During a Digital Forensics investigation, ZecOps made an interesting finding: a cheap burner device that purported to be an Android 10 was actually an old Android 6. In the first part of the series, we presented how attackers can ‘fake’ the shutdown screen on iOS to achieve persistence. Now, we demonstrate how device-fakers sell old …
Fake Droids: Your New Android Device is Actually an Old Android 6 Read More »
ZecOps is pleased to announce native support of mobile forensic images acquired with Graykey. With the latest release, ZecOps is capable of digesting filesystem archives acquired by GrayKey, GrayShift’s flagship product, providing cybersecurity insights and automatic analysis for ZecOps customers. ZecOps can automatically digest and analyze various data points that exist on the disk, including …
ZecOps Announces Support for Forensics Images Acquired by GrayShift Read More »
Mobile Attacker’s Mindset Series – Part II Evaluating how attackers operate when there are no rules leads to discoveries of advanced detection and response mechanisms. ZecOps is proudly researching scenarios of attacks and sharing the information publicly for the benefit of all the mobile defenders out there. iOs persistence is presumed to be the hardest …
Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot” Read More »
Welcome to the first post of our latest blog series: Mobile Attacker’s Mindset In this blog series, we’re going to cover how mobile threat-actors think, and what techniques attackers use to overcome security protections and indications that our phones and tablets are compromised. In this first blog, we’ll demonstrate how the recently added camera & …
