated scams may seem simple on the surface, the truth of the matter is that

Read More

Pegasus Spyware Found on U.S. State Department iPhones

On December 3rd, Christopher Bing and Joseph Menn at Reuters disclosed that iPhones of numerous U.S. State Department employees were hacked by an unknown

Read More

5 Steps to Stronger K-12 Chromebook Security

As a second installment related to October’s Cybersecurity Awareness Month, we wanted to highlight the fact that we’re two months into the new school year

Read More

The Evolution of Mobile Specific Phishing

Over the last few months, the Zimperium zLabs team has been actively monitoring the rise in phishing attacks and some new data started to stand out. While

Read More

Pegasus Spyware Resurfaces with Newly Revealed Zero-Click Vulnerability

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting further details around their discovery of a

Read More

Zimperium Announces Government User Group

The modern public sector organization faces an increasingly sophisticated array of cyber threats, putting critical data and infrastructure constantly at

Read More

IDC Research Validates Mobile Endpoints Are Under Attack

Mobile security is critical to supporting the modern workspace and Zero Trust If there was one thing that has been said more than anything over the past

Read More

Combating Pegasus with Zimperium and ZecOps

In light of the latest leaked data highlighting the Pegasus spyware and its use in targeting thousands of individuals around the world, it is time to

Read More

Pegasus Mobile Spyware used to target journalists, activists, and more

A massive data leak revealed an iOS spyware malware called Pegasus had been used by authoritative governments to target over 50,0000 journalists,

Read More

WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected

On July 17, 2021, the world became aware of WifiDemon, a critical zero-touch remote-code execution vulnerability impacting iOS devices. Research conducted

Read More

The President’s Executive Order on Cybersecurity is a Massive Shift for Security

The latest ransomware attack on Colonial Pipeline highlights the worst secret in cybersecurity; our nation’s critical infrastructure is not prepared to

Read More

Sideloaded Applications: The Risk of Fewer Restrictions

Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your

Read More

Covering Mobile Endpoints in EPP: Zimperium partners with the most Gartner MQ leaders

The 2021 Magic Quadrant for Endpoint Protection Platforms (EPP) by Gartner was recently released covering the full spread of strong EPP vendors in the

Read More

Zimperium and Ping Identity Extend Zero Trust Controls to the Most Vulnerable Endpoint: Mobile

Integration of Zimperium’s mobile device risk attestation into the PingFederate platform enables real-time Zero Trust authorizations and access to

Read More

Gartner 2021 Market Guide for Mobile Threat Defense

“Security and risk management leaders who need to strengthen their mobile security posture should adopt MTD products to improve their overall security

Read More

Top 4 Threats to O365 on Mobile Devices (and How to Stop Them)

Enterprises are continuing to work remotely and use BYO mobile devices. Doing so enables cost savings from a corporate standpoint and better user

Read More

Apple’s Latest Security Fix Shows Why Enterprises Need MTD

Apple’s high-profile release of iOS 14.4, including security fixes for three critical vulnerabilities said to have been exploited by hackers in the wild,

Read More

CISOs and CIOs: Protecting Traditional Endpoints Isn’t Enough

As government cyber teams feverishly perform damage control from the SolarWinds hack, one major question for CISOs and CIOs cannot be ignored: “Protecting

Read More

Why Leading Cities and States Should be Protecting ‘Digital Citizens’ from Mobile Threats

When most people think of Zimperium, they may recognize us as the leader in enterprise mobile device and app security. Or, they have seen the recent news

Read More