Problem solve

Mobile security threats and prevention

• What's the answer for 5G security?

  Learn about the planning of 3GPP in developing specifications for 5G security in this synopsis of 5G Americas' white paper, 'The Evolution of Security in 5G.' Continue Reading

• Words to go: GPS tracking security

  GPS and location-based services may be some of the most significant recent technological advancements, but they can also put personal privacy in jeopardy. Continue Reading

• How does the iPhone phishing scam work?

  An iPhone phishing scam leads users to believe malicious incoming calls are from Apple Support. How can enterprises protect their employee against this threat? Continue Reading

• How does the Android Rowhammer exploit affect users?

  Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices. Continue Reading

• Four new Mac malware strains exposed by Malwarebytes

  Mac platforms are at risk after Malwarebytes discovered four new Mac malware strains. Learn how to protect your enterprise and how to mitigate these attacks with expert Nick Lewis. Continue Reading

• How were Android Pixel vulnerabilities exploited?

  Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them.Continue Reading

• ExpensiveWall malware: How does this SMS attack function?

  A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis.Continue Reading

• How can improper certificate pinning be stopped by the Spinner tool?

  Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool.Continue Reading

• Android bootloader: How does it work and what is the risk?

  Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk these vulnerabilities present.Continue Reading

• BlueBorne vulnerabilities: Are your Bluetooth devices safe?

  Armis Labs discovered a series of vulnerabilities that enables remote connection to Bluetooth devices. Learn more about the BlueBorne vulnerabilities with expert Matt Pascucci.Continue Reading

• WireX botnet: How did it use infected Android apps?

  To avoid a mobile device catastrophe, several large tech organizations came together to stop the WireX botnet. Learn how this Android botnet with 300 infected apps was stopped.Continue Reading

• How can Android app permissions be exploited by attackers?

  A recently discovered Android app permissions flaw can expose users to attacks. Michael Cobb explains what the risks are and how Android O security will help users.Continue Reading

• PINLogger: How does this exploit steal PINs?

  The proof-of-concept PINLogger attack exploits mobile device sensors to steal PINs. Nick Lewis explains how the attack works and offers advice on how to stop it.Continue Reading

• How can memory corruption attacks threaten smartphones?

  Smartphone users could be at risk of memory corruption attacks because of a baseband vulnerability. Expert Michael Cobb explains the attack and how concerned users should be.Continue Reading

• What are HummingWhale malware's new ad fraud features?

  A HummingBad malware variant, HummingWhale, was discovered being spread through 20 apps on the Google Play Store. Expert Nick Lewis explains the malware's new features.Continue Reading

• The Apple Notify flaw: How does it allow malicious script injection?

  Flaws in the Apple Notify function and iTunes can enable attackers to inject malicious script into the application side. Expert Michael Cobb explains how these vulnerabilities work.Continue Reading

• How does Gooligan malware compromise Google accounts?

  Android apps infected with Gooligan malware enable attackers to compromise the security of Google accounts. Expert Nick Lewis explains how users can protect themselves.Continue Reading

• What is the SS7 protocol and what are its security implications?

  The SS7 protocol has been a source of controversy lately because of its security vulnerabilities. Expert Judith Myerson explains what the protocol is and what its issues are.Continue Reading

• Handbook of System Safety and Security

  In this excerpt from chapter 10 of Handbook of System Safety and Security, editor Edward Griffor discusses cloud and mobile cloud architecture and security.Continue Reading

• How does the boot mode vulnerability in Android work?

  A boot mode vulnerability allowed attackers to eavesdrop on calls made on certain Android devices. Expert Judith Myerson explains how the complex exploit works.Continue Reading

• How did firmware create an Android backdoor in budget devices?

  An Android backdoor was discovered in the Ragentek firmware used in almost three million low-cost devices. Expert Michael Cobb explains how to prevent attacks on affected devices.Continue Reading

• How did vulnerabilities in AirWatch Agent and Inbox work?

  Flaws in AirWatch Agent and AirWatch Inbox allowed rooted devices to bypass the software's security measures. Expert Matthew Pascucci explains how these vulnerabilities worked.Continue Reading

• How did a Signal app bug let attackers alter encrypted attachments?

  The Signal app, used for end-to-end encrypted mobile messaging, contained a bug that allowed data to be added to attachments. Expert Michael Cobb explains the flaw.Continue Reading

• How does Overseer spyware work on infected Android apps?

  Spyware was found on infected Android apps, which were meant to convey embassy information and news, in the Google Play Store. Expert Michael Cobb explains how the spyware works.Continue Reading

• How does the HummingBad malware enable click fraud?

  The HummingBad malware has infected 10 million mobile devices worldwide. Expert Michael Cobb explains how this exploit enables click fraud and other risks for users.Continue Reading

• How did a pirated app bypass Apple's App Store security?

  A pirated app called Happy Daily English beat Apple's App Store security review. Expert Michael Cobb explains how it works and what security teams can do about it.Continue Reading

• How does SlemBunk collect Android user credentials?

  An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.Continue Reading

• How does YiSpecter affect non-jailbroken iOS devices?

  New mobile malware can affect both jailbroken and non-jailbroken iOS devices. Expert Nick Lewis outlines the threat posed by YiSpecter and how to stop it.Continue Reading

• Can a state-sponsored attack on mobile devices be traced?

  When it comes to state-sponsored attacks infecting mobile devices, do users have any chance of tracing the attack? Expert Nick Lewis offers some answers.Continue Reading

• Cyber Reconnaissance, Surveillance and Defense

  In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works.Continue Reading

• How can power consumption-tracking malware be avoided?

  Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it.Continue Reading

• How can mobile certificate security risks be reduced?

  According to recent research, mobile certificate usage is riddled with security issues. Expert Michael Cobb explains how to best control and secure mobile certificates in the enterprise.Continue Reading

• How can I mitigate the risks of alternative Android browsers?

  Expert Michael Cobb explains the security risks surrounding alternative Web browsers, as well as approaches enterprises can take to prevent BYOD employees from using them.Continue Reading

• Addressing wearables security, the next wave of BYOD concerns

  Wearables are the next wave of BYO devices infiltrating the enterprise. Domingo Guerra, president and co-founder of Appthority, talked to SearchSecurity at RSA Conference 2015 about how to address the onslaught.Continue Reading

• How to protect corporate data from government surveillance

  News of government surveillance programs is appearing almost daily. Enterprises need to do what they can to protect corporate data from potential eavesdropping -- but how? Expert Kevin Beaver offers some best practices.Continue Reading

• What VoLTE security risks should enterprises be aware of?

  Mobile devices are coming enabled for VoLTE for voice and video calling, but what are the risks? Network security expert Kevin Beaver explains.Continue Reading

• How can the Siri attack, 'iStegSiri,' be mitigated?

  A proof-of-concept attack on Apple's Siri allowed researchers to steal data from iOS. Learn more about the iStegSiri attack and how to defend against such threats.Continue Reading

• How can we detect and uninstall bloatware?

  Unwanted preinstalled software -- also known as bloatware -- has made its way onto PCs and mobile devices alike. Expert Nick Lewis explains how to detect and uninstall the potential threat.Continue Reading

• Stale, dead apps emerging as serious mobile security risks

  At RSA 2015, Appthority president and co-founder Domingo Guerra outlines emerging mobile security risks enterprises must be aware of -- and the issues aren't limited to just bring your own devices (BYOD).Continue Reading

• What is the best mobile malware protection against NotCompatible.C?

  A sophisticated variant of the NotCompatible malware has emerged that is difficult to detect and defend against. Expert Nick Lewis offers tips for handling NotCompatible.C.Continue Reading

• Are HTML5 mobile apps an enterprise security concern?

  Gartner predicts more than half of all mobile apps will use HTML5 by 2016, but what threats will this cause the enterprise? Expert Michael Cobb discusses.Continue Reading

• Are mobile persistent cookies a threat to enterprise data security?

  While cookies can be helpful, mobile persistent cookies can pose a serious threat to users and enterprises. Expert Michael Cobb explains how to mitigate the risk and eliminate the threat.Continue Reading

• Unmasking the Masque attack: Inside the iOS security flaw

  The Masque attack is a malicious threat, yet Apple has downplayed the risk. Expert Nick Lewis explains how to keep employees from being tricked into installing malware.Continue Reading

• Creating an end-of-life policy for mobile products in the enterprise

  When mobile vendors stop maintaining security on their devices, enterprise data is at risk. Expert Michael Cobb discusses how to assess mobile product end of life and how to create end-of-life policies and controls to maintain BYOD safety.Continue Reading

• Android browser security: How can AOSP browser flaws be fixed?

  While Google fixed the issue on its Android OS, many browsers still fall victim to a known same-origin bypass AOSP browser flaw. Expert Michael Cobb discusses how to avoid the risk.Continue Reading

• Repackaged apps: Defending against fake apps in the enterprise

  Repackaged applications can present multiple enterprise security risks. Expert Nick Lewis explains what these fake apps are and how to defend against them.Continue Reading

• Can a smartphone gyroscope be an eavesdropping tool?

  Smartphones with gyroscopes can be exploited to serve as an eavesdropping tool. Expert Nick Lewis explains how to mitigate smartphone gyroscope risk.Continue Reading

• How can malicious apps posing as real apps be detected?

  Malware masquerading as legitimate applications is a rising problem. Enterprise threats expert Nick Lewis outlines how to detect and mitigate this type of malware.Continue Reading

• Can the new iBanking Android malware be stopped?

  The iBanking malware has evolved to target Android devices. Enterprise threats expert Nick Lewis offers pointers on how to detect this malware on Android as well as prevent the threat.Continue Reading

• Defend against password-stealing malware on jailbroken iOS devices

  A variety of malware that steals passwords from jailbroken iPhones and iPads is becoming an enterprise concern. Expert Nick Lewis explains how to mitigate the risk.Continue Reading

• How to remove malware on Android devices that reinstalls itself

  A variant of malware on Android devices removes and reinstalls itself when a device powers on or off. Learn how to completely eradicate the threat.Continue Reading

• Beating back malicious mobile apps

  This seven-question quiz will test you on the key points we've covered in the malicious mobile apps Security School by Mike Cobb.Continue Reading

• How best to find and fend off malicious mobile apps

  This Security School covers all aspects of dealing with malicious mobile apps, from identifying the real threat to sealing the security perimeter.Continue Reading

• Mobile keyloggers and touchscreen detection attacks

  A recent proof of concept shines new light on the future of mobile keyloggers. Michael Cobb reviews how to keep touchscreen devices safe from attack.Continue Reading

• Chrome bug highlights speech-recognition security risks

  A Chrome bug that leverages the browser's speech-recognition feature reportedly threatens mobile device security. Learn how to combat the threat.Continue Reading

• Mitigating madware to ensure enterprise mobile application security

  Learn about the growing risk of madware in mobile applications, as well as what enterprises should do to prevent security issues.Continue Reading

• Tips for keeping Wi-Fi network passwords secure

  If Wi-Fi network passwords are accessed off Android mobile devices by third parties, it could mean disaster without the right precautions.Continue Reading

• App security: Decompiling Android APK files

  Find hidden malware or security weaknesses by decompiling Android applications into Java source code.Continue Reading

• Apple iMessage security: Is iMessage encryption strong enough?

  Is Apple iMessage encryption strong enough to mitigate reverse-engineering attacks? Learn more about one of the top iMessage security risks.Continue Reading

• Does Nokia SSL decryption raise security concerns for enterprises?

  Network security expert Brad Casey explores the security threats posed by mobile device manufacturers like Nokia that perform HTTPS data decryption.Continue Reading

• Obad.a analysis: Is malware on Android devices now equal to Windows?

  Expert Nick Lewis determines how enterprises should react to Obad.a, a strand of malware on Android devices reportedly equal to that on Windows.Continue Reading

• Inside the Samsung Galaxy Note 2 lock screen bypass vulnerability

  Expert Nick Lewis explains how attackers bypassed the Samsung Galaxy Note 2 lock screen and which devices may be vulnerable.Continue Reading

• BB10 security: The risks of running Android apps on BlackBerry 10

  Expert Michael Cobb explains the implications of running Android apps on BB10 and the system's new security features, including Balance.Continue Reading

• Should Android kernel vulnerabilities make enterprises avoid Samsung?

  Expert Nick Lewis discusses the threat and significance of Android kernel vulnerabilities found in popular Samsung mobile devices.Continue Reading

• How Android users can overcome LeNa malware, slow carrier updates

  Android users can't rely on slowly deployed carrier updates to protect them from the LeNa malware. Expert Nick Lewis explains.Continue Reading

• Mobile device protection: How to thwart SMS Trojans

  Expert Nick Lewis explains how to properly secure a smartphone in order to thwart Trojans that steal SMS messages.Continue Reading

• How to set up your own secure enterprise Android app store

  Reduce the risk posed by smartphones and mobile applications by setting up a corporate app store for users that helps ensure Android application security.Continue Reading

• Carrier IQ software: A big risk to enterprise mobile security?

  Nick Lewis exposes the fact and fiction of the Carrier IQ software and the potential information security risk for enterprises.Continue Reading

• Enterprise mobile access: Considerations for two-factor mobile authentication

  Is two-factor mobile authentication the only answer to secure enterprise mobile access? Randall Gamby explores keeping mobile access under control.Continue Reading

• Can Android virtual patching thwart Android malware attacks?

  Application security expert Mike Cobb weighs the pros and cons of Android virtual patching to thwart Android malware attacks.Continue Reading

• Assessing smartphone eavesdropping via keyboard vibrations

  Is smartphone eavesdropping via keyboard vibrations a credible enterprise threat? Mike Chapple explains.Continue Reading

• Mitigating security risks of mobile location-based services technology

  What can enterprises do to mitigate the security risk of mobile location-based services technology and the like? Start by limiting smartphone apps.Continue Reading

• Android enterprise security: Mobile phone data protection advice

  Android devices are increasingly popular among enterprise users, but is Android enterprise security where it needs to be to ensure the safety of important enterprise documents? Expert Michael Cobb offers his take.Continue Reading

• Smishing: How to protect enterprises from SMS fraud

  Learn more about protecting enterprises from smishing, or SMS fraud, in this expert response from Nick Lewis.Continue Reading

• Smartphone malware pre-installed: The next security threat

  Pre-installed smartphone malware is a growing problem and security pros need to be aware of how this malware could creep into your organization.Continue Reading

• How do hackers bypass a code signing procedure to inject malware

  In this expert Q&A, Michael Cobb reveals how malicious applications can actually be approved by Symbian's Express Signing procedure.Continue Reading

• How to set up a corporate cell phone management strategy

  Mobile devices are ubiquitous in today's enterprise environments, but how can security pros keep them from becoming malware-laden, data-leaking devices? In this expert response, Mike Chapple gives pointers on a corporate cell phone management ...Continue Reading

• How easily can spyware be placed on a mobile phone?

  John Strand reveals just how easy it is for malware and spyware to be placed on your mobile devices.Continue Reading

• Should enterprises ban USBs because the DoD banned them?

  When creating a portable device security policy, should an organization take into account the policies of the federal government? In this security management expert response, learn what can be helpful to keeping USB devices secure.Continue Reading

• Smartphone security: The growing threat of mobile malware

  The increasingly pervasive use of wireless handhelds in the enterprise is just one reason why malware pros are getting serious about mobile malware. Lisa Phifer details all the reasons why smartphone and PDA viruses and malware may be on the rise, ...Continue Reading

• Bringing the network perimeter back from the 'dead'

  In the past year, a number of security professionals from consulting firms have expressed the importance of endpoint security, going so far as to say the perimeter is dead. Not so fast, offers network security expert Mike Chapple. In this spirited ...Continue Reading

• Does SMS spoofing require as much effort as email spoofing?

  SMS text message spoofing demands a little more technical knowledge than email spoofing. But not much, says information security threat expert Ed Skoudis. In this Q&A, Skoudis explains how that technical know-how has now been embedded in easy-to-use...Continue Reading

• Will fixed-mobile convergence (FMC) create more security risks?

  Many carriers want to deliver data and video by integrating wireline and wireless infrastructures, a move called fixed-mobile convergence (FMC). In this tip, Ed Skoudis explains. the security implications of such a combination.Continue Reading

• Should a rise in text message spam be expected?

  According to a Ferris Research study, consumers this year are expected to receive a total of about 1 billion cell phone spam messages. Yet, compared to other countries, text message spam hasn't hit the United States very hard. In this ...Continue Reading

• What are common kinds of mobile spyware?

  When it comes to mobile spyware, there are almost too many types. Luckily, in this expert Q&A, Ed Skoudis narrows down the field and reveals how to defend against browser exploits, file droppers and keystroke loggers.Continue Reading

• Can you manage smartphones and Pocket PC phones using Windows Group Policy?

  Learn how to manage this risk smartphones and other like mobile devices introduce into your network, in this network security Ask the Expert Q&A.Continue Reading

• Best practices for protecting handhelds from mobile malware

  Mobile malware such as the Cabir worm and Dust virus indicate that it's a good idea to put sound handheld security practices in place now, although antivirus software for handhelds and mobile phones may not be worth the investment.Continue Reading

• How to prevent drive corruption in the event of power failure

  In this Ask the Expert Q&A, learn how a PDA device stores data and programs. Also learn how Compact Flash cards and hard drives differ and what some are doing to prevent drive corruption in the event of power failure.Continue Reading

• The key to locking out mobile threats

  Learn how mobile devices can harm your network and what you can do to prevent exploits.Continue Reading

• PDA Security: Chapter 4, When a Handheld Becomes Information Security's Problem

  This book covers the security aspects of handhelds in the enterprise.Continue Reading

• PDA access to the intranet

  Continue Reading

• What is Web-based malicious mobile code?

  Continue Reading

• Encryption for a PDA

  Continue Reading

• Are PDAs back-door security threats?

  Find out if handhelds used by employees can cause more harm than good.Continue Reading