In recent weeks, more news has come out about vulnerabilities affecting Apple devices. Here are some details about these discoveries and some important lessons to draw from this news. The Vulnerability In February, a researcher at Trellix announced the discovery of a “large new class of bugs” that affects iPhones, iPads, and Macs. Once an attacker gains access to a device, they can use this vulnerability to run code that bypasses code-signing safeguards. Through this exploit, an attacker could gain access to pretty much any assets on the victim’s device, including photos, call logs, text messa ..read more

Over the last few months, there has been a recent wave of attacks on the maker of Call of Duty. It was reported that in early December, game maker Activision was hacked in a smishing attack. The company confirmed the December 2nd hack in February after research group vx-underground broke the news on Twitter. According to reports, the attackers sent a malicious SMS message to several Activision employees, mimicking a two-factor authentication message. Although not all employees clicked on the link, one privileged user did, giving the threat actors access to internal documents, employee informat ..read more

We’re proud to announce that CRN®, a brand of The Channel Company, has named Zimperium to its annual Security 100 list. Recipients chosen for this year’s Security 100 list have been specifically selected by CRN editors for their outstanding channel-focused security offerings. The list serves as a comprehensive guide for solution providers, helping them to identify the top security vendors to team with as they build innovative solutions for their customers. “As the only mobile security platform purpose-built for enterprise environments, we take great pride in being named to this prestigious li ..read more

The demand for zero trust architectures has long been well understood. However, while the “why” is clear, it’s the “how” that’s far less straightforward. As they pursue a move to zero trust, many teams struggle with devising the specific tools, tactics, and approaches that are optimally aligned with their organizations. Read on to learn more about vital new resources that offer much-needed guidance for teams looking to adopt zero trust in their organizations. Introduction: The Pressing Demands for Zero Trust The need for zero trust architectures continues to get more pressing as the notion of ..read more

In some realms, a 40% success rate may be okay. For a batter in baseball, it would be considered great. In security, though? Not so much. This post summarizes our recent webinar discussion with Rick Bosworth from SentinelOne about the emerging threats that unprotected mobile devices present to enterprises and why enterprise detection and response (EDR) solutions working in tandem with mobile threat defense (MTD) represent a critical requirement for today’s enterprises. Introduction: The Dangers Posed by Unprotected Mobile Devices For any security team, there’s a fundamental calculation th ..read more

Over the next few months, the Department of Defense (DoD) will start to incorporate Cybersecurity Maturity Model Certification (CMMC) requirements into its solicitations. This means that organizations in the Defense Industrial Base (DIB) that manage Controlled Unclassified Information (CUI) will soon need to establish capabilities for complying with these requirements and demonstrating these efforts in attestations and audits. To comply with these requirements, teams will need to institute robust mobile device security. In this post, we will provide some background on CMMC and the underlying s ..read more

When it comes to malware, efficacy is key. It can take just one missed malicious app to inflict a lot of damage. On the other hand, false positives are also problematic, given they can cause needless disruption of the user experience. In recent independent testing from AV-TEST, Zimperium’s mobile threat defense solution, zIPS, delivered top-tier results—better than 99% accuracy in about all scenarios. Read on to find out more about the tests and how zIPS fared. Introduction: The Criticality of Mobile Malware Detection When it comes to malware targeting mobile devices, the danger is real and gr ..read more

Employees continue to grow more reliant upon their mobile devices, and that’s just as true in their professional lives as it is in their personal lives. With this increased reliance upon mobile devices for work-related activities, the specter of cybersecurity risks continues to grow as well. Compared to traditional laptops and desktops, mobile devices are exposed to unique threats and require distinct security approaches and mechanisms. This growing risk is exacerbated by the proliferation of support for bring-your-own-device (BYOD) approaches. Most often, employee-owned devices lack critical ..read more

Over the course of 2022, a lot happened in the mobile security arena. While there was some good news, much was of the not-so-good variety, including increasingly sophisticated attacks, large-scale campaigns that afflict millions, high-profile hacks that cost businesses dearly, you get the idea. During the year, a number of significant stories emerged. These events had a big impact last year, and they will certainly shape the security landscape that we must navigate as we enter 2023. Here is our take on the top mobile security stories that emerged in 2022. #1. Too Much Dark Herring: 100 Million ..read more

Over the course of 2022, a lot happened in the mobile security arena. While there was some good news, much was of the not-so-good variety, including increasingly sophisticated attacks, large-scale campaigns that afflict millions, high-profile hacks that cost businesses dearly, you get the idea. During the year, a number of significant stories emerged. These events had a big impact last year, and they will certainly shape the security landscape that we must navigate as we enter 2023. Here is our take on the top mobile security stories that emerged in 2022. #1. Too Much Dark Herring: 100 Million ..read more