Blog

Investigation of Android Eavesdropping

Researchers investigating popular Android apps found that several are leaking content recorded from cameras and the screen over the Internet , raising significant privacy concerns.

By Elleen Pan, Jingjing Ren, Martina Lindorfer, Christo Wilson, and David Choffnes
(Source: https://recon.meddle.mobi/papers/panoptispy18pets.pdf)

Weak Apple DEP Authentication Leaves Enterprises Vulnerable to Social Engineering Attacks and Rogue Devices

Over the last few months, Duo Labs has been researching the security of Apple's Device Enrollment Program (DEP). In this research, they discovered an authentication weakness in DEP, used by many organizations to automatically enroll devices in their Mobile Device Management (MDM) server. Simply put, enterprises use DEP to bootstrap the provisioning of Apple devices.

This has a few real-world implications:

ATM HACKING: YOU DON’T HAVE TO PAY TO PLAY

US Banks are getting Skin in the Game

How many times have you used an Automated Teller Machine (ATM) in your life? Probably too many times to count, and for some people it’s on a daily basis. Although not usually at the forefront of cyber headlines, ATM hacking has been on the uptick over the past few years and is reportedly to be a $2 billion global problem.

Experian Forecasts the Top 5 Data Breach Predictions for 2019

Experian released its sixth annual Data Breach Industry Forecast, which includes its top five data breach predictions for 2019. The report addresses new cyber threats to biometrics and gaming, along with susceptible breach targets that include cloud and wireless networks.

The scale of data breaches in 2018 has been staggering. There have been 1,027 breaches reported with 57,667,911 records compromised as Nov. 2, 2018, according to the Identity Theft Resource Center (ITRC).

Malscape Snapshot: Malicious Activity in the Office 365 Cloud

The accelerating migration to the cloud is creating an attractive target for cybercriminals. One of the primary offerings is Microsoft Office 365. Lastline took a closer look and provided a brief history of Office 365 attacks, and then we took a close look at two recent attacks to illustrate the challenges of effectively protecting employees from attack once your company makes the move to Office 365.

By Andy Norton and Stefano Ortolani

Threat Actors Targeting Homebuyers with Phishing Attacks

Consumers should be exceedingly vigilant in their interactions with parties claiming to be involved in ongoing real estate transactions while realtors, mortgage brokers, and other industry organizations should educate customers about security and take steps to avoid abuse of their brands. Moreover, real estate professionals should implement layers of protection against increasingly frequent attacks on the industry.

Find out how real estate professionals can take measures to protect themselves.

 

Help Make a Difference with WCMAD

There are many ways you can get involved! Learn more about our programs and opportunities.