Mobile Security

KnowBe4 has launched its new and complementary QR Code Phishing Security Test (QR Code PST) tool. The no-charge tool assists organisations in identifying users that are most susceptible to scanning malicious QR codes. Many organisations are aware of the typical social engineering techniques used by bad actors such as phishing, spear phishing and impersonation, to manipulate employees and infiltrate systems. However, bad actors are now taking advantage of the rise in popularity of QR codes and are using them to launch...

There's never a dull day in cybersecurity...Below, we round-up some of top stories that hit the headlines this week! A Rough Day for Colonel Sanders While many of us in the UK hit send on our final work email and tucked away our laptops to enjoy a well-deserved long weekend break, Yum! Brands - owner of the world-renown fast food triad of KFC, Pizza Hut, and Taco Bell - were in the midst of sending...

Research estimates that the average smartphone user has 80 apps on their device, and many companies leverage their own app to communicate with customers. In light of this, it has become critical that due attention is given to maintaining the security of these mobile app ecosystems. Just this year, large mobile-app breaches made headlines through their new use of overlay attacks within mobile app attacks, leading users to believe they were interacting with legitimate apps...

Despite the increased use of mobile device management (MDM), mobile phishing among financial services was at an all-time high last year. A report conducted by endpoint security expert, Lookout, revealed a 125% increase in exposure to considerable risk in both financial services and insurance organisations. The financial report also uncovered that the risk exposure to malware and risky applications increased by over 400%, leaving employees and customers in this industry vulnerable to a breach. Phishing...

Synopsys has today announced it will showcase the Software Integrity Group’s new Intelligent Orchestration solution at RSA Conference on May 17th - 20th. Intelligent Orchestration is a dedicated application security automation pipeline, optimized for speed and efficiency, that ensures the right security tests are performed at the right time. Intelligent Orchestration, which runs in parallel to build and release pipelines, utilizes innovative technology to automatically determine and initiate the most appropriate security tests, including static (SAST),...

An information leakage can result in grave consequences. Consider the recent SolarWinds supply chain attack which transpired from the exposure of a critical, and inanely simple, internal password (solarwinds123). In this way, making the recent findings by the Synopsys Cybersecurity Research Center (CyRC) especially troubling. The analysis of over 3,000 popular Android mobile apps showed information leakage to be commonplace. Passwords, user credentials, email addresses and tokens are among the information found. With this information,...

Mobile cybersecurity specialists, Lookout, has acquired CipherCloud, a cloud-native security company that operates in the emerging Secure Access Service Edge (SASE) market. Through this acquisition, which combines the Lookout Mobile Endpoint Security with the CipherCloud SASE technologies, Lookout believes it is in the best position to provide industry’s first end-to-end platform that secures an organisation’s entire data path from endpoint to cloud.    Given the rise in the number of remote users and the rapid adoption of cloud technology, the need for...

This week, Google has added a wave of new cybersecurity vendors to its BeyondCorp Alliance to add Zero Trust to its security model for mobile devices. With digital transformation and cloud being swiftly adopted by organisations, smartphones, tables and laptops have become integral for the everyday working individual. For mobile devices, this is extremely critical given that they have replaced more traditional devices as our main productivity tool which has meant there is now a...

In the age of modern connectivity, emails are the de facto mode of communication. Securing emails from cybercriminals is a difficult task, and many businesses are left scratching their heads when deciding how to keep corporate data and privileged information secure. Zix a provider of cloud email security, productivity and compliance solutions has announced the release of its Advanced Email Threat Protection service for the UK market. This new offering sees the utilisation of machine...

Chinese-state sponsored hackers have been using Android spyware tools to target ethnic minority groups particularly Uighurs, Tibetans, and Muslims, across 15 countries which include Malaysia, Turkey, Indonesia and Kazakhstan. First discovered by mobile cybersecurity providers Lookout, the primary aim of these apps is to track, gather and exfiltrate personal user data to attacker-operated command-and-control servers, with the surveillance attributed to the Chinese government’s national security and counter-terrorism efforts. Threat researchers state the spyware exploits the victim’s...