Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new SMS worm dubbed "Selfmite" has been infecting Android devices in a pay-per-install scheme that abuses advertising services.
Zach Lanier, senior security researcher at Duo Security, talks about a gaping hole in the way two-factor authentication is implemented in the PayPal mobile app (iOS and Android).
Organizations need to expand their mobile worldview to include data leakage, insider threats, and mobile malware and develop incident response plans that consider mobile devices.
Security researchers at mobile software company Cheetah Mobile have identified a piece of Android malware that's designed to steal the personal and financial details of South Korean online banking customers.
Bluebox Security unveiled the latest release of its flagship security platform this week, which now gives customers the ability to fortify mobile applications with self-defense capabilities, along with other new security features.
Researchers from Kaspersky Lab and Citizen Lab have uncovered new details on advanced surveillance tools offered by the Italian company HackingTeam, including never before seen implants for smartphones running on iOS and Android.
Cybercriminals are increasingly abusing flaws in trusted mobile apps and services in an effort to distribute malware.
Google has recently made changes to the way permissions for Android applications are displayed, but experts warn that the modifications make automatic updating of mobile applications riskier than before.
Malware authors have developed a new version of the Svpeng Android Trojan, which they’re currently using to target users in the United States.
Mojave Networks has added a new feature to the company’s professional and enterprise services in an effort to help organizations minimize the risks posed by the mobile applications used by their employees.

FEATURES, INSIGHTS // Mobile Security

rss icon

Adam Ely's picture
Yesterday’s device management approach does not work in a BYOD world. The end users are bringing their own devices, so we need to adjust to accommodate this new world order.
Adam Ely's picture
Security teams and lines of business have reached a turning point on BYOD. It’s now become more important than ever for the CISO to figure out how to manage risk without inhibiting users.
Adam Ely's picture
Many of us create our own blind spots through assumption. Until we understand what is occurring on mobile devices, we cannot determine if our controls are effective at managing risk.
Adam Ely's picture
CISOs are notoriously disliked. Trying to protect company, customer and employee data often means having to say “no” to new projects and implementations. This does not earn you many friends.
Ryan Naraine's picture
John Hultquist, Manager of Cyber Espionage Threat Intelligence at ISIGHT Partners, joins the podcast to talk about "NEWSCASTER," a cyber espionage operation that uses fictitious social media accounts to launch attacks.
Danelle Au's picture
Enterprises must find the right balance to deliver a mobile security environment that meets productivity and flexibility needs without putting devices, apps, or data at risk.
Ryan Naraine's picture
In this podcast, Richard Boscovich, assistant general counsel in the Microsoft Digital Crimes Unit, talks about the new Microsoft Cybercrime Center and the ongoing battle to stop the proliferation of botnets around the world.
Wade Williamson's picture
If you are going to analyze network traffic for hidden malware or look for anomalous behaviors that indicate an infection, you should be sure to include mobile devices and mobile malware in your efforts.
Ryan Naraine's picture
Vinnie Liu from Bishop Fox joins Ryan Naraine on the podcast to warn businesses about the security risks associated with the new LinkedIn Intro application.
Torsten George's picture
Many security experts believe the next wave of enterprise hacking will be carried out via the mobile channel. What steps can be taken to maintain the productivity gains and cost-savings associated with BYOD, while proactively managing and mitigating security risks associated with this practice?