Research Archives - Page 7 of 8

Checkm8 Implications on iOS DFIR, TFP0, #FreeTheSandbox, Apple, and Google

By ZecOps Research Team / November 4, 2019 November 6, 2019

Thanks to Checkm8 – a bootrom vulnerability that exist on most iPhones/iPads (<A12), a generic method to bypass the iOS sandbox restrictions will be made public within days/weeks for all previous and future versions of iOS! An upcoming release of a generic capability to extract the filesystem of a suspected iOS devices will help to …

Checkm8 Implications on iOS DFIR, TFP0, #FreeTheSandbox, Apple, and Google Read More »

Announcing Task For Pwn 0 (TFP0): Operation #FreeTheSandbox

By ZecOps Research Team / September 6, 2019 December 11, 2020

Announcing Task For Pwn 0 (TFP0): Operation #FreeTheSandbox

Content-Filter Strikes Back: Yet Another (Silently Patched) MacOS / iOS Kernel Use-After-Free

By ZecOps Research Team / July 29, 2019 December 11, 2020

Introduction As we were investigating anomalies on Mobile Device Management (MDM) devices, ZecOps MacOS / iOS DFIR analysis revealed yet another vulnerability that is applicable only to managed devices. As far as we are aware, similarly to the previous vulnerability that we analyzed in Content Filter (DoubleNull Part I, DoubleNull Part II), Apple patched this …

Content-Filter Strikes Back: Yet Another (Silently Patched) MacOS / iOS Kernel Use-After-Free Read More »

DoubleNull Part II: Rare MacOS / iOS DFIR Opportunity. Evidence of Local Privilege Escalations in Network Traffic!

By ZecOps Research Team / June 20, 2019 July 15, 2019

DoubleNull Part II: Rare MacOS / iOS DFIR Opportunity. Evidence of *Local* Privilege Escalations in *Network* Traffic!