Mobile Security Weekly – Google, Apple & Facebook are causing problems

 
This week’s summary consists of news from perhaps the 3 biggest players in the modern world of mobile: Google, Apple and Facebook. All three are in the news for the wrong reasons - either due to an attack that has already occurred or one that’s just waiting to happen. iOS devices in Oceania are being taken hostage A large number of users, mostly located in Australia and New Zealand, are reporting they have come under an unexplained attack that holds their iPhones and iPads hostage and demands they pay a $100 ransom. Users have been receiving a message saying: "Device hacked by Oleg Pliss. For unlock ...

Mobile Security Weekly – Remote Mobile Management & Security Issues

 
This week’s summary takes a look at several different directions that mobile security seems to be taking. In particular this week’s items emphasize that while the mass integration of remote management capabilities and biometrics are useful to the enterprise, they also pose a risk to the organization. Outlook Android app leaves emails exposed Researchers have released reports that reveal two concerning issues with the Microsoft Outlook Android app. Email attachments are stored in a file system accessible to any application or a third party with physical access to the phone. Some emails are not stored ...

Security Alert: New Android Malware Spreading Aggressively – Read this FAQ. (Updated)

 
On Friday, May 16, a new strain of Android malware that has been attacking Israeli Android devices was identified. This strain has now spread to other countries making this a global problem. This post should answer most of the early questions about the malware named Foto_Album. This is one of the first aggressive and successful mobile worms that has taken hold and done so with simple but effective social engineering tactics. Before going any further, we'd like to ensure you that Lacoon MobileFortress is 100% capable of identifying the attack and mitigating its consequences if your enterprise is infected. To keep things ...

Mitigating the effects of Social Engineering in the Enterprise

 
This is the final post of our series on mobile social engineering. Over the past two months, we’ve covered five topics that we feel cover the most common methods of mobile attack and exploitation based on social engineering. Read our first entry on Malvertising Read our second entry on Fake Apps. Read our third entry on Scareware Read our fourth entry on Rogue Wifi Hotspots. Read our fifth entry on Mobile Phishing There have been a few recurring themes throughout the series: Almost all of the different techniques of attack are interconnected. Some of the attacks like phishing and malvertising are based on similar ideas, others such as scareware and fake apps tend to appear ...

Mobile Security Weekly – Malware hits 2 million milestone

 
This week’s summary is dominated by an aggressive new Android worm attacking Israeli Android devices. The rest of the roundup comprises of quite a diverse mix of issues. We’ve got newly discovered problems with Android OS, app developers failing their users as well the news that mobile malware has reached a new milestone - 2 million different instances. This wide range just goes to show how many different ways mobile malware is evolving. Foto_Album - an Android SMS worm attacking Israeli Users A new strain of Android malware that has been attacking Israeli Android devices was identified today. At ...

Mobile Phishing – Why are users still getting hooked? (Social Engineering Ep. 5)

 
Mobile phishing attacks are one of the best examples of the ongoing migration of attackers and cyber-criminals from the PC to the mobile world. Phishing attacks have been around for years and include several of the most famous attacks in Internet history. Whether posing as a fake Nigerian diplomat, an American bank or a vast range of too-good-to-be-true opportunities - phishing attacks go where the users are - and nowadays, that means mobile. This is our fifth entry on Mobile Social Engineering. Read our first entry on Malvertising Read our second entry on Fake Apps. Read our third entry on Scareware ...

Mobile Security Weekly – Mobile Malware goes Global

 
This week’s summary highlights two main points: The global reach of malware - and their targets. Users and enterprises in the biggest European and American markets are due to become the most targeted. Mobile malware is fast becoming as easy-to-use, accessible and as diverse as PC malware. Malware developers are selling their products to the highest bidders and not only ensuring that the malware is successful but also relatively simple to use. British mobile users most targeted by malware New reports show that British mobile phone users were targeted by more than double the load of ...

Rogue WiFi Hotspots – Why getting coffee is putting your enterprise at risk (Social Engineering Ep. 4)

 
Most people don’t think twice before connecting to a free public Wi-Fi hotspot at a coffee shop, airport, or hotel. If someone is providing free WiFi, users will usually connect first and think later. With rogue Wi-Fi hotspots growing in numbers, it’s becoming much more critical to monitor connectivity. This is our fourth entry on Mobile Social Engineering. Read our first entry on Malvertising, here. Read our second entry on Fake Apps, here. Read our third entry on Scareware, here. A rogue hotspot is a Wi-Fi access point set up by an attacker. It’s meant to mimic a legitimate hotspot provided by a ...

Mobile Security Weekly – Mobile Malware finds new ways to steal from victims

 
This week’s summary serves as a reminder that mobile malware is developing and advancing on several different fronts. On one front, attacker are finding new ways to target and exploit victims as well as to bypass security measures. In another front, attackers are continuing to find ways to attack the biggest and most established apps on the market. In both cases, these advancements clearly exemplify the need for more enterprise awareness on the various issues affecting BYOD. Viber vulnerable to MitM attack, millions of users at risk Researchers have discovered that almost everything transferred and ...