Mobile Security 2014: The Year In Review

 
It was an eventful year for mobile security, and as 2014 draws to a close, we’re taking a look back to review some high-profile events. We saw several types of mobile security “firsts” last year, none of which bode well for enterprises. Different types of threats, methods of attack, and threat efficiencies all experienced substantial advances that promise to make 2015 even more challenging.   January OldBoot - The first Android bootkit, Oldboot introduced a brand new threat in terms of method of installation, persistence as well as mitigation. Oldboot was the first malware to modify a devices’ ...

Mobile Security Weekly: SMS, Skype and Smartware Used For Snooping

 
Ohad Bobrov is co-founder and CTO at Lacoon Mobile Security. Besides presents, Santa Claus has brought us some interesting mobile security updates. This week’s Christmas edition contains three truly different threats to mobile security in the enterprise. This goes to show just how dynamic and fluid this world is. From a threat at the network level, to an app vulnerability and finally a hardware exploit that places a serious question mark regarding the security of smartwear. Merry Christmas & Happy Holidays to you all! Attackers Can Read Users’ Private SMS and Listen to Phone Calls German researchers have ...

Your Website Should Reflect Your Brand – Not an Attacker’s

 
When IT professionals and business owners think about their security strategies, they often forget about one of the easiest assets for cyber criminals to attack: their websites. From consumer brands to small businesses to large enterprise companies, a website is the front-facing identity of any organization, and needs to be given the same security. iPage is a web hosting provider that offers web site solutions for owners and businesses, such as domain purchasing, hosting planes, and private email accounts – all consolidated under a proprietary control panel. Owned by the Endurance International Group, the iPage platform serves over 1,000,000 customers and more than 2,000,000 web sites ...

What Does Fast Threat Emulation Mean?

 
Your IT department has probably deployed multiple kinds of defenses to protect your network from malware. We are all familiar with antivirus and intrusion prevention programs. They protect us from known threats and are our first line of protection defense. Known threats are characterized and stored in a threat database. The more we know, the more we can protect against. So how does a threat become known? It turns out there are a few ways. We hear things: From sources wide and far we get reports on new threats. As we hear about them, we characterize them and put them into our threat database. We see things: Every file we see we test in what is called threat emulation. Emulation ...

Mobile Security Weekly: Xsser Still a Threat, Apple Ups Touch ID Security, Chinese Manufacturer Preinstalls Malware

 
This week’s edition is a mixture of what could be describe as the old and the new. The Xsser mRAT is hitting the news and just like when it was discovered, it’s bad news for users. We also see the two very different sides of manufacturers commitment to security. On one hand, Apple is (again) trying to improve their Touch ID and on the other, Coolpad, a major Chinese manufacturer is spreading malware right out of the box. Another issue that we’ve been thinking about this week is the aftermath of the Sony hack. Regardless of the involvement of mobile devices in this specific attack - it poses many questions regarding the future of enterprise security. Before Sony, we’d never seen ...

Misfortune Cookie: The Hole in Your Internet Gateway

 
What is the Misfortune Cookie vulnerability? Misfortune Cookie is a critical vulnerability that allows an intruder to remotely take over a residential gateway device and use it to attack the devices connected to it. Researchers from Check Point’s Malware and Vulnerability Research Group recently uncovered this critical vulnerability present on millions of residential gateway (SOHO router) devices from different models and makers. It has been assigned the CVE-2014-9222 identifier. This severe vulnerability allows an attacker to remotely take over the device with administrative privileges. How many devices are affected? To date, researchers have distinctly detected at least 12 ...

Mobile Security: Coming Soon To A Theater Near You

 
Jeff Zacuto is the Director of Product Marketing for Lacoon Mobile Security. Earlier this month, Sony Pictures Entertainment got hammered by one of the most extensive, and arguably most embarrassing, hacks we’ve seen in a long, long time. And, just like a Hollywood blockbuster, we’ve all had a front-row seat to watch the fallout. Losses have already been estimated at over $100 million. Details of how Sony’s most influential executives really feel about their most high-profile talent has been revealed. Unsavory internal exchanges that nobody would want aired in a public forum have come to light. And perhaps the worst part -- Sony’s ...

Mobile Security Weekly: Inception Takes Hold, Attack Targets Sony, YikYak is Vulnerable, Apple Leaves Door Open

 
Ohad Bobrov is co-founder and CTO at Lacoon Mobile Security. Despite the Sony hack being the biggest cyber security issue on the global stage, Inception - a new and sophisticated threat - might give it a run for it’s money. And, in other news, “anonymous” messaging app Yik Yak takes a security hit, and iOS users face issues from app developers, and from Apple itself. Inception (aka Cloud Atlas): A New and Powerful Multi-Platform Attack Researchers have uncovered a new international espionage campaign based on sophisticated and comprehensive mobile malware that seems likely to have been developed by a nation state. Inception, first ...

Aren’t All Security Threat Emulations the Same?

 
You should be picky when selecting a security solution for your network. When it comes to comparing solutions, are there really any metrics other than speed and accuracy? Those are certainly two of the most important, but there are some other important features as well. Our top three would be: 1. Access to the largest catalog of known threats 2. Ability to quickly identify and prevent those known threats 3. Ability to quickly and accurately emulate and block new, unknown threats If we started digging in though, there would be more. Protecting your network is all about being flexible and offering solutions that prevent threats from being on your network for even a second. We were ...

How we Collect Infections by the Numbers?

 
We have to admit there are advantages to being one of largest data security companies in the market. While our appliances and software blades are out protecting businesses around the globe, they are under attack all the time. Hackers have a lot of time on their hands and there is little downside for them to try different attack styles. Every attack we counter is another method we add to our repository of knowledge. That knowledge database is what we call ThreatCloud. It is a collection of every known threat, where and when it occurred, and how often. Possessing this amount of data gives our analysts insight. But we do not stop there. At Check Point, we also have our own research team ...