Zimperium
Follow
1957 Followers
Follow Zimperium on their other social channels!
About Us
Founded:
2010
Company Size:
51-200 employees
Company Type:
Private
Location:
San Francisco, CA
Website:
Zimperium, the industry leader in Mobile Threat Defense, offers real-time, on-device protection against both known and previously unknown threats, enabling detection and remediation of attacks on all three mobile threat vectors - Device, Network and Applications. Zimperium’s patented z9™ detecti ...
Read more
Promoted Content
Mobile Threat and Vulnerability Report
Follow
1
Threat Advisory: Skygofree
Skygofree, another in the long line of Android based spyware, is being touted as one of the most advanced targeted surveillance tools ever seen on mobile devices. Skygofree is designed to enable surveillance and full device control by remote attackers. On unprotected mobile devices, Skygofree allows attackers to perform advanced attacks including location-based sound recording, stealing communications including WhatsApp messages, and connecting to compromised networks controlled by the malware o ...
Follow
43
Threat Advisory: Meltdown & Spectre
According to the team at Graz University of Technology that responsibly disclosed the new bugs, Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include passwords sto ...
Follow
38
BankBot & Friends: Phishing Mobile Customers Like You Soon
Back in April of 2017, researchers discovered a new form of Android-targeting malware using fake overlay screens to mimic existing banking apps and steal user credentials. Distributed as benign apps in Google Play, BankBot-infected apps were posing as 20 entertainment and mobile banking apps. This first version of BankBot targeted a small number of institutions. In October of 2017, fear widened as BankBot variants crept into over 150 banks in 27 different countries. ...
Follow
40
Zimperium Global Threat Report – Q3 2017
Zimperium has released it’s latest summary report on mobile threats seen at its customers. The latest report summarizes mobile threats recorded from July 1 to September 30, 2017, for device risks, network threats, and app malware, click bots, and privacy abuse. Data in the “Zimperium Global Threat Report” is initiated by Zimperium’s mobile security and mobile threat defense technology, z9, on enterprise customer devices. The threat detection is delivered v ...
Follow
51
Gartner Talks Mobile Security + Fake WhatsApp; WannaCry Authors Go Mobile…
I don’t know about you, but the last couple weeks have been exceptionally busy for me using my mobile device while traveling. While I was on the road talking to folks from U.S. federal agencies, electric utilities, and financial firms, Gartner again highlighted the need for mobile security. New threats also appeared tied to Fake WhatsApp and the WannaCry authors caused concern and drove queries to Zimperium.  In a recent Computerworld article, “The best mobile threat d ...
Follow
67
Fake WhatsApp… and the Real Malware zLabs Discovered
On November 3, 2017, some users of Reddit noticed two WhatsApp applications with the same developer name “WhatsApp Inc.” and started to investigate what looked like a fake update for the WhatsApp application. They quickly realized that the application has been downloaded more than one million times. As a part of Zimperium’s zLabs research team, I analyzed the Fake WhatsApp… and then discovered another threat through an ad served up by it: malware called “Cold Jewel ...
Follow
104
Clicking Bot Applications
Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your private digital data. Phishing Malware phishes for your username, password or account numbers. Installation-fraud achieves fake software installations. Ad fraud fraudulently represents online advertisement impressions, clicks, conversion or data events in order to generate financial gain for the developer. And finally, there is Click fraud. Cl ...
Follow
84
Detecting DoubleLocker Ransomware
What is DoubleLocker? Security researchers at ESET discovered a new ransomware infecting Android phones called DoubleLocker. DoubleLocker is an exploit that encrypts data on the infected device and then changes the device PIN to a random number. Victims remain locked out of their device unless they pay a ransom to the hackers. DoubleLocker spreads in the very same way as its banking parent does. It is distributed mostly as a fake Adobe Flash Player through compromised website ...
Follow
109
Detecting KRACK Man in the Middle Attacks
What is KRACK? KRACK (Key Reinstallation attaCKs, KRACKs) is a serious weakness in the WPA2 protocol. WPA2 secures all modern protected Wi-Fi networks including those used by smartphones. Attackers within physical range of a Wi-Fi network can exploit protocol weaknesses by using key reinstallation attacks. The attack works against all modern protected Wi-Fi networks and can be used to steal sensitive information such as usernames, passwords, messages, emails, photos, calendaring and contacts inf ...
Follow
80
Validating Machine Learning Detection of Mobile Malware
Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this research blog will use that name throughout. On a pool of approximately 1800 samples collected from the Play Stor ...
Follow
Reversing Android Applications 101 - Zimperium researcher @evilsocket provides a (relatively) easy and fun way to teach you how to reverse engineer Android applications. Check out his  “tricks” to reverse faster and more effectively. https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel