ZecOps Research Team

Use-After-Free in Voice Control: CVE-2021-30902 Write-up

By / October 27, 2021

By: 08Tc3wBB Voice Control is a powerful feature introduced by Apple in iOS 13 and macOS Catalina. It acts as a substitute for all the touch gestures on the screen, letting you interact with the device using your voice to tap, swipe, type, and more. com.apple.SpeechRecognitionCore.speechrecognitiond Crashes com.apple.SpeechRecognitionCore.speechrecognitiond is a system XPCService process that handles …

Use-After-Free in Voice Control: CVE-2021-30902 Write-up Read More »

The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later

By / September 14, 2021

TLDR; ZecOps identified and reproduced an Out-Of-Bounds Write vulnerability that can be triggered by opening a malformed PDF. This vulnerability reminded us of the FORCEDENTRY vulnerability exploited by NSO/Pegasus according to the CitizenLabs blog. As a brief background: ZecOps have analyzed several devices of Al-Jazeera journalists in the summer 2020 and automatically and successfully found …

The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later Read More »

NSO Exploits Still Remain Mysterious: ZecOps Can Help You Fight Back

By / August 1, 2021

This weekend, the Guardian released a groundbreaking report that authoritarian governments have breached the mobile devices of human rights activists, journalists, and lawyers across the world, using a hacking software sold by NSO Group. While the Guardian report contained new information regarding the targets of NSO customers and the Pegasus spyware, the specific mobile vulnerabilities …

NSO Exploits Still Remain Mysterious: ZecOps Can Help You Fight Back Read More »

Threat Actors are Working Together. Defenders Should Collaborate Too!

By / July 20, 2021

We previously published that we suspected that there were more than one threat actor targeting the Al-Jazeera journalists. Background ZecOps discovered NSO attacks that targeted Al-Jazeera automatically using ZecOps Mobile EDR & DFIR solutions. Our initial analysis suggested that the footprint does not belong only to NSO. ZecOps Mobile Threat Intelligence Brief ZecOps can now …

Threat Actors are Working Together. Defenders Should Collaborate Too! Read More »

ZecOps
Facebook Twitter Linkedin

ZecOps © 2022

This website uses cookies so that we can provide you with the best user experience and to deliver advertising messages and offers that are relevant to you.