HackDig : Dig high-quality web security articles for hacker

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We’re talking here about intercepting and stealing personal information and the de-anonymi
Publish At:2017-10-24 11:55 | Read:607 | Comments:0 | Tags:Featured Mobile threats Android Certificate HTTPS iOS Mobile

Lookout in Vanity Fair: The real story behind Pegasus and Trident

Smartphones today have more computing power than a Cray III supercomputer. However, many security professionals put about as much thought into securing their mobile ecosystems as they did into securing Motorola RAZRv3 flip phones back in the day. Vanity Fair interviewed my team to understand the story behind the discovery of Trident, the three zero-day vuln
Publish At:2017-01-23 13:30 | Read:939 | Comments:0 | Tags:Enterprise Mobile Security Lookout News mobile security mobi

Mobile threats 2016: targeted attacks, major vulns, and innovative malware

This year was a prolific one for threat actors, who focused on writing sophisticated code and building on existing threat families, and used familiar distribution techniques. We’ve boiled down 2016 into five significant mobile threat-types that enterprises and individuals alike should know about. We look at a serious, targeted iOS threat; malware that roots
Publish At:2016-12-21 22:15 | Read:1438 | Comments:0 | Tags:Security android iOS mobile malware mobile threats vulnerabi

Former CSO of AT&T, Dr. Edward Amoroso, talks mobile attackers and how enterprise security teams should innovate

Dr. Amoroso is a former SVP and CSO of AT&T. He is currently on the board of M&T Bank and the CEO of TAG Cyber, which has just released the 2017 TAG Cyber Security Annual, a comprehensive reference guide for cyber security professionals. Lookout: What made you start a project like the 2017 TAG Cyber Security Annual? Dr. Amoroso: A challenging conu
Publish At:2016-09-09 13:45 | Read:1403 | Comments:0 | Tags:Security CISO CSO Edward Amoroso innovation mobile security

The house always wins: Takedown of a banking trojan in Google Play

You always take your chances when you gamble, but with this Android malware, the odds are very much against you. Lookout recently identified an app called “Black Jack Free” in the Google Play store, which turned out to be a variant of the malware family Acecard. The app has since been removed from the store. Because we previously issued coverage for this ma
Publish At:2016-05-16 19:20 | Read:1255 | Comments:0 | Tags:Alerts Security Acecard banking trojans Black Jack Free mobi

Hacking Team RCSAndroid Spying Tool Listens to Calls; Roots Devices to Get In

Following news that iOS devices are at risk of spyware related to the Hacking Team, the saga continues into the Android sphere. We found that among the leaked files is the code for Hacking Team’s open-source malware suite RCSAndroid (Remote Control System Android), which was sold by the company as a tool for monitoring targets. The RCSAndroid code can be con
Publish At:2015-07-22 01:25 | Read:1164 | Comments:0 | Tags:Mobile android google play Hacking Team leak mobile threats

The mobile threat landscape in the eyes of a CSO

This week, former Cigna CISO Craig Shumard (who is also a consultant for Lookout) published an article in CSO explaining what the mobile threat landscape really looks like in reaction to a number of reports suggesting that mobile malware is no problem. His biggest takeaway? Where the market for mobile malware is still maturing, the overall mobile device is n
Publish At:2015-06-03 14:25 | Read:1067 | Comments:0 | Tags:Security Craig Shumard mobile threats

Mobile Threats Underline Mobile Security Challenges

As customers, companies and the world at large go mobile, mobile threats are moving into the top tier of challenges enterprises face. Some of these threats are technical in nature. For instance, when a security researcher discovered a flaw in Verizon’s mobile email application, the company’s emergency response capabilities were put to the test an
Publish At:2015-02-11 00:15 | Read:1418 | Comments:0 | Tags:Mobile Security Application Programming Interface (API) Appl

スマートフォンのブラウザをロックするように進化したワンクリック詐欺

日本のワンクリック詐欺では、ユーザーをだましてアダルト動画サイトに登録させる手口が一般的です。この手の詐欺は 10 年以上も前から続いていますが、一向になくなる気配はありません。スマートフォンを狙うワンクリック詐欺が登場したのは 2011 年のことです。最も影響を受けるのは Android と iOS ですが、これらのオペレーティングシステムだけの問題ではなく、あらゆる種類のスマートフォンで被害が発生する可能性があります。今ではワンクリック詐欺は、モバイルプラットフォームを標的とするサイバー詐欺のなかでも、最も深刻なものとなりました。モバイルを狙うワンクリック詐欺については、以前のブログで詳しく説明しています。この手の詐欺では長年にわたってさまざまな手口が使われていますが、そのほとんどは
Publish At:2015-01-13 11:20 | Read:3542 | Comments:0 | Tags:Security Security Response Endpoint Protection (AntiVirus) a

Japanese one-click fraud evolves to lock smartphone browsers

One-click fraud in Japan typically refers to a type of scam that involves deceiving users into subscribing to adult video services. The fraud has been in existence for over a decade and shows no sign of disappearing. One-click fraud made its debut on smartphones in 2011 and has most heavily affected users of both Android and iOS, but it’s not uni
Publish At:2015-01-13 11:20 | Read:1277 | Comments:0 | Tags:Security Security Response Endpoint Protection (AntiVirus) a

Masque Attack: All Your iOS Apps Belong to Us

In July 2014, FireEye mobile security researchers have discovered that an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store, as long as both apps used the same bundle identifier. This in-house app may display an arbitrary title (like “New Flappy Bird”) that lures the user to install it, b
Publish At:2014-11-12 07:20 | Read:1672 | Comments:0 | Tags:Exploits Mobile Threats Targeted Attack Threat Intelligence

Relentless mobile threats to avoid

Every day, Lookout analyzes more than 30,000 apps from around the world. While most are safe, a handful of them pose notable risks. Lookout assembled its first list of Relentless Mobile Threats to Avoid to shine a spotlight on the threats poised to affect millions of U.S. consumers, either because of their ubiquity, the extent of the damage they inflict, or
Publish At:2014-11-05 18:25 | Read:1244 | Comments:0 | Tags:Mobile Tips + Tricks Security mobile threats mobile threats

We Steal SMS: An insight into Android.KorBanker Operations

Twelve months. That is how long we’ve known about the Android.KorBanker malware app. For a year, this app has been operational, attacking unsuspecting users who think they’re simply downloading a banking application when in fact, they’re opening their bank account credentials to a threat actor(s). We’ve been monitoring the KorBanker malware ever since it was
Publish At:2014-09-03 10:40 | Read:1239 | Comments:0 | Tags:Mobile Threats Threat Research android attacks android hacki

SSL Vulnerabilities: Who listens when Android applications talk?

Summary The Android ecosystem is all about communicating, and right now it’s screaming for help. That’s because SSL vulnerabilities and the Man-In-The-Middle (MITM) attacks they enable are wreaking havoc on data security. The scariest part? SSL vulnerabilities are evident in many of today’s most popular applications as we recently uncovered. The FireEye Mobi
Publish At:2014-08-20 16:10 | Read:1551 | Comments:0 | Tags:Mobile Threats Threat Research ad libraries ad library andro

5 things you need to know about mobile malware

The latest Mobile Threat Report from the F-Secure Labs is now available. You can download it now and watch our Mikko Hypponen and Sean Sullivan walk you through it above. Or if you’re just looking for what you as smartphone or tablet owner needs to know now, here’s a quick list: 1. Android is the main target. 259 new mobile threat families and v
Publish At:2014-08-15 08:50 | Read:1609 | Comments:0 | Tags:Mobile Security F-Secure Labs Mikko Hypponen mobile threats

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud