ZecOps Blog
Hear the news first

ZecOps Announces Support for Forensics Images Acquired by GrayShift
ZecOps is pleased to announce native support of mobile forensic images acquired with Graykey. With the latest release, ZecOps is capable of digesting filesystem archives acquired by GrayKey, GrayShift’s flagship product, providing cybersecurity insights and...

Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot”
Mobile Attacker’s Mindset Series – Part II Evaluating how attackers operate when there are no rules leads to discoveries of advanced detection and response mechanisms. ZecOps is proudly researching scenarios of attacks and sharing the information...

How iOS Malware Can Spy on Users Silently
Welcome to the first post of our latest blog series: Mobile Attacker’s Mindset In this blog series, we’re going to cover how mobile threat-actors think, and what techniques attackers use to overcome security protections and indications that our phones and...

Use-After-Free in Voice Control: CVE-2021-30902 Write-up
By: 08Tc3wBB Voice Control is a powerful feature introduced by Apple in iOS 13 and macOS Catalina. It acts as a substitute for all the touch gestures on the screen, letting you interact with the device using your voice to tap, swipe, type, and more....

The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later
TLDR; ZecOps identified and reproduced an Out-Of-Bounds Write vulnerability that can be triggered by opening a malformed PDF. This vulnerability reminded us of the FORCEDENTRY vulnerability exploited by NSO/Pegasus according to the CitizenLabs blog. As a...

NSO Exploits Still Remain Mysterious: ZecOps Can Help You Fight Back
This weekend, the Guardian released a groundbreaking report that authoritarian governments have breached the mobile devices of human rights activists, journalists, and lawyers across the world, using a hacking software sold by NSO Group. While the Guardian...