Krishnan specifically addresses targeted attacks, such as the Pegasus malware; network attacks, such as man-in-the-middle attacks; the rare, but concerning “juice-jacking” attack, and other things to consider.
He also discusses how to keep your corporate data safe. The bottom line? Make sure you can remotely:
Detect and remediate mobile malware
Detect and remediate compromised operating systems
Detect and remediate network-based man-in-the-middle attacks.
If the twinkle lights on trees and the familiar tunes of carols emanating from coworkers’ earbuds haven’t given it away already: we’ve officially entered holiday shopping season.
This means you may be likely to use your mobile device to purchase presents for your family and friends. It’s more important than ever to be vigilant while making purchases on your mobile device in order to avoid mobile scams.
IBM quotes the rise in mobile shopping on Black Friday 2015 saying, “Mobile shopping habits shifted noticeably … marking the first time smartphones generated more sales than tablets, mainly by stealing device share from desktops.”
While people are seeing the benefits of mobile shopping — ease of price comparisons in-store, convenience to shop anywhere anytime — opportunistic criminals are seeing potential benefits, as well.
Today, Lookout is adding two new tools to our Personal app for individuals who are concerned about the safety of their digital identity and financial data.
In today’s mobile world our personal information is stored in many services on our devices and across the internet, which is a great thing for our daily digital lives. Criminals see value in this information, too, especially if it’s information associated with our identities, and may attempt to breach the services we use to obtain it.
Identity Theft Protection helps you detect and recover from identity theft, and Breach Report notifies you with clear, actionable information about corporate data breaches that may impact you. These new features, coupled with our time-tested security technology, make the Lookout Personal app the only all-in-one app for mobile security, identity theft protection, and device theft prevention.
In August, Lookout, in conjunction with Citizen Lab, discovered “Pegasus,” a sophisticated piece of mobile spyware used by nation state actors to surveil high-value targets. The so-called “cyber arms dealer,” NSO Group created the spyware, which, at the time, relied on the three Trident vulnerabilities to remotely and silently compromise a device. Lookout and Citizen Lab worked directly with Apple to close the holes and cripple this attack vector used by Pegasus for the compromise.
Two especially critical flaws that allow an attacker to root or completely compromise a device have just been added to the litany of vulns on Android devices.
The vulnerabilities are known colloquially as DirtyCow (CVE-2016-5195) and Drammer (CVE-2016-6728). While they are unrelated, they both represent a real risk to Android users as individuals have already published proof-of-concept exploit code online for both vulnerabilities, thus minimizing the time attackers would need to understand and develop their own exploits from scratch. Additionally, industry researchers have already seen attackers using DirtyCow to exploit Linux-based systems in the wild.