Andrew Blaich
Manager - Vulnerability Research
Andrew Blaich is a security researcher at Lookout where he is focused on mobile threat hunting and vulnerability research. Prior to Lookout, Andrew was the Lead Security Analyst at Bluebox Security. He holds a Ph.D. in computer science, and engineering from the University of Notre Dame in enterprise security and wireless networking. In the past Andrew has worked at both Samsung and Qualcomm Research. Andrew is a regular presenter at security conferences including BlackHat, RSA, Kaspersky SAS, SecTor, SANS DFIR, Interop, and ACSC. In his free time he loves to run and hack on IoT.
Andrew Blaich's posts
May 15, 2018
Stealth Mango and Tangelo: Nation state mobile surveillanceware stealing data from military & government officials
Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting government officials, diplomats, military personnel,...
April 16, 2018
Lookout finds new surveillanceware in Google Play with ties to known threat actor targeting the Middle East
Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.
October 17, 2017
Mobile vulnerabilities: What they are and how they impact the enterprise
CISOs understand that vulnerabilities in networks and other internal systems can be a major security threat, and that protecting against these should...
July 13, 2017
Data compromise via mobile threats: Enterprises are facing complex attacks
Mobile threats are more complex than a piece of malware in a third-party app store. In this blog post we dissect the “threats” component of the...
March 27, 2017
Mobile Safari scareware campaign thwarted
Apple released an update to iOS (10.3) changing how Mobile Safari handles JavaScript pop-ups after Lookout discovers scammers using the functionality to execute a scareware campaign.
November 1, 2016
DirtyCow and Drammer vulnerabilities let attackers root or hijack Android devices
Two especially critical flaws that allow an attacker to root or completely compromise a device have just been added to the litany of vulns on Android devices.
October 10, 2016
Google Android security bulletin October 2016: remote code execution vulns continue
The October Android Security Bulletin contains 78 patches for Android devices — 23 more than last month, yet the third highest since Google started releasing the monthly patches.
August 15, 2016
Linux flaw that allows anyone to hijack Internet traffic also affects 80% of Android devices
Lookout has discovered that a serious exploit in TCP reported this week also impacts nearly 80% of Android, or around 1.4 billion devices, based on an install base reported by Statista.
July 20, 2016
A closer look at iOS 9.3.3: Apple patches 43 security vulnerabilities
Apple released the latest version of iOS version 9.3.3 on July 18 including patches for 43 security vulnerabilities. Industry watchers have been anticipating this update as one of the final patch cycles for iOS 9 before iOS 10 is released in the...
July 15, 2016
Pokemon Go: New tampered apps & what you can do
Pokemon Go, is arguably the biggest mobile game in US history, but while fame breeds fans — even employees in the enterprise — it also attracts many...
