March 15, 2017

Securing enterprise mobility is driving record growth at Lookout

2016 was the year mobile risk reduction became a necessity for global enterprises. Controlling mobile access to corporate data is now a top priority and proactive CISOs are selecting Lookout to accelerate secure mobility in the workplace.

This increase in customer orders drove Lookout to triple our billings year over year in 2016 compared to 2015 for Mobile Endpoint Security. To date, more than 150 enterprises, including top financial services institutions, technology leaders, healthcare providers, professional services firms, and large government agencies, are using Lookout Mobile Endpoint Security. Lookout also more than tripled the number of channel partnerships year over year, and we’re now working with over 80 distributors globally, including new partnerships with Carahsoft, Docomo, Ingram Micro, CDW, SHI, Synergie, and Netrix.

Read More

March 8, 2017

February 2017: Breaches increase, scattered across many industries

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those breaches to provide  customers the most relevant information. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Attackers successfully breached 15 companies from a wide range of industries including retail, transportation, government services, hospitality, technology, gaming, and more. Among them, the biggest names included popular music festival Coachella, restaurant chain Arby’s, and the InterContinental Hotel Group. In the process, attackers were able to compromise nearly 7 million accounts, according to public reports of these incidents.

Read More

March 7, 2017

The convergence of the mobile threat defense and mobile app reputation market is good news for CISOs

The graphic above appears in Gartner’s report, Market Guide for Mobile Threat Defense (MTD) Solutions*. I believe a comprehensive mobile security solution must cover all four of these quadrants and enterprises should look for single solutions that cover all aspects addressed by MTD + MARS.

In my conversations with CISOs, I repeatedly hear that one of the biggest issues they have is too many security products. They usually express different versions of, “I’ve got 50 different vendors and 50 different security products, and I simply can’t afford the personnel that I need to manage 50 different products.” I’m happy to share that at Lookout, our Mobile Endpoint Security solution is already a united single offering with capabilities that are usually considered separate parts of Mobile Threat Defense (MTD) and Mobile App Reputation Solutions (MARS) products.

Read More

February 16, 2017

ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar

ViperRAT is an active, advanced persistent threat (APT) that sophisticated threat actors are actively using to target and spy on the Israeli Defense Force.

The threat actors behind the ViperRAT surveillanceware collect a significant amount of sensitive information off of the device, and seem most interested in exfiltrating images and audio content. The attackers are also hijacking the device camera to take pictures.

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware, including 11 new, unreported applications. We also discovered and analyzed live, misconfigured malicious command and control servers (C2), from which we were able to identify how the attacker gets new, infected apps to secretly install and the types of activities they are monitoring. In addition, we uncovered the IMEIs of the targeted individuals (IMEIs will not be shared publicly for the privacy and safety of the victims) as well as the types of exfiltrated content.

In aggregate, the type of information stolen could let an attacker know where a person is, with whom they are associated (including contacts’ profile photos), the messages they are sending, the websites they visit and search history, screenshots that reveal data from other apps on the device, the conversations they have in the presence of the device, and a myriad of images including anything at which device’s camera is pointed.

Read More

February 16, 2017

5 non-negotiable principles to combat cyber war on mobile

Cyber war is a term the U.S. government is intimately familiar with, but woefully unprepared for when it comes to mobile.

Government employee mobile devices are a relatively new attack surface, and a particularly valuable one for espionage missions and other criminal intent. Mobile devices access confidential, classified, and other protected data classes. At this point, that’s just a fact. Both CSIS and the Presidential Cyber Commision acknowledge that mobile is no longer a fringe technology, but a central instrument that allows employees to get their jobs done.

Protecting data on mobile is non-negotiable and the responsibility of federal technology and security leaders across the entire government.

There are five principles any federal agency or organization must use to build a mobile security strategy. To forego such a strategy directly puts sensitive government data at risk.

Read More

February 3, 2017

Where to find Lookout at RSA 2017

After a year full of headlines about data breaches and cyber war, it’s clear people want to know about the targeted attacks facing them. That’s what we’re providing at this year’s RSA.

We’ve planned a talk, a happy hour, and a great booth for all RSA attendees, especially those interested in learning about targeted mobile threats to corporate data.

Read More

February 2, 2017

Everything you need to know about data breaches in January 2017

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those to give customers the most relevant information to them. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Though we are only one month into the new year, attackers have already breached over six million user accounts or personal records, according to data from Breach Report, a new feature in Lookout Personal for iOS and Android that tracks data breaches around the world.

Breaches are a commonly occurring problem into today’s digital world. The Identity Theft Resource Center reports that 36,601,939 records were exposed in 2016 alone. Criminals steal data from companies and individuals to make money selling identities and payment information, hijack accounts to send spam, or perform espionage. Most often, the end goal is financially motivated.

Read More

January 26, 2017

Mobile devices are the future of work

Mobile-beating-PCs

Enterprise employees are using their mobile devices to do their jobs today, but the day when these devices usurp PCs as the preferred device for work is coming faster than you think, if the significant delta between PC and mobile devices sales is any indication.

Mobile devices are the way people work now. Today, enterprises are used to handing out PCs upon a person’s first day at the office. As an employee gets set up, though, businesses will quickly find that work is leaving those protected environments and happening, instead, on mobile devices.

Read More

January 23, 2017

Lookout in Vanity Fair: The real story behind Pegasus and Trident

Smartphones today have more computing power than a Cray III supercomputer. However, many security professionals put about as much thought into securing their mobile ecosystems as they did into securing Motorola RAZRv3 flip phones back in the day.

Vanity Fair interviewed my team to understand the story behind the discovery of Trident, the three zero-day vulnerabilities used to remotely jailbreak iOS devices, and Pegasus, the spyware that used these vulnerabilities to exploit targeted individuals.

Read the article

Read More

January 19, 2017

Lookout is “FedRAMP Ready,” making it even easier for agencies to protect against mobile risks

Today, I am proud to announce that Lookout is now “FedRAMP Ready,” an indicator to federal agencies that Lookout Mobile Endpoint Security is vetted, secure, and can be quickly implemented into any U.S. government organization.

Lookout is the first mobile security solution to achieve this status.

Read More