Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2014-11-25 16:04:29 |
Has Your Android Device Been Fakedebuggered? (lien direct) |
The post Has Your Android Device Been Fakedebuggered? |
|
|
|
|
2014-11-21 19:21:32 |
(Déjà vu) Mobile Security Weekly: Android mRATs, Paid Apps Hacked, Whatsapp Talks Privacy (lien direct) |
The post Mobile Security Weekly: Android mRATs, Paid Apps Hacked, Whatsapp Talks Privacy |
|
|
|
|
2014-11-21 16:39:53 |
A Look Ahead: Mobile Security Predictions for 2015 (lien direct) |
The post A Look Ahead: Mobile Security Predictions for 2015 |
|
|
|
|
2014-11-20 17:34:49 |
New Miercom Report on Zero Day and APT Malware Catch Rates – Check Point Outperforms the Competition (lien direct) |
If you protect your network with something other than Check Point, you may not be as protected as you thought. A new report just released by Miercom, a leading network security testing firm, compared the performance of five security products. They specifically focused on products claiming superior performance for Advanced Threat Detection to determine the […]
|
Guideline
|
|
|
|
2014-11-20 17:21:47 |
A Billion Android Devices Exposed - Are you at risk? (lien direct) |
The post A Billion Android Devices Exposed — Are you at risk? |
|
|
|
|
2014-11-18 01:29:25 |
Cyberthieves Move Beyond Jailbreak – Is Your Enterprise at Risk of a Breach? (lien direct) |
The post Cyberthieves Move Beyond Jailbreak – Is Your Enterprise at Risk of a Breach? |
|
|
|
|
2014-11-14 16:45:56 |
Mobile Security Weekly: Behind Masque Attack, Russian Worm Spreading, BlackBerry & Samsung Team Up (lien direct) |
The post Mobile Security Weekly: Behind Masque Attack, Russian Worm Spreading, BlackBerry & Samsung Team Up |
|
|
|
|
2014-11-12 08:15:47 |
When it Comes to Security, What is Good Enough? (lien direct) |
Ben Franklin once said that an ounce of prevention is better than a pound of cure. We couldn't agree more when it comes to network security. From both time and financial standpoints, it is much more cost effective to prevent infections than deal with their aftermath. Infection cleanup is very costly to businesses. The latest […]
|
|
|
|
|
2014-11-10 17:45:06 |
(Déjà vu) Immobilize WireLurker Before It Immobilizes You (lien direct) |
A recent malware, “WireLurkerâ€, affects Apple OS X and iOS. As highlighted in the recent announcement by Check Point on mobile security, the amount of mobile malware is on the rise. In this case, WireLurker affects both desktop and mobile platforms. The infection starts through trojanized and repackaged OS X applications. It then transfers to […]
|
|
|
|
|
2014-11-06 17:53:10 |
WireLurker Exposes iOS Security – Jailbreak Not Required (lien direct) |
The post WireLurker Exposes iOS Security – Jailbreak Not Required |
|
|
|
|
2014-11-03 17:47:22 |
At the heart of Zero Day are 1440 minutes. What can happen in one minute? (lien direct) |
At Check Point, we live in the same business world everyone else does, where we have to operate at the speed of our customers. In our case, though, one mistake impacts a lot more than just our own network. The speed of business and being responsive to customers and stakeholders is a key metric for […]
|
|
|
★★★★★
|
|
2014-11-03 08:24:41 |
Plugging the Security Hole in a WordPress Plug-In (lien direct) |
Check Point researcher, Roi Paz recently discovered a critical vulnerability that would have enabled attackers to steal personal and financial data from thousands of websites and their visitors via the LiveSupporti WordPress plug-in. After being alerted to the situation, LiveSupporti plugged the security hole. LiveSupporti is a software service that enables website visitors to engage in […]
|
|
|
★★
|
|
2014-10-31 16:40:32 |
(Déjà vu) Mobile Security Weekly – Three New But Classic iOS and Android Attacks (lien direct) |
The post Mobile Security Weekly – Three New But Classic iOS and Android Attacks |
|
|
★★★
|
|
2014-10-24 17:47:44 |
(Déjà vu) Mobile Security Weekly – iOS Jailbroken, Knox Cracked, Android Exposed (Again) (lien direct) |
The post Mobile Security Weekly – iOS Jailbroken, Knox Cracked, Android Exposed (Again) |
|
|
★★
|
|
2014-10-06 17:57:21 |
Bug in the Bug Tracker (lien direct) |
On September 29th, Check Point's Malware and Vulnerability Research Group uncovered a critical privilege escalation vulnerability in the popular bug-tracking platform called Bugzilla. According to the CVE security vulnerability database (cvedetails.com), this is the first privilege escalation bug uncovered in the Bugzilla project since 2002. (See also: Bugzilla Zero-Day Exposes Zero-Day Bugs by Brian Krebs) […]
|
|
|
★★
|
|
2014-10-04 06:43:48 |
(Déjà vu) Mobile Security Weekly – Lacoon Discovers the Xsser mRAT (lien direct) |
The post Mobile Security Weekly – Lacoon Discovers the Xsser mRAT |
|
|
★★★★
|
|
2014-09-30 19:39:41 |
(Déjà vu) Lacoon Discovers Xsser mRAT, the First Advanced Chinese iOS Trojan (lien direct) |
The post Lacoon Discovers Xsser mRAT, the First Advanced Chinese iOS Trojan |
|
|
★★
|
|
2014-09-29 15:24:11 |
(Déjà vu) Shellshock A.K.A Bash Bug – A Serious Vulnerability That Could Affect Rooted or Jailbroken Mobile Devices (lien direct) |
The post Shellshock A.K.A Bash Bug – A Serious Vulnerability That Could Affect Rooted or Jailbroken Mobile Devices |
|
|
★★★★
|
|
2014-09-29 07:28:56 |
(Déjà vu) Vulnerability Discovered Within Default Android Web Browser (lien direct) |
The post Vulnerability Discovered Within Default Android Web Browser |
|
|
|
|
2014-09-25 17:59:53 |
Protecting Yourself Against Shellshock (lien direct) |
Note: This is a developing story. Check Point will provide updates as additional information becomes available. Check Point strongly encourages organizations to take action and understands how fixes and protections work in order to minimize their exposure and avoid introducing new problems. What is Bash and Shellshock? Bourne Again Shell, also referred to as Bash […]
|
|
|
★★
|
|
2014-09-21 08:03:04 |
(Déjà vu) Mobile Security Weekly – A Whole New iWorld (lien direct) |
The post Mobile Security Weekly – A Whole New iWorld |
|
|
★★
|
|
2014-09-18 15:51:24 |
iOS 8: Newer, better, but is it safer? (lien direct) |
The post iOS 8: Newer, better, but is it safer? |
|
|
★★★
|
|
2014-09-16 13:30:45 |
Don\'t Let Mobile Spy App Windseeker Get Caught in Your Sail (lien direct) |
The post Don’t Let Mobile Spy App Windseeker Get Caught in Your Sail |
|
|
★★
|
|
2014-09-08 18:25:12 |
(Déjà vu) Mobile Security Weekly – Why Is iCloud Raining On Us? (lien direct) |
The post Mobile Security Weekly – Why Is iCloud Raining On Us? |
|
|
★★★★
|
|
2014-09-05 23:30:25 |
Snap, Click, Save, Leak. Think You\'re Safe? Think again. (lien direct) |
The post Snap, Click, Save, Leak. Think You're Safe? Think again. |
|
|
★★★★★
|
|
2014-09-01 08:06:50 |
(Déjà vu) Mobile Security Weekly – A New Arena: Wearable Tech Security (lien direct) |
The post Mobile Security Weekly – A New Arena: Wearable Tech Security |
|
|
★★★★
|
|
2014-08-23 19:10:20 |
(Déjà vu) Mobile Security Weekly – Are iOS and Android full of holes or is it just Gamma Group? (lien direct) |
The post Mobile Security Weekly – Are iOS and Android full of holes or is it just Gamma Group? |
|
|
★★★
|
|
2014-08-17 03:15:40 |
(Déjà vu) Mobile Security Weekly – Bringing the Hammer Down on Mobile Threats (lien direct) |
The post Mobile Security Weekly – Bringing the Hammer Down on Mobile Threats |
|
|
★★★★
|
|
2014-08-16 21:50:36 |
Practical Attacks Against VDI and Augmenting Mobile Security (lien direct) |
The post Practical Attacks Against VDI and Augmenting Mobile Security |
|
|
★★
|
|
2014-08-13 13:38:04 |
Are Malicious Configuration Profiles iOS\' Achilles Heel? (lien direct) |
The post Are Malicious Configuration Profiles iOS’ Achilles Heel? |
|
|
★★★
|
|
2014-08-12 13:50:36 |
(Déjà vu) Mobile Security Weekly – Android Threats Stack Up (lien direct) |
The post Mobile Security Weekly – Android Threats Stack Up |
|
|
★★★★
|
|
2014-08-11 18:12:30 |
Check Point Protects from the HAVEX Malware Targeting ICS/SCADA Systems (lien direct) |
Dragonfly Cyber Espionage campaign overview Havex is a Remote Administration Tool (RAT) used recently by the “dragonfly†cyber espionage group. They were using the Havex malware to target Industrial Control Systems (ICS) and SCADA systems at energy companies across Europe and the US. Several methods were used to infect computers with the Havex RAT, such […]
|
|
|
★★★
|
|
2014-08-11 18:08:56 |
GOZ – Is it game over, Zeus? (lien direct) |
Overview Zeus is a highly sophisticated family of Trojans that seeks to steal banking information and accounts from victims. Zeus targets popular operating systems such as Windows and Android and is usually distributed to end-users through social engineering tactics such drive-by downloads and phishing emails. Although Zeus was discovered back in 2007, it remains popular […]
|
|
|
★★★★
|
|
2014-08-11 18:05:29 |
Protecting computers from the damages of RAMDO Click Fraud Trojan (lien direct) |
Details Ramdo is a family of Trojan horses which performs click fraud. This type of Trojan program is used to increase the number of visits on certain websites or to boost the number of hits for online ads. Ramdo installs itself by using an exploit kit, copies itself onto the system and creates an encrypted […]
|
|
|
★★
|
|
2014-08-11 08:42:13 |
Don\'t Become the Next Code Spaces: Learn best practices for using cloud services securely (lien direct) |
Overview Code Spaces, which offered source code repositories and project management services hosted in Amazon's Web Services for developers, was forced to cease operations in June after failing to meet the demands of cyber-extortionists. The company was first hit with a Distributed Denial of Service (DDoS) attack, followed by a devastating cyber breach that, in an instant, […]
|
|
|
★★
|
|
2014-08-04 13:30:56 |
VDI Solutions: Background, Threats & Mitigation (lien direct) |
The post VDI Solutions: Background, Threats & Mitigation |
|
|
★★★★★
|
|
2014-08-02 12:01:08 |
(Déjà vu) Mobile Security Weekly – Countdown to Blackhat US (lien direct) |
The post Mobile Security Weekly – Countdown to Blackhat US |
|
|
★★★★★
|
|
2014-07-29 11:42:47 |
Android \'Fake ID\' can Impersonate your Trusted Apps (lien direct) |
The post Android 'Fake ID' can Impersonate your Trusted Apps |
|
|
★★★
|
|
2014-07-27 11:37:28 |
(Déjà vu) Mobile Security Weekly – Trust Issues (lien direct) |
The post Mobile Security Weekly – Trust Issues |
|
|
★★★★★
|
|
2014-07-22 16:10:45 |
(Déjà vu) In 2014, No Country is Safe from Mobile Threats (lien direct) |
If you have been reading recent malware studies and articles, you may have noticed that many different different countries have been named as the ones “most targeted†or with the “most new mobile threatsâ€
|
|
|
★★★
|
|
2014-07-19 21:48:50 |
(Déjà vu) Mobile Security Weekly – Applenterprise ? (lien direct) |
This week's news focuses on the business of mobile. Unlike most weeks, where we touch on a new strain of mobile malware or a new vulnerability - this week presents a different point of view on mobile security. It's critical to keep up to date with this sort of events, as in the long run they will undoubtedly impact all aspects of mobile security in the enterprise.
|
|
|
★★★★★
|
|
2014-07-12 22:41:57 |
Mobile Security Weekly – Have we seen the last of KNOX? (Update – 20th July) (lien direct) |
Android takes the lead in mobile security news this week. With major decisions being made regarding how Google views the future of Android security, they've received another big wakeup call - between 60-70% of Android devices are vulnerable to a substantial vulnerability.
iOS users also discovered another blow to their security this week. Several months ago, our researchers at Lacoon Security discovered a vulnerability in the Gmail iOS app which enables a threat actor to perform a Man-in-the-Middle attack - and by doing so, view, and even modify, encrypted communications.
|
Guideline
|
|
★★★★
|
|
2014-07-10 15:11:05 |
Security Disclosure: Google\'s iOS Gmail App Potential Target for Threat Actors (lien direct) |
Security Disclosure: As part of our ongoing research into Apple's iOS environment, we analyze mobile apps from various perspectives. During a routine analysis of the Gmail iOS app we unexpectedly came across a vulnerability which enables a threat actor that is performing a Man-in-the-Middle attack to view, and even modify, encrypted communications. The Vulnerability: Gmail's iOS App Does Not Perform Certificate Pinning.
|
|
|
★★
|
|
2014-07-05 18:21:30 |
(Déjà vu) Mobile Security Weekly – Threats are Everywhere (lien direct) |
This week's issue contains four entirely different but all highly volatile mobile security threats. New vulnerabilities and threat vectors are rapidly appearing. These aren't small issues either - they potentially place millions of devices and users in danger and all need receive due attention.
|
|
|
★★★
|
|
2014-07-02 18:14:40 |
(Déjà vu) Is Android Fragmentation making the OS as fragile as glass? (lien direct) |
What is fragmentation and how does it affect the security of the Android-based devices? Join our podcast where Dan Koretsky, our sr. security researcher at Lacoon Security, provides a brief overview of Android fragmentation and its implications on enterprise security.
|
|
|
|
|
2014-06-28 19:31:34 |
Mobily Security Weekly – Pain-gu? How dangerous is the new iOS jailbreak? (lien direct) |
The post Mobily Security Weekly – Pain-gu? How dangerous is the new iOS jailbreak? |
|
|
|
|
2014-06-25 12:43:02 |
Pangu: An iOS 7.1 Jailbreaking Tool – a Major Leap in Attacker\'s Capabilities (lien direct) |
A jailbreaking tool, named Pangu, for Apple-based mobile devices running iOS 7.1-7.1.x was released yesterday on June 24, 2014.
Pangu should concern us - the security community, enterprises, and consumers alike. Pangu represents a major technology leap, ultimately lowering the barrier for attackers to create sophisticated mobile-targeted attacks.
|
|
|
|
|
2014-06-22 06:15:30 |
(Déjà vu) Mobile Security Weekly – Paranoid Android? (lien direct) |
The post Mobile Security Weekly – Paranoid Android? |
|
|
★★★★★
|
|
2014-06-20 20:14:17 |
(Déjà vu) Follow Up on “TowelRoot†Vulnerability (lien direct) |
The post Follow Up on “TowelRoot†Vulnerability |
|
|
|
|
2014-06-16 19:49:45 |
“TowelRoot†Gives Root Access to Samsung Galaxy S5 and other Popular Android Mobile Devices (lien direct) |
The post “TowelRoot†Gives Root Access to Samsung Galaxy S5 and other Popular Android Mobile Devices |
|
|
|