Security News > 2021 > August > Black Hat Keynote: Mobile Platforms 'Actively Obstructing' Zero-Day Malware Hunters

Black Hat Keynote: Mobile Platforms 'Actively Obstructing' Zero-Day Malware Hunters
2021-08-04 20:12

Prominent security practitioner Matt Tait kicked off the annual Black Hat security conference Wednesday with a call for platform vendors to make major technology changes to help cope with the surge in major software supply chain attacks.

Tait, an outspoken researcher who has held stints at Google's Project Zero and the U.K.'s GCHQ intelligence agency, said mobile platforms must immediately start providing improved "On-device observability" to help defenders cope with ongoing in-the-wild zero-day attacks.

"There's an enormous amount of exploited zero-day being detected in the wild and no device observability. This should be a wake-up call to all of the platform vendors. It's deeply disturbing that we know that there's massive amounts of zero-day being exploited against mobile platforms and we have no forensics on devices in order to collect this data," Tait said.

Even worse, Tait accused mobile platform vendors of "Actively obstructing" any attempts at accessing security features and data from devices.

"The problem at the moment is the platform vendors in the mobile space are actively obstructing some of the security features that we need. One of these is the ability to scan apps. We should be able to scan all applications in a given app store," he declared.

"It should also be possible to install security agents on mobile devices and also do forensics. And this should be both post-compromise and also in anticipation of compromise," Tait said, arguing that mobile systems have been specifically designed to prevent malware scanning tools.


News URL

http://feedproxy.google.com/~r/securityweek/~3/hbwXPPNqFGY/black-hat-keynote-mobile-platforms-actively-obstructing-zero-day-malware-hunters