Security News
Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.
A group of cybercriminals used mobile emulators to spoof thousands of mobile devices , which enabled them to steal millions of dollars within days. Targeting financial institutions in Europe and the United States, the mobile banking fraud operation relied on over 20 emulators to spoof more than 16,000 mobile devices and access compromised accounts.
Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. While emulators are not malicious tools, the group behind this campaign used them for malicious purposes emulating compromised devices or setting up what looked like new devices picked up by the compromised accounts' owners.
Microsoft has released a new version of Microsoft Authenticator that now acts as a password manager for Android and iOS. With this new feature, you can now autofill credentials into websites and apps that were saved via Authenticator or Microsoft Edge's built-in password manager to your Microsoft account. Once enabled on Microsoft Authenticator and you log in to an app or website, you will be prompted to autofill your saved password, as shown below.
Microsoft has delivered a managed VPN for mobile devices - using a Linux container. Microsoft is currently previewing an alternative to the Windows VPN, Microsoft Tunnel, aimed at iOS, iPadOS, and Android Enterprise devices.
While 2020 has brought many challenges, perhaps the most critical from a social perspective is how we have intertwined mobile devices into our daily lives. We've seen a similar tactic used in an ongoing mobile phishing campaign that sends a message purporting to be a missed package delivery with a link to a fake claim page that is a mobile phishing attack.
The current distributed remote work environment has also triggered a new threat landscape, with malicious actors increasingly targeting mobile devices with phishing attacks. Mobile Molly Works constantly on the go using a range of mobile devices, such as tablets and phones, and often relies on public WiFi networks for work.
If you needed another reason not to use a charger made available at a coffeeshop or airport or by an acquaintance, here it is: maliciously modified fast chargers may damage your phone, tablet or laptop and set it on fire. Fast chargers and power banks are not a rarity anymore, and most digital devices now support fast charging.
Samsung on Tuesday unveiled a new security solution - composed of a secure element chip and security software - designed to enhance data protection on mobile devices. Samsung has described it as a "Standalone turnkey security solution" that provides protection for the booting process, isolated storage, mobile payments and other applications.
The DHS is partnering with BlueRISC Inc to develop Cloud-based Root-of-Trust technology to keep agency email separate and secure on corporate-owned, personally enabled devices, even when the user operates personal email from the same device. "The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections," said Kris Carver, BlueRISC Technical Director.