Lookout

April 7, 2017

March was biggest month for compromised data yet with 1.4B exposed email addresses

With over 1.45 billion compromised accounts, emails, social security numbers, dates of birth, and other data types, March was the biggest month for exposed data this year.  

Seventeen companies reported data breaches in March, totaling 1,449,373,000 breached accounts. Major companies, including Saks Fifth Avenue, Coupa, and McDonald’s (Canada), experienced data loss. However, according to email marketing organization River City Media’s public reports, the organization took the biggest hit with 1.4 billion exposed email addresses. That’s over 96% of the total breached accounts for the month.

March 31, 2017

Paying attention to mobile now will give you a stronger security architecture later

“I think the time has come to skew expenditures more toward the future as opposed to what we’re seeing right now. There are still more non-mobile threats that are publicly reported than mobile threats, but that’s a temporary condition. People need to think about mobile and cloud and what’s coming and start the transition now. Otherwise they will not be in a better position when we get there; they’ll be in a far worse position,”
–Phil Reitinger, president of Global Cyber Alliance and former CISO

Enterprises are actively transitioning from desktop and server environments to mobile and cloud ones. This should come as no shock to anyone in an enterprise IT or security function. Mobile devices are in every employees’ hand. Corporate architectures are app-centric, with employees downloading mobile apps without IT vetting.

Cybercrime goes where the value is and the value is increasingly going to be in the data that sits in cloud services and the mobile devices that access them.

Paying attention now can help you be in a much better security position later.

March 31, 2017

Evolving architecture, management solutions that don’t secure, and dead perimeters: a CISO’s job is a hard one

 

“You know, when a CSO thinks through priorities — it’s a tough job. [They need to] to balance the kinds of things that require a lot of intense concentration, real deep problems in infrastructure … with the day-to-day things that could be just as important.”

Ed Amoroso would know. Ed served for 12 years as CSO at AT&T and is now the CEO of TAG Cyber. He started his career at Bell Labs in Unix security R&D over 30 years ago.

March 8, 2017

February 2017: Breaches increase, scattered across many industries

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those breaches to provide  customers the most relevant information. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Attackers successfully breached 15 companies from a wide range of industries including retail, transportation, government services, hospitality, technology, gaming, and more. Among them, the biggest names included popular music festival Coachella, restaurant chain Arby’s, and the InterContinental Hotel Group. In the process, attackers were able to compromise nearly 7 million accounts, according to public reports of these incidents.

February 3, 2017

Where to find Lookout at RSA 2017

After a year full of headlines about data breaches and cyber war, it’s clear people want to know about the targeted attacks facing them. That’s what we’re providing at this year’s RSA.

We’ve planned a talk, a happy hour, and a great booth for all RSA attendees, especially those interested in learning about targeted mobile threats to corporate data.

February 2, 2017

Everything you need to know about data breaches in January 2017

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those to give customers the most relevant information to them. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Though we are only one month into the new year, attackers have already breached over six million user accounts or personal records, according to data from Breach Report, a new feature in Lookout Personal for iOS and Android that tracks data breaches around the world.

Breaches are a commonly occurring problem into today’s digital world. The Identity Theft Resource Center reports that 36,601,939 records were exposed in 2016 alone. Criminals steal data from companies and individuals to make money selling identities and payment information, hijack accounts to send spam, or perform espionage. Most often, the end goal is financially motivated.

January 26, 2017

Mobile devices are the future of work

Mobile-beating-PCs

Enterprise employees are using their mobile devices to do their jobs today, but the day when these devices usurp PCs as the preferred device for work is coming faster than you think, if the significant delta between PC and mobile devices sales is any indication.

Mobile devices are the way people work now. Today, enterprises are used to handing out PCs upon a person’s first day at the office. As an employee gets set up, though, businesses will quickly find that work is leaving those protected environments and happening, instead, on mobile devices.

December 22, 2016

2016 data breaches: A look back at a big year of data loss

Though we still have a little less than a month left in 2016, this year has proven to be one of the most significant years for breaches.

We dove into the data using Breach Report, Lookout’s new feature that tracks and alerts users about such incidents, to bring you a deeper look at what breaches really looked like in 2016. Of course, criminals also put name brands in their crosshairs, including Yahoo, Twitter, LinkedIn, Tumblr, and Myspace. But we also observed a new trend out of 2016. Attackers seemed to concentrate attacks around three kinds of data: healthcare records, voting data, and credit card data.

Check out our breakdown of a year in data breaches:

December 21, 2016

Mobile threats 2016: targeted attacks, major vulns, and innovative malware

This year was a prolific one for threat actors, who focused on writing sophisticated code and building on existing threat families, and used familiar distribution techniques.

We’ve boiled down 2016 into five significant mobile threat-types that enterprises and individuals alike should know about. We look at a serious, targeted iOS threat; malware that roots victims’ devices; a particularly “risky” app; threats that put on a mask to trick individuals; and the litany of mobile vulnerabilities we saw this year.

Check out the recap of the most important 2016 mobile threats:

December 1, 2016

Ghost Push and Gooligan: One and the same

You may have seen headlines about a new family of malware called “Gooligan.” This is not actually a net new malware family, but rather it’s a variant of the family “Ghost Push,” a threat first discovered in 2014. Lookout customers have been protected against this threat since then.

Google released a blog post on the threat called, “The fight against Ghost Push continues.” In it, the company reveals that is has been tracking the malware and acknowledges a problem anyone, especially enterprises, should be watching for: malware evolves and becomes more sophisticated over time.