August 30, 2016

Congressman urges “congressional hearing” after Trident iOS vulnerability discovery

“I am pleased that Apple was able to quickly address this security breach, but it is clear that Congress must do more to address the issues of mobile security. I believe a congressional hearing is in order and plan to work with my colleagues to examine these critical security concerns.”
-Congressman Ted W. Lieu (D, Los Angeles County)

After news of the Trident vulnerabilities broke, Congressman Ted Lieu issued a statement urging the U.S. government to pay closer attention to mobile security.

Congressman Lieu’s comments follow a trend of individuals and agencies calling for attention on mobile security. The White House Digital Government Strategy, the DoD Mobile Device Strategy, and NIST’s Mobile Device Security for Enterprises Building Block document urge agencies to adopt and secure mobile technology to improve service and enhance effectiveness.

Category:   Enterprise Mobile Security  •  Security  •  Uncategorized
August 25, 2016

3 things CISOs need to know about the Trident iOS vulnerabilities

Landing page, header - 2500x600_v3

Earlier today, Lookout and Citizen Lab published findings about a sophisticated, targeted, and persistent mobile attack on iOS using three zero-day vulnerabilities we call “Trident.” The attack allows an adversary to silently jailbreak an iOS device and stealthily spy on victims, collecting information from apps including Gmail, Facebook, Skype, WhatsApp, Calendar, FaceTime, Line, Mail.Ru, and others.

This discovery is further proof that mobile platforms are fertile ground for gathering sensitive information from target victims, and well-resourced threat actors are regularly exploiting that mobile environment.

Lookout PegasusRead Lookout’s report here.

Category:   Enterprise Mobile Security  •  Security  •  Uncategorized
August 25, 2016

Sophisticated, persistent mobile attack against high-value targets on iOS

Lookout PegasusPersistent, enterprise-class spyware is an underestimated problem on mobile devices. However, targeted attack scenarios against high-value mobile users are a real threat.

Citizen Lab (Munk School of Global Affairs, University of Toronto) and Lookout have uncovered an active threat using three critical iOS zero-day vulnerabilities that, when exploited, form an attack chain that subverts even Apple’s strong security environment. We call these vulnerabilities “Trident.” Our two organizations have worked directly with Apple’s security team, which was very responsive and immediately fixed all three Trident iOS vulnerabilities in its 9.3.5 patch.

All individuals should update to the latest version of iOS immediately. If you’re unsure what version you’re running, you can check Settings > General > About > Version. Lookout will send an alert to a customer’s phone any time a new update is available. Lookout’s products also detect and alert customers to this threat.

Category:   Security  •  Uncategorized
August 17, 2016

Gartner Market Guide for Mobile Threat Defense Solutions – what you need to know


Gartner published its “Market Guide for Mobile Threat Defense Solutions” a few weeks ago, and in my view it offers three key takeaways for security and IT leaders facing the challenge of securing mobility in your organizations.

In the guide, Gartner establishes a clear definition for Mobile Threat Defense (MTD), outlines the market’s direction through 2018, and provides the capabilities an MTD solution should have.

Let’s take a closer look at what I see as the “must know” takeaways from this report:

August 15, 2016

Linux flaw that allows anyone to hijack Internet traffic also affects 80% of Android devices

Lookout recently discovered a serious exploit in TCP reported this week also impacts nearly 80% of Android, or around 1.4 billion devices, based on an install base reported by Statista. The vulnerability lets attackers obtain unencrypted traffic and degrade encrypted traffic to spy on victims.

The issue should be concerning to Android users as attackers are able to execute this spying without traditional “man-in-the-middle” attacks through which they must compromise the network in order to intercept the traffic.

Researchers from University of California, Riverside and the U.S. Army Research Laboratory recently revealed a vulnerability in TCP at the USENIX Security 2016 conference, specifically pertaining to Linux systems. The vulnerability allows an attacker to remotely spy on people who are using unencrypted traffic or degrade encrypted connections. While a man in the middle attack is not required here, the attacker still needs to know a source and destination IP address to successfully execute the attack.

We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9% of the Android ecosystem.

Category:   Security  •  Uncategorized
August 10, 2016

Now available: The Practical Guide to Enterprise Mobile Security


The Practical Guide to Enterprise Mobile Security is a one-stop shop for enterprise IT teams looking to enable mobile productivity in their organizations, while simultaneously reducing the risks inherent to mobile devices. In it, you’ll get actionable information on every element of mobile security from what threats look like on mobile to how to buy a mobile security solution.

If you have any of the following questions, you need to read this guide:
  • What is mobile security?
  • What are mobile threats?
  • Have you seen mobile threats in real-life enterprises?
  • What features should mobile security solutions have?
  • How do I sell the idea of mobile security to my internal stakeholders?
  • How do I evaluate vendors?
  • How do I get my employees to use it without seeming like Big Brother?
  • How do I know if it’s really working?

Screen Shot 2016-08-10 at 9.43.55 AM

August 5, 2016

Security week-in-review: Bugs be gone, Apple announces bounty program


It’s hard to keep up with the hundreds of security-specific headlines published every week.

So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore bug bounty programs, bug fixes, and healthcare breaches. Check back every Friday to learn about the latest in security news.

Category:   Security
August 5, 2016

August Android Security Bulletin: a year of patches

One year into Google’s monthly patching for Android, the August 2016 bulletin contains 103 patches, just short of the high of 108 from last month. This makes a total of 373 vulnerabilities reported via the monthly Android security bulletin for 2016 and a total of 454 since Google started publicly publishing these monthly reports a year ago.

Category:   Security