July 27, 2016

Rio Olympics 2016 Keyboard app: more privacy challenges for enterprises

NBCUniversal Media’s official Rio 2016 Olympics keyboard app for iOS (left) and Android (right)

NBCUniversal Media’s official Rio 2016 Olympics keyboard app for iOS (left) and Android (right)

A simple keyboard extension built for people celebrating the Olympics was actually collecting more information than its developer intended, putting personal privacy and corporate information at risk.

Any time a very popular event like the Olympics occurs, or a wildly popular app like Pokemon Go is released, the enterprise is going to face risk. Attackers will target the people interested in those cultural moments, who are often also employees in your company. The app collects all of the apps associated with the devices running the keyboard app. A CISO should see this as a privacy concern for the employees and the company. The Android app collected all of the apps associated with users’ devices despite a notice in the app saying otherwise, which could be a privacy concern for enterprises.

Lookout researchers responsibly disclosed to NBCUniversal the privacy issues found in both the Android and iOS versions of the official Rio 2016 Keyboard app. NBCUniversal reacted quickly to resolve the issues, working with us and with their app developer, Snaps, to fix and verify that they are resolved in currently-available versions of the app before the opening of the 2016 Summer Olympic Games in Rio.

Read More

July 22, 2016

Security week-in-review: The Oracle vulnerability enterprises should know about

3772015_7a4a5c0b73_z

It’s hard to keep up with the hundreds of security-specific headlines published every week.

So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore patches to Oracle’s SDKs, Google’s Chrome browser, Apple’s iOS, and more . Check back every Friday to learn about the latest in security news.

Read More

July 20, 2016

A closer look at iOS 9.3.3: Apple patches 43 security vulnerabilities

Apple released the latest version of iOS version 9.3.3 on July 18 including patches for 43 security vulnerabilities. Industry watchers have been anticipating this update as one of the final patch cycles for iOS 9 before iOS 10 is released in the fall.

For enterprises with iOS deployments, regardless if they are corporately- or personally-provided, it’s important to know about the vulnerabilities and the latest patches and encourage users to update their devices.

Since it launched in September 2015, Apple has issued 334 security patches to iOS 9. This is already a little ahead of iOS 8, which only had 273 patches during its lifetime.

Screen Shot 2016-07-20 at 3.19.05 PM

Read More

July 15, 2016

Security week-in-review: Connected cars finally see bug bounty love

5624884225_f76b7de3e1_z

It’s hard to keep up with the hundreds of security-specific headlines published every week.

So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore car hacking, Pokemon Go, and data breach investigations. Check back every Friday to learn about the latest in security news.

Read More

July 15, 2016

Pokemon Go: New tampered apps & what you can do

android_catchem_400

Pokemon Go, is arguably the biggest mobile game in US history, but while fame breeds fans — even employees in the enterprise — it also attracts many opportunistic attackers.

Read More

July 14, 2016

Insights from Gartner: When and How to Go Beyond EMM to Ensure Secure Enterprise Mobility

gartner-emm-2500x600

Gartner recently published a new research report called, “When and How to Go Beyond EMM to Ensure Secure Enterprise Mobility.*” It’s the first Gartner report that goes in depth into the Mobile Threat Defense (MTD) category, and I believe it delivers three key insights that show the value of MTD solutions, specifically when they are integrated with an Enterprise Mobility Management (EMM) solution to deliver holistic enterprise mobile security.

In this report, I believe that Gartner clearly shows how MTD solutions are unique in their ability to detect malware, app, and platform vulnerabilities. The report also shows how MTD and EMM solutions together are more than the sum of their parts.

Read More

July 8, 2016

Security week-in-review: The week of spikes

8352660010_09b92bb611_z

It’s hard to keep up with the hundreds of security-specific headlines published every week.

So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore spikes in a number of situations: a spike in encounters of a particularly malicious Android malware family called Shedun, a spike in the number of Wendy’s stores infected by POS malware, and a spike in the number of reported Android vulnerabilities in this month’s Google Android Security Bulletin. Check back every Friday to learn about the latest in security news.

Read More

July 7, 2016

July Android Security Bulletin: 108 patches, the most we’ve seen to date

The Android security bulletin for July 2016 has arrived and with it a big increase in security patches — another 108 vulnerabilities patched. This makes a total of 270 vulnerabilities reported via the monthly Android security bulletin for 2016. The vulnerabilities fixed this month ranged from remote code execution to privilege elevation to information disclosures.

July’s 108 patches are the most we’ve seen to date. The next closest month was June with only 40. It is very important, as always, that you keep your device up to date with the latest version of Android and also check for malicious applications that may seek to exploit these vulnerabilities.

Pasted image at 2016_07_07 02_18 PM

Read More

July 6, 2016

A spike in Shedun, also known as HummingBad

There is a particularly dangerous family of malware, known as Shedun, which Lookout discovered and first reported last November. Shedun is trojanized adware that roots Android devices, masquerading as legitimate apps such as Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app. Three similar families are associated with Shedun: Shuanet, ShiftyBug, and one we later discovered, BrainTest.

To make matters more confusing, different vendors have different names for Shedun. You may have heard Shedun called HummingBad, Hummer, or ANDROIDOS_LIBSKIN, or right_core (the APK name). Recent reports on HummingBad raise alarms of a malicious and widespread family one of our competitors claims to have first discovered in February 2016. This is the same as Shedun, which we discovered several months before then, in November 2015. This family is extremely malicious, but it is not new.

Read More

June 28, 2016

Two crucial points we learned at this year’s Gartner Security Summit

IMG_3708

Lookout chief strategy officer, Aaron Cockerill, presenting at the 2016 Gartner Security Summit

Read More