5 mobile security threats you should take seriously in 2018

IDGNS

Mobile security is at the top of every company's worry list these days — and for good reason: Nearly all workers now routinely access corporate data from smartphones, and that means keeping sensitive info out of the wrong hands is an increasingly intricate puzzle. The stakes, suffice it to say, are higher than ever: The average cost of a corporate data breach is $21,155 per day, according to a 2016 report by the Ponemon Institute.

While it's easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate. That's thanks to both the nature of mobile malware and the inherent protections built into mobile operating systems.

The more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing in the coming year:

1. Data leakage

It may sound like a diagnosis from the robot urologist, but data leakage is widely seen as being one of the most worrisome threats to enterprise security as we head into 2018. What makes the issue especially vexing is that it often isn't nefarious by nature; rather, it's a matter of users inadvertently making ill-advised decisions about which apps are able to see and transfer their information.

"The main challenge is how to implement an app vetting process that does not overwhelm the administrator and does not frustrate the users," says Dionisio Zumerle, research director for mobile security at Gartner. He suggests turning to mobile threat defense (MTD) solutions — products like Symantec's Endpoint Protection Mobile, CheckPoint's SandBlast Mobile, and Zimperium's zIPS Protection. Such utilities scan apps for "leaky behavior," Zumerle says, and can automate the blocking of problematic processes.

Of course, even that won't always cover leakage that happens as a result of overt user error — something as simple as transferring company files onto a public cloud storage service, pasting confidential info in the wrong place, or forwarding an email to an unintended recipient. That's a challenge the healthcare industry is currently struggling to overcome: According to specialist insurance provider Beazley, "unintended disclosure" was responsible for a full 41 percent of data breaches reported by healthcare organizations in the first three quarters of 2017 — more than double the next highest cause.

For that type of leakage, data loss prevention (DLP) tools may be the most effective form of protection. Such software is designed explicitly to prevent the exposure of sensitive information, including in accidental scenarios.

2. Social engineering

The tried-and-true tactic of trickery is just as troubling on the mobile front as it is on desktops. Despite the ease with which one would think social engineeringcons could be avoided, they remain astonishingly effective.

A staggering 90 percent of data breaches observed by Verizon's Enterprise Solutions division are the result of phishing, according to the company's 2017 Data Breach Investigations Report. While only 7 percent of users fall for phishing attempts, Verizon says, those gullible guys and gals tend to be repeat offenders: The company estimates that in a typical organization, 15 percent of users who are successfully phished will be phished at least one more time within the same year.

What's more, numerous bits of research suggest users are more vulnerable to phishing from mobile devices than desktops — by as much as three times, according to an IBM study, in part because a phone is where people are most likely to first see a message. "We do see a general rise in mobile susceptibility driven by increases in mobile computing overall [and] the continued growth of BYOD work environments," says John "Lex" Robinson, information security and anti-phishing strategist at PhishMe — a firm that uses real-world simulations to train workers on recognizing and responding to phishing attempts.

Robinson notes that the line between work and personal computing is also continuing to blur. More and more workers are viewing multiple inboxes — connected to a combination of work and personal accounts — together on a smartphone, he notes, and almost everyone conducts some sort of personal business online during the workday. Consequently, the notion of receiving what appears to be a personal email alongside work-related messages doesn't seem at all unusual on the surface, even if it may in fact be a ruse.

3. Wi-Fi interference

A mobile device is only as secure as the network through which it's transmitting data. In an era where we're all constantly connecting to public Wi-Fi networks, that means our info often isn't as secure as we might assume.

Just how significant of a concern is this? According to new research being released by enterprise security firm Wandera this week, corporate mobile devices use Wi-Fi almost three times as much as they use cellular data. Nearly a quarter of devices have connected to open and potentially insecure Wi-Fi networks, and 4 percent of devices have encountered a man-in-the-middle attack — in which someone maliciously intercepts communication between two parties — within the most recent month.

"These days, it's not difficult to encrypt traffic," says Kevin Du, a computer science professor at Syracuse University who specializes in smartphone security. "If you don't have a VPN, you're leaving a lot of doors on your perimeters open."

Selecting the right enterprise-class VPN, however, isn't so easy. As with most security-related considerations, a tradeoff is almost always required. "The delivery of VPNs needs to be smarter with mobile devices, as minimizing the consumption of resources — mainly battery —  is paramount," Gartner's Zumerle points out. An effective VPN should know to activate only when absolutely necessary, he says, not when a user is accessing a news site, for instance, or when a user is working within an app that's known to be trustworthy and secure.

4. Out-of-date devices

Smartphones, tablets and smaller connected devices — commonly known as the internet of things (IoT) — pose a new risk to enterprise security in that unlike traditional work devices, they generally don't come with guarantees of timely and ongoing software updates. This is true particularly on the Android front, where the vast majority of manufacturers are embarrassingly ineffective at keeping their products up to date — both with operating system (OS) updates and the smaller monthly security patches between them — as well as with IoT devices, many of which aren't even designed to get updates in the first place.

"Many of them don't even have a patching mechanism built in, and that's becoming more and more of a threat these days," Du says.

Again, a strong policy goes a long way. There are Android devices that do receive timely and reliable ongoing updates. Until the IoT landscape becomes less of a wild west, it falls upon a company to create its own security net around them.

5. Physical device breaches

Last but not least is something that seems silly but remains a disturbingly realistic threat: A lost or unattended device can be a major security risk, especially if it doesn't have a strong PIN or password and full data encryption.

Consider the following: In a 2016 Ponemon Institute study, 35 percent of professionals indicated their work devices had no mandated measures in place to secure accessible corporate data. Worse yet, nearly half of those surveyed said they had no password, PIN, or biometric security guarding their devices — and about two-thirds said they didn't use encryption. Sixty-eight percent of respondents indicated they sometimes shared passwords across personal and work accounts accessed via their mobile devices.

The take-home message is simple: Leaving the responsibility in users' hands isn't enough. Don't make assumptions; make policies. You'll thank yourself later.

via CSO

Read more »

Xafecopy Trojan Will Steal Money From Your Mobile, protect your phone now!

Xafecopy Torjan is a new malware reported by cyber security firm, Kaspersky. As per the report, a new Malware is hitting the technology world which is stealing money from your smartphone. Xafecopy Trojan malware is spreading slowly over the world starting from India. As per the report, over 40% of malware target was found in India. Since, India is becoming more advance with technology, people are more into digital payment services. For that reason, hackers are moving on to this country.

As per the official report by Kaspersky, “Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money through victims’ mobile accounts without their knowledge.”

This new malware runs secretly on your device and steal data from your device. The trojan puts and runs its secret codes to your phone without your knowledge and this way it fetches the information from your device. This trojan runs normally on the device and hence no one will understand what’s actually going on inside your mobile phone. You will not be able to see any such codes with bare eyes.

This code runs and activate through various applications which most of the Android and iOS users are using. Applications like BatteryMaster, ES File Explorer and all the other apps which contains advertises runs these malicious codes. Once the app is activated, the codes will itself starts working on your mobile phone.

This malware clicks different webpages on your mobile phone through Wireless Application Protocol billing. After filling up the form, the code silently subscribes you to various services. This process works super smoothly without any registration or sign up process. You don’t have to put the credit card or debit card details into the forms still it will subscribe for various services without your permission and knowledge.

As we all know, most of the services have captcha codes for the final confirmation of your action. But this malware replaces the captcha code with normal texts and this way it can easily get confirmation and bypass the entire procedure itself. Captcha codes are there to fill the forms and confirmation manually so no robots or autobots can harm your information. But this malware is something to hit the right bone of all the users.

Furthermore, the report says, “Xafecopy hit more than 4,800 users in 47 countries within the space of a month, with 37.5 per cent of the attacks detected and blocked by Kaspersky Lab products targeting India, followed by Russia, Turkey and Mexico.”

Kaspersky Lab Senior Malware Analyst Roman Unuchek said, “Our research suggests WAP billing attacks are on the rise. Xafecopy’s attacks targeted countries where this payment method is popular. The malware has also been detected with different modifications, such as the ability to text messages from a mobile device to premium-rate phone numbers, and to delete incoming text messages to hide alerts from mobile network operators about stolen money.”

In order to prevent yourself from such unwanted and harmful malware attacks to stop them stealing your money, make sure you have a proper security set in your Android device. Stop downloading and installing unwanted third party applications as hackers and attackers are trying to spread this virus or we can say malware with the help of such third party applications which are not permitted by Google. If you are using an Android smartphone, it is better for you to protect your smartphone with Google Play Protect which is a free security service available on all the Android smartphone. The security app has over 1 Billion active users as per the reports.

As a security advice, “It is best not to trust third-party apps, and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices.”

via techbulletin

Read more »

Protect your PC: Ransomware attack increases by two fold in 2017

For various PC problems, we recommend to use this tool.

This tool will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Quickly fix PC issues and prevent others from happening with this software:

1. Download now(100% safe download).
2. Click “Start Scan” to find Windows issues that could be causing PC problems.
3. Click “Repair All” to fix all issues (requires upgrade).

Ransomware is undoubtedly getting a lot of attention these days especially after wide spread WannaCry episode. For the uninitiated, the ransomware is a piece of code that encrypts the files on your computer and demands a ransom to give away the decryption code. Yes, we have seen a variety of Ransomware plaguing the machines and invariably organisations and enterprises figure out on the top of the list.

As per a mid-year cyber attack, trends report from security analyst company CheckPoint the percentage of ransomware has doubled in the first half of this year as opposed to 2016. Furthermore, the report finds that 23.5 percent of the organisations were affected by the RoughTed malvertising campaign while 19.7 percent of the organisations were affected by the Fireball malware during the same time frame.

The report further sheds light on how the attackers are devising new methods to exploit Microsoft Office, in fact, we recently reported on how attackers were using PowerPoint files to gain access to the machine. The attackers are also introducing new methods to offload the malware and this will not require the user to open a backdoor for the attackers. The ransomware is also being disguised such that the anti virus/malware protection suite find it difficult to detect.

RECOMMENDED: Click here to fix common PC issues and speed up your system

The report also mentions the cascading effects of “nation-state level malware” which is usually aimed for the masses and it can virtually hunt anyone instead of specified targets. Such attacks can be prevented by using the available solutions like network micro-segmentation, threat emulation and endpoint security. In fact, it is for this very reason that security solutions from company’s like BitDefender include ransomware protection.

The worst part, however, is that the Mobile malware developers are also actively developing malware. They usually use these malicious codes to control any activity on the device and also create a one-stop attack in order to fraud, steal information and also disrupt apps. The graph above represents the percentage of enterprises/organisations that were affected by the malware.

RELATED STORIES YOU NEED TO CHECK OUT:

• Windows 10 virus removal tools to vanquish malware for good
• Protect your PC from ransomware and malware with Windows Defender’s new Controlled Folder Access
• 5 best malware tracker maps to see security attacks happen in real-time

Read more »

Check if you were hit by the massive 'Avalanche' cybercrime ring

SAN FRANCISCO — The U.S. government has posted links for free scanning programs so companies and individuals can check their computers to make sure they weren't victims of a massive, international cyber criminal operation that was taken down Thursday after a four-year investigation.

“This is probably the biggest operation that law enforcement has ever done against cyber crime,” said Catalin Cosoi, chief security strategist with BitDefender, one of the dozens of companies worldwide that worked with law enforcement to attack the group.

The U.S. Computer Emergency Readiness Team (US_CERT) has posted links to five scanners on its site. Europol has also posted a list of sites in multiple languages for potentially infected users. The malware only affects systems running the Microsoft Windows operating system, according to US-CERT.

The Department of Homeland Security’s National Cybersecurity and Communications Integration Center, which includes US-CERT, will be providing victim notification to stakeholders, including Internet Service Providers, DHS said in a statement.

Known as "Avalanche," the group had been active since 2009, according to the FBI and Europol, the European law enforcement agency. It was effectively a criminal company that sold and rented cloud-hosted software to other criminals who used it to take over systems, infect networks, launch ransomware or create enormous robot networks (botnets) to send spam.

Avalanche networks were also used to launch targeted attacks against banks and to recruit people to illegally transfer stolen money between countries, known as money mules.

"They sent more than one million e-mails with damaging attachments or links every week to unsuspecting victims," and involved as many as 500,000 infected computers worldwide on a daily basis, Europol said in a release.

“They would do whatever you wanted. You just had to call them, say ‘I need command and control service,’ or ‘I need to infect this type of people or this type of business,’ and they’d do it,” said Cosoi.

The investigation originally began in Germany in 2012 after prosecutors there detected a ransomware operation that blocked access to a substantial number of computer systems and allowed the criminals to do bank transfers from the victims' accounts.

As authorities became aware of the scope and reach of the criminal organization, the effort to shut it down ended up involving prosecutors and investigators in 30 countries.

Law enforcement takedown

On Wednesday, law enforcement launched a concerted action against the Avalanche group. It resulted in five arrests, the search of 37 premises and seizure of 39 servers. In addition, over 800,000 Internet domains, or addresses, were seized to block the criminals access to their customers.

Now that the operation has been taken down, the next crucial stage is for infected individuals and companies to check to make sure that their computers do not have Avalanche malware on them.

“Companies and consumers should take this opportunity to scan their systems for the different families of malware that the Avalanche botnet distributed,” said ESET senior security researcher, Stephen Cobb.

Multiple companies worldwide have written tools to run this scan.

As Europol said on its website, "computer users should note that this law enforcement action will NOT clean malware off any infected computers — it will merely deny the Avalanche users’ ability to communicate with infected victims’ computers. Avalanche victims’ computers will still be infected, but shielded from criminal control."

While the effort was hailed in the cyber security world as a major coup against cyber crime, the differential between how fast international cybercrime networks proliferate and how quickly international law enforcement can act is troubling.

“It does give some reason for concern that our anti-cybercrime efforts still can't match the speed and dexterity that cyber criminals use for their own efforts," said Nathan Wenzler, principal security architect at AsTech Consulting, a San Francisco-based security consulting company.

Unfortunately, while he believes that dismantling the Avalanche network will certainly show some short-term gains, he expects the cyber criminals will be "back up and running in short order.”

Read more »

Mcommerce fraud rate higher on Android devices

Mobile commerce fraud rate is higher on Android devices, a recent report points out.

According to data from Kount, a provider of fraud detection technology, instances of fraud on Android devices was 44% higher than on iOS devices in 2014. The same source mentions that until 2013, fraud on iOS devices was more frequent than on Android, but currently, this has significantly changed.

Findings indicate that Android’s US platform share has increased substantially since 2013. Android’s US platform share increased from 51.5% in June 2013 to 66.1% in June 2015, according to Kantar Worldpanel, while iOS's share declined from 42.5% to 30.5% during the same period. Fraud likely occurs on Android more often than iOS because there are now more Android devices.

The report has also unveiled that mobile fraud will intensify compared to online and in-store. Research shows that merchants have a blind spot when it comes to mobile. In 2014, the share of organizations that believed mobile was far riskier than other forms of commerce was only 15%, and most see it as “just as risky” or “less risky” than standard commerce. A prevailing belief that mobile behaves similarly to other channels could reduce a sense of urgency among merchants to tighten their mobile security, which could invite further fraud.

The study mentioned that fraud moves to the weakest channel. As in-store security tightens, fraud is moving online, and mobile is quickly emerging as the new target. Mobile fraud increased 81% between 2011 and 2015 to date. Meanwhile, non-mobile fraud decreased 50% from 2011 to 2014, and an additional 50% in the first six months of 2015. Increased EMV penetration and digital identity verification will continue to push fraud out of the stores and onto digital channels, of which mobile is the most vulnerable.

via paypers

Read more »