Security News

Security and the rapidly growing importance of mobile apps
2020-05-18 04:00

According to the Verizon Mobile Security Index 2020, 43% of organizations said they knowingly cut corners on mobile security in 2019 to "Get the job done." And that was before the global pandemic. This will be a struggle for many organizations unless they have mobile security professionals embedded in their development teams, and as I mentioned earlier, mobile security professionals are in short supply.

Zimperium enhances its offering with ZecOps’ advanced mobile forensics capabilities
2020-05-06 23:45

Zimperium, the global leader in mobile security, announced a strategic partnership with ZecOps, the leading agentless automated Digital Forensics and Incident Response provider, enhancing Zimperium's offering with ZecOps' advanced mobile forensics capabilities. "Through our partnership with ZecOps, Zimperium is now the only company that can provide companies and government agencies with on-device, machine learning-based threat detection and automated digital-rich forensics for incident response efforts."

PDI adds a new employee self-service mobile app to its PDI Enterprise Workforce software
2020-05-01 01:15

PDI, a global provider of enterprise resource planning, fuel pricing, supply chain logistics, and loyalty solutions for the convenience retail and petroleum wholesale industries, announced it is adding a new employee self-service mobile app to its PDI Enterprise Workforce software. PDI Employee Self-Service provides c-store employees real-time access to accurate shift coverage, schedule transparency and pay stub information.

“Zero-click” mobile phone attacks – and how to avoid them
2020-04-30 18:08

Any developer currently using image importers or other image handling libraries should read this document to see how to use the Image I/O framework instead. In other words, instead of laboriously adding support for dozens of different image formats to your app by writing code for each new filetype one-by-one, you can just use ImageIO functions and let the operating system take care of figuring out what image type it is, whether it's supported, and how to read it in. You don't need to worry, or even care, whether it's JPEG, GIF, PNG, BMP, TIFF or even a file format you've never heard off such as KTX. So the drawcard here for a security researcher is the juxtaposition of the word fuzzing, which means going all-out to find weirdly-corrupted files that reveal bugs in the underlying code, and the word ImageIO, which refers to the core code that gets triggered pretty much any time any iPhone app encounters an image file.

As companies rely on digital revenue, the need for web and mobile app security skyrockets
2020-04-30 05:30

Although the use of applications has steadily increased, the difference in the ways that web and mobile applications are protected is not widely understood. Many companies that have been using security tools for their web application may feel that moving these security tools to mobile may be difficult, but it isn't.

Guardsquare ThreatCast: Protecting mobile apps against suspicious activities and malicious users
2020-04-30 03:00

Guardsquare, the mobile application security platform, announced the launch of ThreatCast, a cloud-based mobile application threat intelligence expansion to its platform. ThreatCast delivers a single dashboard interface to threat intelligence from Guardsquare's cutting-edge products for layered mobile app security-DexGuard for Android and iXGuard for iOS. With a multi-layered approach to application protection and a mobile security console, ThreatCast provides all the tools needed to assess threats in real time and the intelligence to protect mobile applications against suspicious activities and malicious users.

Cybereason Unveils New Mobile Device Security Offerings
2020-04-23 13:32

Cybereason Mobile MDR gives enterprises a managed solution that will detect and prevent suspicious activity on mobile devices, while through Cybereason Mobile it provides access to a team of iOS and Android analysts, 24x7x365, for efficient discovery, triaging and mitigation of mobile incidents. "Cybereason Mobile," Cybereason's Maor Franco told SecurityWeek, "Can be configured to enforce preventative actions when a new threat is identified to stop the spread of malware across the enterprise, using mobile as a way into the network. In this case, mobile is even riskier. The attacker doesn't require a back door in the network when using the infected mobile device to enter through the front door."

DHS Working on Cloud-based Root-of-Trust to Secure Agency Email on Mobile Devices
2020-04-17 13:26

The DHS is partnering with BlueRISC Inc to develop Cloud-based Root-of-Trust technology to keep agency email separate and secure on corporate-owned, personally enabled devices, even when the user operates personal email from the same device. "The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections," said Kris Carver, BlueRISC Technical Director.

Cohesity launches mobile app that enables IT staff manage data from their mobile devices
2020-04-17 03:00

Cohesity announced a mobile app that gives busy IT staff a simple way to manage all of their Cohesity clusters right from the palm of their hand. The Cohesity Helios mobile app empowers IT staff to monitor the health and performance of their Cohesity infrastructure, easily manage support cases, and get alerts about anomalies, including potential ransomware attacks to their production environment, while on the go.

Syrian Hackers Target Mobile Users With COVID-19 Lures
2020-04-16 12:20

Syrian-linked hackers recently switched to COVID-19-themed lures as part of a long-running surveillance campaign, Lookout security researchers reveal. Supposedly active since January 2018, the campaign targets Arabic-speaking users with tens of Android applications, none of which is available in the official Google Play Store.