This month is National Cyber Security Awareness Month. Each week within October will take on adifferent theme, with this week's being 'Mobile'. So, with that in mind, we thought we'd prepare some tips to help keep your smartphone safe.
Top 5 threat protection best practices
Trend Micro predicts that there may be as many as a million Android malware threats by the end of the 2014. What's going on here? Make no mistake about it, there are REAL ANDROID MALWARE PROBLEMS. (Credit: Juniper Networks) Part of it is that Android is being targeted because it's extremely popular. The research company Canalys found that Android is running on 59.5 percent of all smart mobile devices that were shipped in the first quarter of 2013.
YES, YOUR SMARTPHONE CAMERA CAN BE USED TO SPY ON YOU...
Yes, smartphone cameras can be used to spy on you - if you're not careful. A researcher claims to have written an Android app that takes photos and videos using a smartphone camera, even while the screen is turned off - a pretty handy tool for a spy or a creepy stalker.
Free Security Scans - Find threats your antivirus missed
Malware is complex, seemingly everywhere and is often difficult to stop. It knows how to find your data,even on your mobile device and Mac. You can't ignore your the safety of your devices any longer: you need to recognize and stop these threats before they do MORE harm.
MALWARE ATTACKS ON ANDROID DEVICES SEE 600% INCREASE IN 2016 / 2017
Malware targeting the Android platform is exploding, with a 600 percent increase in just the past 12 months. That statistic is among the findings of a new study--Mobile Security Threat Report--unveiled last week at the Mobile World Congress in Barcelona, Spain.
Check Pointsaid that LightsOut could override user settings to disable the ads, and some users still saw the ads even after they paid for a supposedly ad-free version of the infected app.
Fortunately, Google removed the malicious apps as soon as it was informed by Trend Micro. These apps have become ubiquitous with Android and if you're looking for ...
Overcoming this situation is not easy - home users need to have a certain level of assurance before installing anything on any of their devices and not all independent review sites are completely honest these days either.
Covington said there appears to be no sign of a slowdown of mobile malware, which has a 100 percent increase year after year. For instance, an app that was in the top ten apps previous week will not be seen in the top ten this week. According to Padon, malware downloads on Google Play more than doubled between 2016 and 2017, and he encourages consumers to download security software for their devices.
Google booted a number of apps from its online store that fooled people into believing they were helpful services, like flashlights and call recording apps, while spreading malware.
A report says hundreds of Android games are quietly tracking users' TV habits by turning on the microphone.
Cybersecurity company Check Point Software revealed the findings on Friday after discovering the fraudulent apps in November and notifying Google (goog), which promptly removed the software from the Google Play store, said Check Point security researcher Daniel Padon.
The malware, dubbed "LightsOut", was hidden in 22 different apps to secretly generate ad revenue for its developers by constantly bombarding users with pop-up ads that forced a person to click them before they could continue using the device.
In what could be among the most intelligently-designed malicious apps, as many as 36 such apps on the Google Play Store were found harvesting sensitive user data, sending them to remote servers and aggressively pushing advertisements to user devices as part of a click fraud campaign, while performing the usual functions expected from mobile security apps. Do a quick Internet search about the developer as well as the app name to ensure they are safe to use.
Digital thieves have a playbook for stealing your sensitive data. A software security firm spells it out.
Avira, a company that provides antivirus and Internet security software, has published a concise but informative 5 step guide to mobile theft explaining the how and why of malware getting inside your mobile device.
The five-step strategy is pretty simple but effective, according to Avira.
Effective because, one, some malicious software slips by filters at reputable online stores and, two, people are always looking for free stuff, Alexander Vukcevic, head of virus lab for Avira, told Fox News.
“Users rely on the quality assurance provided by store operators, and many users try to access and deploy popular apps through alternative stores without paying anything,” He said. “This…is used by many malware authors to infect mobile phones.”
Step 1: The plan. The bad guys identify vulnerabilities then develop exploits. If they don’t have the skills, they hire a bounty hunter on the black market. Bounty hunters sometimes work with exploit brokers. The broker gets paid because organizations will pay to find and stop the hack.
Step 2: The gear. Infected websites and malicious apps are the gear used to install malware on victims' phones.
Step 3: The inside man. Once downloaded to your phone, the bad guy tries to gain root access to the phone. “If this fails, they generate a fake update notification — clicking on the notification grants them the ability to display ads and download apps at will. Banditos can even change the phone’s IMEI number to increase the number of ads they can display,” according to Avira.
IMEI, which stands for International Mobile Equipment Identity, is a unique number used to identify phones.
Step 4: The heist. They sit back wait until the money starts flowing in.
Step 5: the getaway. The cybercriminals have gotten inside and left malicious code behind. But the malware is often “difficult to dislodge,” says Avira.
HummingBad -- and its derivatives -- is a good real-world example, according to Avira. The booby-trapped app is incredibly devious because it’s often supported by fake reviews and four-star ratings.
“These apps can look pretty good. People have found them in the official Google Play store or, more commonly, from the off-market sites,” Avira said. Off-market sites offer, for example, Android apps that may not be available in the Google Play store. The apps on these sites are often free.
However, if users access a malicious app it immediately tries to get root access to the phone, which allows it to do pretty much anything. “If that fails, it tries to get the user to click on a bogus ‘System Update’ notification," according to Avira.
And it can be very profitable. “Each click, every install on the infected device means more money for the bad guys – an estimated $300,000 monthly,” Avira said, referring to HummingBad.
The fix can be extreme. “To remove this malware, the most common solution is a wipeout for the device owner, as it usually requires a complete reset of the device, wiping out all apps, settings, and saved files,” says Avira.
There are 2 primary methods to hack passwords: Brute Force and Password Guessing. Of the 2, believe it or not, it is easier to guess someone’s password than to try every combination of letters, numbers and symbols. In a brute force attack, password attempts would progress from: a, b, c; to aa, ab, ac; to aaa, aab, aac; and so on.
The core question is not, “Can my password be hacked?”, but rather “How long would it take?”. That’s where password entropy comes into play for our (the user’s) benefit. Loosely defined, entropy is disorder. Since a brute force attack is a very orderly attack, the more disorder you have in your password = better.
Numbers Game With 5 lower case characters, an online attack would get your password right in an average of 1 hour, 21 minutes. However, by introducing say a capital letter, a number, and a special character, that time rises to around 1.5 months.
With 7 lower case characters, a brute force attack would consume ~3.2 months, but if you introduce those other random characters, it rockets up to an average of 11 centuries! Taking it even further, at 8 characters the online crack time goes to 1,000 centuries which is effectively long enough to be considered near impossible under current computing capabilities.
That said, if the hacker is able to do an offline, or massive cracking array scenario, the password can again be deduced in a matter of hours. As such, even though the typical minimum / safe password length is 8 characters, what you use as your password matters even more.
Simplicity Opens the Door Every attempt to get your password will begin with guessing. According to a released “hack file” of 5 million passwords, we know what the most common passwords are, so hackers will start there.
With the release of the iPhone 8 and iPhone X, a lot of tech nerds, collectors and Apple cultists are upgrading ASAP. Whether they’re interested in the iPhone X’s edge-to-edge display, the iPhone 8’s snappy new a11 chip or simply to enjoy the tingling feeling they’ll get when someone sees they have the latest and greatest from Apple, they’re making sure they’re the first to get their hands on it. Ain’t nothin’ wrong with any of that.
But not everyone will be looking to upgrade. Some critics don’t see a large enough difference between the 7 and 8 to care, and others don’t see the justification of dropping a thousand buckaroos to cop the X. Trust me, I get it.
Just because you’re not looking to make the leap and upgrade yet doesn’t mean your current phone is trash. In fact, there’s a lot you could be doing to make sure you’re squeezing every ounce of sauce out of your old iPhone.
1. Disable Push Notifications
Power Clean
When you get push notifications delivered to your phone — from apps, game updates, the stock market, news, weather, emails, etc. — it makes your phone light up. It might not sound like that big a deal, but every email, every text message, every snap, every fucking Groupon deal (seriously Groupon, cut the shit), means energy is getting drained from your battery — even when you’re not using it.
If you go to Settings > Notifications, you can control exactly which apps have the ability to send you push notifications. Turn off the non-essentials, and keep as much of your battery life as possible.
2. Take a Look at Your Hard Drive Space
Your apps use a lot of space on your phone. And the “bulkier” and more bloated those apps become, they not only take up more physical storage on your hard drive, but they also take up more RAM and gum everything up. Some podcast apps save entire podcasts, even after you’re finished listening to them. Photo apps like Instagram will save duplicate photos to your Camera Roll, even if you don’t post the photo. Even Tinder takes increasingly more hard drive space with every match you get and conversation you start. Don’t even get me started on those bloated-ass games we all play for a week and then forget about. Of course, every single text message you send and receive is also stored on your iPhone’s hard drive.
All that crap takes up hard drive space and processing power that’s slowing your phone down and it’s all worth having a look at — and, potentially, deleting. Settings>General>iPhone Storage.
3. Disable Unnecessary Location Services
One of the coolest (and creepiest) features of your iPhone (and most smart phones, these days) is that it is always keeping tabs on where you are. Whether it’s to use the phone’s Find My Phone or Compass features, or whether it’s to grab a Lyft home from the bar, your phone always knows where you are. The problem is that certain apps request access to your location even when they’re not in direct use, and the more apps you have doing that at the same time, the more battery you’re going to use.
If you go to Settings > Privacy > Location Services, you can turn Location Services off completely, or you can go through each individual app on your phone and decide whether or not you want it to have access to your location. Some apps, like Uber, require users to have location services on at all times (regardless of whether they’re looking for a ride), while others, like Lyft, only require users’ locations when they’re actually using the app.
4. Give It a Makeover
Most of the stuff listed here are easy things you could do to make your older iPhone run and operate like new again, so I wanted to include at least one little bit about what you can do to make it appear different. The obvious answer is to buy a new case. Even though the 8 and X are out hogging the spotlight, developers are still putting out some pretty wild and creative cases for the older models. You can also fiddle with your background and lock images, give it a good cleaning, etc. Take pride in your stuff.
5. Turn off That Bullshit Background App Refresh
Your apps are always refreshing themselves in order to update the content in your respective feed. The idea is that when you launch them, you’re getting the most recent information. It sounds great in theory, but in practice, it means that some of these apps — Facebook, in particular — suck up a lot of battery in the background. If you notice your phone’s battery is getting weaker from prolonged use and charging periods (a side effect for every Lithium-ion battery, by the way), turning off Background App Refresh (Settings > General > Background App Refresh) will help ensure that apps are only consuming your precious battery life when you’re actually using them.
6. Close All Non-Essential Apps
This is an old one, but it’s still good as gold. If you were to look at how many apps are open on your phone right now, I bet you’d be shocked and perhaps even a little horrified at what you’d find. I did it just for the sake of proving my own point just now and found 42 apps open. Forty-fucking-two. Every single one of those apps is running in the background, sucking up tons of valuable battery life. Double tap Home to bring up the multi-tasking view, and then just swipe up on every app you want to exit. It’s that simple.
7. Lower Your Brightness
Apple iOS
Of course, there’s always the old “lower your brightness” trick. If you’re trying to conserve as much battery as possible, there’s absolutely zero reason to keep your screen brightness maxed out. The simple answer is: be smart. If you’re editing photos or reading an article, obviously up the brightness. But, when you’re done and don’t really need to use your home screen as a flashlight, toggle it down a bit. I keep my brightness at around 25% and I’ve never had a single problem with it.
8. Clear Your Safari Cache
Your Safari browser stores every single pieces of information you access from your phone on your phone’s hard drive. On one obvious end of the spectrum it’s convenient because pages will sometimes load faster, logins to your favorite sites are saved and your overall experience is generally pretty smooth. But when your phone gets to a point where it’s simply storing too much web data, it can make it things run sluggishly — particularly while web browsing. Sometimes you have to clear your history and free up the pipes a little bit. You can do that by going to Settings > Safari > Clear History and Website Data. You’ll have to log back into all your favorite sites, but you’ll see an immediate difference.
9. Give It a Soft Reset
I’ll be the first person to tell you that technology can be a big pain in the ass a lot of the time. While we’re seeing new advancements every day, nothing is perfect — including the iPhone. Sometimes your phone will get caught up; certain apps won’t work right, things get buggy, apps stop responding completely, text functions don’t work, etc. Anything could go wrong at any time. If your iPhone is acting up and giving you grief, a soft reset will usually do the trick.
All you have to do is hold down the home and sleep buttonssimultaneously until the white Apple logo appears. It won’t delete any of your data and won’t revert back to factory settings, but it will completely reboot the phone, close out all apps and fire back up with a clean slate. A lot of the time, it’s exactly what the doctor ordered.
10. There’s an App for That
Power Clean
Of course, if all of that stuff sounds too good to be true (or too difficult for the not-so-technologically savvy out there), there are a ton of apps to help you get the most out of your phone. Apps like Power Clean-Remove, Battery Doctor and Battery Saver are just a few of the most popular apps out there.
Data aggregated from global operators indicates 60% of suspicious domains are linked to phishing
Thursday, November 2nd, 2017
EDISON, New Jersey, Nov. 2, 2017 /PRNewswire/ Korea IT Times--
Flash Networks, the leading provider of mobile Internet optimization, security, and engagement solutions, today published new market data highlighting the vulnerability of mobile users to ID theft via phishing attacks. Alarmingly, data collected from global operators shows that more than 10% of users are exposed to phishing attempts. Mobile subscribers are being exposed to increasing risk as the volume and sophistication of attacks escalate.
Data from mobile operator deployments reveal that:
3% of all domains visited are classified as suspicious
60% of suspicious domains are linked to phishing
The percentage of mobile users exposed to phishing attempts is increasing, with 10% of subscribers visiting suspicious domains at least once a month
Threats are dynamic in terms of intensity, location, and time. While massive phishing attempts may occur at one location, a dramatic shift in the target demographics of phishing attempts may be seen elsewhere at a different time.
"A single click taking an unsuspecting mobile user to a fake website can quickly lead to identity theft," said Dror Shlomo, VP Product at Flash Networks. "Through deep inspection of network traffic, xtraArmor provides subscribers with the strongest possible protection against threats such as viruses, malware, spyware, and phishing before the traffic is delivered to the subscribers' devices."
Flash Networks xtraArmor is a clientless solution for detecting and preventing threats aimed at mobile devices. xtraArmor is powered by industry-leading security technology from Symantec. Integrating seamlessly with mobile operators' networks, the virtualized solution enables operators to protect subscribers and devices from advanced phishing, viruses, malware, spyware, ransomware, and other threats. Using multi-layered detection technologies, such as advanced heuristics, machine learning, and behavior analysis, xtraArmor detects malicious traffic, generates alerts, and prevents such traffic from reaching mobile devices.
About Flash Networks
Flash Networks is a leading provider of virtual optimization, security and engagement solutions that enable operators to improve RAN spectral efficiency, boost network speed, optimize video and web traffic, generate over-the-top revenues and secure the mobile Internet for subscribers and devices.
With offices in North America, Europe, Latin America, and Asia, Flash Networks services hundreds of millions of subscribers daily at leading global carriers. For more information, visit http://www.flashnetworks.com.
Ransomware ravaged Windows, but attacks on Android, Linux and MacOS systems also increased in 2017
Just two strains of ransomware were responsible for 89.5 percent of all attacks intercepted on Sophos customer computers worldwide
OXFORD, U.K. – Nov. 2, 2017 – Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced its SophosLabs 2018 Malware Forecast, a report that recaps ransomware and other cybersecurity trends based on data collected from Sophos customer computers worldwide during April 1 to Oct. 3, 2017. One key finding shows that while ransomware predominately attacked Windows systems in the last six months, Android, Linux and MacOS platforms were not immune.
“Ransomware has become platform-agnostic. Ransomware mostly targets Windows computers, but this year, SophosLabs saw an increased amount of crypto-attacks on different devices and operating systems used by our customers worldwide,” said Dorka Palotay, SophosLabs security researcher and contributor to the ransomware analysis in the SophosLabs 2018 Malware Forecast.
The report also tracks ransomware growth patterns, indicating that WannaCry, unleashed in May 2017, was the number one ransomware intercepted from customer computers, dethroning longtime ransomware leader Cerber, which first appeared in early 2016. WannaCry accounted for 45.3 percent of all ransomware tracked through SophosLabs with Cerber accounting for 44.2 percent.
“For the first time we saw ransomware with worm-like characteristics, which contributed to the rapid expansion of WannaCry. This ransomware took advantage of a known Windows vulnerability to infect and spread to computers, making it hard to control,” said Palotay. “Even though our customers are protected against it and WannaCry has tapered off, we still see the threat because of its inherent nature to keep scanning and attacking computers. We’re expecting cyber criminals to build upon this ability to replicate seen in WannaCry and NotPetya, and this is already evident with Bad Rabbit ransomware, which shows many similarities to NotPetya.”
The SophosLabs 2018 Malware Forecast reports on the acute rise and fall of NotPetya, ransomware that wreaked havoc in June 2017. NotPetya was initially distributed through a Ukranian accounting software package, limiting its geographic impact. It was able to spread via the EternalBlue exploit, just like WannaCry, but because WannaCry had already infected most exposed machines there were few left unpatched and vulnerable. The motive behind NotPetya is still unclear because there were many missteps, cracks and faults with this attack. For instance, the email account that victims needed to contact attackers didn’t work and victims could not decrypt and recover their data, according to Palotay.
“NotPetya spiked fast and furiously, and did hurt businesses because it permanently destroyed data on the computers it hit. Luckily, NotPetya stopped almost as fast as it started,” said Palotay. “We suspect the cyber criminals were experimenting or their goal was not ransomware, but something more destructive like a data wiper. Regardless of intention, Sophos strongly advises against paying for ransomware and recommends best practicesinstead, including backing up data and keeping patches up to date.”
Cerber, sold as a ransomware kit on the Dark Web, remains a dangerous threat. The creators of Cerber continuously update the code and they charge a percentage of the ransom that the “middle-men” attackers receive from victims. Regular new features make Cerber not only an effective attack tool, but perennially available to cyber criminals. “This Dark Web business model is unfortunately working and similar to a legitimate company is likely funding the ongoing development of Cerber. We can assume the profits are motivating the authors to maintain the code,” said Palotay.
Android ransomware is also attracting cyber criminals. According to SophosLabs analysis, the number of attacks on Sophos customers using Android devices increased almost every month in 2017.
“In September alone, 30.4 percent of malicious Android malware processed by SophosLabs was ransomware. We’re expecting this to jump to approximately 45 percent in October,”said Rowland Yu, a SophosLabs security researcher and contributor to the SophosLabs 2018 Malware Forecast. “One reason we believe ransomware on Android is taking off is because it’s an easy way for cyber criminals to make money instead of stealing contacts and SMS, popping ups ads or bank phishing which requires sophisticated hacking techniques. It’s important to note that Android ransomware is mainly discovered in non-Google Play markets – another reason for users to be very cautious about where and what kinds of apps they download.”
The SophosLabs report further indicates two types of Android attack methods emerged: locking the phone without encrypting data, and locking the phone while encrypting the data. Most ransomware on Android doesn’t encrypt user data, but the sheer act of locking a screen in exchange for money is enough to cause people grief, especially considering how many times in a single day information is accessed on a personal device.“Sophos recommends backing up phones on a regular schedule, similar to a computer, to preserve data and avoid paying ransom just to regain access. We expect ransomware for Android to continue to increase and dominate as the leading type of malware on this mobile platform in the coming year,” said Yu.
For access to the full SophosLabs 2018 Malware Forecast and Ransomware Infographic, go to here.
The ubiquity of mobile devices leaves organizations open to new risks, new vulnerabilities and new threats. Mobile security best practices for the enterprise need to start with a comprehensive analysis of the risks—which can come from unexpected new directions.
The new Spectrum of Mobile Risk report from Lookout lays out how enterprises should approach risk assessment in the mobile world. Using the Mobile Risk Matrix, enterprise security leaders can easily assess the risks to the mobile apps, devices, networks and content within their enterprise—the vectors through which enterprise data can be exposed to risk.
Let’s take a closer look at some examples in the Spectrum of Mobile Risk.
Network-Based Risks
Network-based attacks are a real problem. Lookout found that almost 1% of enterprise devices encountered a network-based threat, such as a man-in-the-middle (MITM) attack, in the past year. That may not sound like a big number, but if you have more than 100 employees using devices, it means it’s likely that your company will be subject to a MITM attack.
App-Based Risks
Similarly, employees may install apps that access more information than they realize. In order to enable an app to function, app developers often ask for a wide range permissions on the device, accessing and sometimes transmitting data including photos, documents, contact lists and messages. Often, such access may not be compliant with the enterprise’s risk policies as it pertains to sensitive enterprise data.
Lookout has a unique view into the mobile ecosystem because of the over 100 million devices from which we are able to collect security data. Lookout has obtained and analyzed over 40 million unique mobile applications and acquires up to 90,000 apps every day.
Looking at this data, we determined that 30% of iOS devices used in the enterprise contain apps that have the ability to read contact information on the device. Seventy-five percent of apps have access to the camera, and 43 percent have access to Facebook. Data left unprotected in this way could cause headaches for internal security and compliance teams.
Device-Based Risks
Once an attacker compromises a device, he can get access to any app or other piece of data, encrypted or not. For example, an exploit such as the highly sophisticated, targeted threat Pegasus had device-level access and was able to see all activity on the infected phone and siphon off large quantities of valuable and sensitive information. Pegasus waited until the apps eventually decrypted data in order to display it to the end user.
Attackers who are able to compromise the device are also able to achieve much stealthier spying operations. Because malicious apps often do not have the same permissions as a device-level attack, they sometimes set off alerts on the phone when accessing the camera, microphone or other elements. With a device compromise, an attacker can silently manipulate the smartphone without any indication to the user that something is wrong.
Phishing attacks are one of the main ways attackers are able gain entry into the enterprise. By coordinating any of the above vectors, an attacker could gain enough information to impersonate an employee and gain deeper access into a system. Phishing campaigns executed via SMS messages are an example of a web and content threat.
Using the Spectrum of Mobile Risk & Mobile Risk Matrix to Protect Your Business
The risks are real. So how can enterprises respond effectively? We recommend conducting a matrixed analysis of the risks your enterprise actually faces.
First, consider the Mobile Risk Matrix, specifically the threats, vulnerabilities and risky behaviors and configurations within each vector. These components of risk, matrixed with the threat vectors, allow you to conduct a more complete and nuanced analysis of your enterprise risk profile.
For example, Lookout analysis of anonymized customer data reveals that over the course of two quarters, 47-out-of-1,000 Android devices in the enterprise encountered app-based threats, or malicious apps that could steal data, take over devices or give access to attackers. That’s an app-based threat; if you allow employees to use Android devices and they have free rein to install apps, your organization needs to be aware of this risk and take steps to mitigate it.
In our next blog post, we’ll discuss how enterprises can address the Spectrum of Risk through a comprehensive approach using both mobile management and threat defense tools to find and remediate threats as they happen. For more information and additional details on each component of the matrix, download our free, one-page Mobile Risk Matrix.
As chief product officer at Lookout, Santosh Krishnan oversees all Lookout’s predictive security solutions that protect individuals and enterprises alike from mobile attacks. Santosh is responsible for the ongoing development of Lookout Mobile Endpoint Security, providing enterprises with comprehensive risk management across iOS and Android devices to protect against app, network and device-based threats while providing visibility and control over data leakage. With a background in both product management and venture capital innovation, he and his team focus on how to protect against current security threats, while creating security to better prepare for the future.
As chief product officer at Lookout, Santosh Krishnan oversees all Lookout’s predictive security solutions that protect individuals and enterprises alike from mobile attacks. Santosh is responsible for the ongoing development of Lookout Mobile Endpoint Security, providing enterprises with comprehensive risk management across iOS and Android devices to protect against app, network and device-based threats while providing visibility and control over data leakage. With a background in both product management and venture capital innovation, he and his team focus on how to protect against current security threats, while creating security to better prepare for the future.
