Ask the Experts

Ask the Experts

Mobile security threats and prevention

• How did a malicious app slip past Google Play app store security?

  A malicious app called Black Jack Free was able to bypass Google Play's app store security. Expert Michael Cobb explains the threat and how enterprises should defend themselves.  Continue Reading

• How does SandJacking let attackers load malware on iOS devices?

  SandJacking, a new iOS attack technique, uses an XCode certificate flaw to load malicious apps onto devices. Expert Michael Cobb explains how the attack works.  Continue Reading

• How does the Android Trojan Triada infect a device's core processes?

  The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the effects of this serious threat.  Continue Reading

• How does the AceDeceiver Trojan install itself on iOS devices?

  AceDeceiver is a Trojan that can install itself on iOS devices without any certificates. Expert Nick Lewis explains how it works, and how enterprises can prevent it.  Continue Reading

• How does the new Stagefright exploit Metaphor conduct an ASLR bypass?

  A new Stagefright exploit called Metaphor has been released. Expert Nick Lewis explains its ability to do an ASLR bypass, and what it means for Android device security.  Continue Reading

• How does the Mazar malware take control of Android devices?

  The Mazar malware can wipe an entire Android device once it has been installed. Expert Nick Lewis explains how this malware works, and how attacks can be prevented.  Continue Reading

• How did a pirated app bypass Apple's App Store security?

  A pirated app called Happy Daily English beat Apple's App Store security review. Expert Michael Cobb explains how it works and what security teams can do about it.  Continue Reading

• How can the AirDroid app phone hijacking be prevented?

  A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it.  Continue Reading

• Does the Icera modem vulnerability in Blackphones affect other devices?

  A vulnerability was found in the Blackphone's Icera modem. Expert Michael Cobb explains how attackers could hijack the device, and if this would occur in other mobile devices.  Continue Reading

• How does SlemBunk collect Android user credentials?

  An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.  Continue Reading

• How does YiSpecter affect non-jailbroken iOS devices?

  New mobile malware can affect both jailbroken and non-jailbroken iOS devices. Expert Nick Lewis outlines the threat posed by YiSpecter and how to stop it.  Continue Reading

• Can a state-sponsored attack on mobile devices be traced?

  When it comes to state-sponsored attacks infecting mobile devices, do users have any chance of tracing the attack? Expert Nick Lewis offers some answers.  Continue Reading

• How does the fake Android app BeNews work?

  Find out how to mitigate the risks associated with fake Android apps, like the BeNews app used by the Hacking Team, that trick the Google Play Store.  Continue Reading

• Does the AFNetworking library inhibit iOS app security?

  Flaws in the AFNetworking code library threaten iOS app security. Expert Michael Cobb explains how to prevent falling victim to the flaws.  Continue Reading

• How can power consumption-tracking malware be avoided?

  Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it.  Continue Reading