HackDig : Dig high-quality web security articles for hacker

What exactly is a mobile ______ attack?

Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the greatest return on their investment of
Publish At:2019-09-19 14:33 | Read:76 | Comments:0 | Tags:Android App Security iOS Mobile Malware Mobile Security Mobi

The Bad, The Ugly & The Good of Mobile Phishing Protection

“The good, the bad and the ugly” is a well-known expression, but when it comes to mobile phishing, I suggest shifting the order. Let’s talk about the bad, the ugly and the good. The Bad: Mobile Takes Phishing from Bad to Worse Phishing is one of the most dominant attack techniques in cyber security.  Phishing has a very low barrier of entry, attacks can be
Publish At:2019-09-19 14:33 | Read:92 | Comments:0 | Tags:Mobile Security Mobile Threat Defense advanced mobile threat

Don’t Let Liberating Your Employees Give Freedom to Hackers

Liberation. It’s a powerful word. It’s about freedom from limits on thought or behavior.  The reason why I bring this up is because I recently heard from a prospect of mine, here in London, who mentioned he was liberating his employees by giving them the ability to work away from the office. As part of this, he would allow them to work from home on their mo
Publish At:2019-09-19 14:33 | Read:88 | Comments:0 | Tags:Mobile Security Mobile Threat Defense advanced mobile threat

Malicious Websites Put iOS Devices At Risk

In an excellent and deep blog analysis, Ian Beer of Google’s Project Zero outlines five separate iOS exploit chains that were found on a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iOS 0-day. (For another watering hole attack example, please see our recent blog,
Publish At:2019-09-19 14:33 | Read:105 | Comments:0 | Tags:iOS Machine Learning Mobile Security Mobile Threat Defense T

It’s Not Your Father’s Endpoint | How Do You Protect Mobile Devices?

In the first three blogs of this series, I discussed why mobile devices are easy prey, what data is at risk, and how mobile devices can be hacked. For the final blog in this series, I will discuss how to fully protect your mobile device.  Operating systems like iOS and Android are fundamentally different than a typical desktop OS like Windows. As a result,
Publish At:2019-09-19 14:33 | Read:88 | Comments:0 | Tags:Mobile Security Mobile Threat Defense mobile attacks Mobile

The Other Half of the Equation: How MTD Completes EPP/EDR

According to Gartner’s 2019 Hype Cycle for Endpoint Security, “As traditional endpoint security remodernizes and mobile security innovation slows down, the two areas have reached similar levels of maturity. The convergence between mobile and more-traditional endpoints will increasingly allow security leaders to define common endpoint security strategies for
Publish At:2019-09-19 14:33 | Read:31 | Comments:0 | Tags:Mobile Security Mobile Threat Defense advanced mobile threat

The Other Half of the Equation: Why UEMs Need MTD

According to Gartner’s 2019 Hype Cycle for Endpoint Security, “Enterprises with average security requirements that do not provide much more than email to their mobile users, address mobile security today by establishing a security baseline and enforcing it via unified endpoint management (UEM).”  UEM is a class of software tools that provide a single manage
Publish At:2019-09-19 14:33 | Read:59 | Comments:0 | Tags:Mobile Security Mobile Threat Defense advanced mobile threat

My Four Truths (So Far) Regarding Mobile Security

I started working at Zimperium late January this year in the marketing communications department, and well…I’m busy.   Every day is something new. Monday – OS problem. Tuesday – “Joker” malware downloaded. Wednesday – Phones could be hacked with a single text message. Thursday – Phishing scams on the rise. Friday – OS pat
Publish At:2019-09-19 14:33 | Read:13 | Comments:0 | Tags:Mobile Security Mobile Threat Defense Enterprise Mobile and

Validating Machine Learning Detection of Mobile Malware

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this res
Publish At:2017-10-21 13:50 | Read:4875 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Detecting KRACK Man in the Middle Attacks

What is KRACK? KRACK (Key Reinstallation attaCKs, KRACKs) is a serious weakness in the WPA2 protocol. WPA2 secures all modern protected Wi-Fi networks including those used by smartphones. Attackers within physical range of a Wi-Fi network can exploit protocol weaknesses by using key reinstallation attacks. The attack works against all modern protected Wi-Fi
Publish At:2017-10-21 13:50 | Read:4533 | Comments:0 | Tags:Mobile security Mobile Threat Defense Threat Research KRACK

Mobile Threat Data Q2 2017

Zimperium is releasing its most recent summarized mobile threat data detected via our global enterprise customers. The data provides insight into what type of threats our customers are detecting by having the zIPS mobile threat defense app on corporate and BYO devices. zIPS enables companies to detect threats to mobile devices in real-time, so attacks via m
Publish At:2017-09-15 18:50 | Read:3118 | Comments:0 | Tags:Mobile Threat Defense Threat Research

Your Guide to Mobile Threat Defense

“The signs are clear that mobile threats can no longer be ignored. Security and risk management leaders must familiarize themselves with mobile threat defense solutions and plan to gradually integrate them to mitigate mobile risks.”* *Gartner Market Guide for Mobile Threat Defense Solutions, Dionisio Zumerle, John Girard, 22 August 2017 Gartner r
Publish At:2017-09-13 11:35 | Read:3037 | Comments:0 | Tags:Mobile Threat Defense Threat Research Gartner

Fake Snapchat in Google Play Store

Introduction   Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” .” appended to original name. Fake
Publish At:2017-08-11 02:50 | Read:4281 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:4134 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

Jailbreak versus Compromise…

We see a lot of confusion in the market about precisely what it means to jailbreak a device–and that confusion could lead to serious problems, especially with regard to the notion of a hacker performing a jailbreak to attack a device. The security industry is notoriously full of acronyms, buzzwords and generally opaque jargon. Here at Zimperium, we try
Publish At:2017-08-08 13:55 | Read:3131 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense Exploit jailbreak

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud