Zimperium – Page 3 – WindowsTechs.com

Researchers found a way to hack those ubiquitous electric scooters

Posted on February 12, 2019 by Greg Otto

You can add another bullet point to the long list of things that drive people nuts about the electric scooter craze in America: the scooters can be hacked. A researcher with San Francisco-based Zimperium discovered a way to manipulate Xiaomi M365 scooter through a Bluetooth connection. Users can access their scooter via an app that connects to the scooter, as long as users authenticate with a password. However Zimperium researcher Rani Idan determined the password fails to completely protect users. “During our research, we determined the password is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password,” Idan wrote in a blog post Tuesday. “The password is only validated on the application side, but the scooter itself doesn’t keep track of the authentication state.” From there, Idan wrote an app for his mobile device that allowed him to […]

The post Researchers found a way to hack those ubiquitous electric scooters appeared first on CyberScoop.

Continue reading Researchers found a way to hack those ubiquitous electric scooters→

Madhav Sonthalia joins Zimperium as CPO

Posted on February 4, 2019 by Industry News

Zimperium announced Madhav Sonthalia has joined the company as Chief Product Officer. Sonthalia’s significant experience building and delivering enterprise cyber security products will help Zimperium continue its industry-leading growth and further ext… Continue reading Madhav Sonthalia joins Zimperium as CPO→

Security Lacking in Previous AppleAVEDriver iOS Kernel Extension

Posted on August 25, 2017 by Michael Mimoso

An obscure Apple kernel extension patched in iOS 10.3.3 was originally built without security measures in place, according to the researcher who privately disclosed the flaws. Continue reading Security Lacking in Previous AppleAVEDriver iOS Kernel Extension→

Zimperium Acquisition Program Publishes Exploits for Patched Android Bugs

Posted on April 25, 2017 by Michael Mimoso

Exploits for patched Android elevation of privilege vulnerabilities were published through the Zimperium N-Days Exploit Acquisition Program. Continue reading Zimperium Acquisition Program Publishes Exploits for Patched Android Bugs→

Zimperium Program Buys Exploits for Patched Mobile Vulnerabilities

Posted on February 1, 2017 by Michael Mimoso

Zimperium announced Tuesday its N-Days Exploit Acquisition Program that will reward researchers for Android and iOS exploits. Continue reading Zimperium Program Buys Exploits for Patched Mobile Vulnerabilities→

New AirDroid releases fix major security issues

Posted on December 12, 2016 by Zeljka Zorz

Popular AirDroid remote management tool for Android can now be used without worrying about malicious updates and data theft, its developers claim. What was the problem? Mobile security firm Zimperium recently revealed that the AirDroid app sends and receives some information over insecure channels (HTTP), thus opening users on unsecured networks to man-in-the-middle attacks, and does not verify if a served update is legitimate, meaning that attackers could serve a malicious one. The AirDroid team … More → Continue reading New AirDroid releases fix major security issues→

AirDroid app opens millions of Android users to device compromise

Posted on December 2, 2016 by Zeljka Zorz

Tens of millions of users of AirDroid, a remote management tool for Android, are vulnerable to man-in-the-middle attacks that could lead to data theft and their devices being compromised through fraudulent updates. According to Zimperium researchers, such attacks can be performed when users find themselves on the same unsecured network as the attacker (e.g. an insecure public Wi-Fi network). “AirDroid relies on secure HTTPS API endpoints for most of its functionalities, but during our analysis … More → Continue reading AirDroid app opens millions of Android users to device compromise→

Researchers have discovered a rooting application used to attack a Nexus Android device. The discovery forced Google to develop an emergency patch last week. Continue reading Nexus Android Devices Vulnerable to Rooting Application, Permanent Compromise→

Category Archives: Zimperium