Last month, my wife was contacted by a phisher, mascaraing as someone from social security. This threat actor made an attempt to obtain her social security number using the threat of fraud investigation to verify her social security number. Because of my background in security, I was able to act quickly to prevent her from […]

Despite thieves regularly finding ways to boost cars by exploiting vulnerabilities in modern keyless locking systems and researchers demonstrating how attackers could fiddle with car settings, the infotainment system, the break system, the steering system, and so on, we’re yet to witness actual safety attacks that resulted in hackers disabling brakes or turning the steering wheel. One of the reasons must surely […]

The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called Cellebrite. It was actually an Australian company called Azimuth Security. Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called “the Mozart of exploit […]

COVID-19 has impacted everything over the past year, and mobile app security is no exception. The Synopsys Cybersecurity Research Center (CyRC) took an in-depth look at application security, and discovered just how vulnerable apps that use open source code really are. According to the report, 98% of apps use open source code, and 63% of those apps […]

This isn’t a case of secretive nation-state phone interception methodologies (or spying, as it is often called). It’s not a tale of cybercriminals deliberately trying to listen in to your business discussions so they can divert massive invoice payments or implant ransomware with multi-million dollar blackmail demands. That’s the good news. The bug in this case, discovered by Indian cybersecurity researcher Anand Prakash, […]

Normal day-to-day life was brought to a halt by the COVID-19 pandemic, which greatly impacted the lives of virtually all people worldwide in unprecedented fashion. As people have stayed home and isolated themselves to avoid contracting and spreading the virus, there has been increased reliance on virtual connectivity due to a sharp increase in remote […]

These special ‘research’ iPhones will come with specific, custom-built iOS software with features that ordinary iPhones don’t have. Starting today, the company will start loaning these special research iPhones to skilled and vetted researchers that meet the program’s eligibility. Source: Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters Apple Offering $1 Million Bounty If […]

A researcher has discovered a serious vulnerability in Xiaomi electric scooters. Exploiting the flaw could allow remote attacks on it causing sudden breaks. Source: Vulnerability In Xiaomi Electric Scooters Could Allow Remote Attacks IoT Security DISC InfoSec 🔒 securing the business 🔒 Cyber Security Awareness ↑ Grab this Headline Animator

Metro Bank has become the first major bank to disclose SS7 attacks against its customers, but experts believe it isn’t an isolated case. Source: Metro Bank is the first bank that disclosed SS7 attacks DISC InfoSec 🔒 securing the business 🔒 Mobile network hacking ↑ Grab this Headline Animator

Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported. Source: Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts Mobile Phone Security DISC InfoSec Store

Remotely Spying via #FaceTime. FaceTime any iOS 12.1 or later and you can remotely spy on them (audio and video) before they accept incoming call.

Excellence is achievable but perfection is not. Find an excellent anti-virus product based on your requirements.   Malware are evolving faster than ever, so it’s encourging to discover that the latest generation of antivirus (AV) are better equipped to handle this evolving pace of change. Information security best practice recommends that every PC should run […]

Personal Banking Apps study has been out,  a security researcher spent about 40 hours testing iPhone and iPad banking applications from the top 60 most influential banks in the world and his findings were totally shocking. 40 of those 60 applications were found to have major mobile security vulnerabilities, which is not something you’d expect […]

By Vanja Svajcer, SophosLabs How do you prevent it? By taking back control of your devices and their applications. Here are 10 tips for securing your mobile users and preventing mobile malware infections. 1. Inform users about mobile risks A mobile device is a computer and should be protected like one. Users must recognize that applications […]

BYOD security controls for mobility These days smart phones certainly add additional risk to Bring Your Own Device (BYOD) to office. Like it or not Bring Your Own Device is a growing trend at all scales and levels. An important thing to understand is that today’s user like and prefer to use their own devices […]

ISO 27002 control A 10.4.2 of the standard requires that mobile code execution should be restricted to an intended environment to support an authorized organization mobile code policy. What is a mobile code so let’s first start with the definition: ‘Program or a code that can execute on remote locations without any modification in the […]

For more episodes of The Mobile Security Show, visit http://techchannel.att.com/showpage.cfm?Mobile-Security-Show A discussion on Mobility Standards moves towards a rousing conversation about mobility and privacy. Originally recorded at NYU Poly on November 16, 2011. Topic: “Dealing With Exploitable Mobile Device Vulnerabilities” Hosts: Veronica Belmont – Technology Video Host Dino Dai Zovi – Information Security Professional & […]