iOS Archives - Page 1

Adventures in Remote Code Execution and Zip File Vulns — from Samsung and Vungle to ZipperDown

As with all things mobile, there are both secure and insecure ways of downloading and using zipped content. Back in 2014, NowSecure identified and properly disclosed zip file download and remote code execution (RCE) vulnerabilities on Android for Samsung and Vungle. Now Pangu has posted about iOS zipfile download issues identified as ZipperDown.

Read Now >

U.S. Soldiers and Athletes using STRAVA social fitness apps: Finding Risky Mobile Apps that Share and Leak Data

A series of mobile apps built by or connecting with STRAVA have been sharing and publishing activity by geolocation – including what should be highly confidential information about U.S. personnel and military staff locations. Get recommendations on how to protect your organization and staff from risks like STRAVA data collection and sharing.

Read Now >

New Mobile Risk: Cracking Wi-Fi Encryption with Key Reinstallation Attacks (KRACK)

Key reinstallation attacks (KRACK) put Wi-Fi security, mobile devices & mobile apps at risk. Learn what you need to do to protect your enterprise.

Read Now >

AccuWeather iOS app privacy issues: Lessons & Takeaways

AccuWeather recently received a public flogging for their mobile app’s privacy practices. Read a quick summary of the incident with a few lessons on critical mobile app security best practices.

Read Now >

A security analyst’s guide to NSAppTransportSecurity, NSAllowsArbitraryLoads, and App Transport Security (ATS) exceptions

I’ve recently noticed a spike in questions from our customers — and specifically security analysts — about App Transport Security (ATS), or NSAppTransportSecurity, for iOS apps. ATS is a critical security practice for our customers in financial services and other regulated industries. A lot of ATS documentation already exists, but questions persist. A core part

Read Now >

New Mobile Risk: Decryption key published for iOS Secure Enclave Processor

A researcher published the decryption key for the iOS Secure Enclave Processor exposing a critical new risk within the iOS operating system. We’ve verified this information and explained its impact.

Read Now >

iOS

Adventures in Remote Code Execution and Zip File Vulns — from Samsung and Vungle to ZipperDown

U.S. Soldiers and Athletes using STRAVA social fitness apps: Finding Risky Mobile Apps that Share and Leak Data

New Mobile Risk: Cracking Wi-Fi Encryption with Key Reinstallation Attacks (KRACK)

AccuWeather iOS app privacy issues: Lessons & Takeaways

A security analyst’s guide to NSAppTransportSecurity, NSAllowsArbitraryLoads, and App Transport Security (ATS) exceptions

New Mobile Risk: Decryption key published for iOS Secure Enclave Processor

Webinars

Best Practices

Resources

Solutions

Industries

Customers

Resources

Company

Labs

iOS

Footer

Solutions

Industries

Customers

Resources

Company

Labs