Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Spanish officials said the cellphones of its prime minister and defense minister were infected with Pegasus spyware in 2021, resulting in a significant amount of data being obtained. [Read More]
Google said it prevented 1.2 million bad apps from reaching Google Play in 2021, but cybercriminals continue finding ways to deliver their malware via the app store. [Read More]
The open source Apple Lossless Audio Codec (ALAC) is affected by serious vulnerabilities that have been pushed out to millions of Android devices by major mobile chipset manufacturers. [Read More]
Google and Mandiant separately warn that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace. [Read More]
Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society. [Read More]
By paying just a bit more attention to the permissions you are allowing on your phone or computer, you could protect yourself from a much more significant headache down the road.
While less powerful than desktops and servers used for this purpose, more Android devices exist, and they are often less protected and, thus, more easily accessible.
Users, networks and applications can – and should— exist everywhere, which puts new burdens on security teams to protect them in the same way as the traditional perimeter.
In this day of BYOD devices and zero-trust operating environments, IT and security professionals gain nothing from trying to manage the unmanageable—which is just as well, because the device is no longer the endpoint that matters.
While flexibility offers countless benefits for corporations and their employees, this new emphasis on mobility has also introduced a new set of risks, and this in turn re-ignites a focus on endpoint security.
Applying a zero trust model to mobile and the right security controls at the app level could align productivity and security. But the bottom line is that it’s no longer about the device; it’s about the applications.