TSMC's iPhone chip attack is a wake-up call for enterprise security

Credit to Author: Jonny Evans| Date: Mon, 06 Aug 2018 05:21:00 -0700

Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.

Manufacturing is under attack

TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware “when a supplier installed tainted software without a virus scan.”

The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.

To read this article in full, please click here

Read more

TSMC's iPhone chip attack is a wake up call for enterprise security

Credit to Author: Jonny Evans| Date: Mon, 06 Aug 2018 05:21:00 -0700

Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.

Manufacturing is under attack

TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware. “When a supplier installed tainted software without a virus scan,” it said.

The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.

To read this article in full, please click here

Read more

Apple users ‘most appealing’ to cybercriminals' online scams

Credit to Author: Jonny Evans| Date: Wed, 01 Aug 2018 06:17:00 -0700

Apple’s platforms may be the most secure, but this is driving cybercriminals to more devious ways to undermine iOS and Mac security — partly because hacked Apple user credentials are among the most valuable properties you’ll find on the so-called dark web.

A complex crime

There is no doubt at all that Apple is growing in the enterprise, which is why every iOS or macOS user needs to understand that the new cyber threats aren’t confined to annoying viruses, trojans, or malware attacks.

Enterprise security chiefs are becoming increasingly aware that network, device, location-based, and user security must also be seen as part of the mix. Platform security is only one element to an overall security picture.

To read this article in full, please click here

Read more

New Android P includes several security improvements

Credit to Author: Gleb Malygin| Date: Fri, 27 Jul 2018 19:12:28 +0000

With its release around the corner, we take a close look at the Android P security improvements and how the newest version of Android will better protect the privacy and data of its users.

Categories:

Tags:

(Read more…)

The post New Android P includes several security improvements appeared first on Malwarebytes Labs.

Read more

Trojans: What’s the real deal?

Credit to Author: Christopher Boyd| Date: Wed, 25 Jul 2018 15:40:47 +0000

We take a fresh look at Trojans: the history of the term, the most popular threats over the years, the different types of Trojans, and their relationship with social engineering.

Categories:

Tags:

(Read more…)

The post Trojans: What’s the real deal? appeared first on Malwarebytes Labs.

Read more

Mobile Menace Monday: Adware MobiDash gets stealthy

Credit to Author: Nathan Collier| Date: Mon, 23 Jul 2018 15:00:50 +0000

Adware MobiDash, an ad-displaying nuisance, now comes with some additional stealth features. As a result, these features hide the existence of Adware MobiDash—even when it’s in plain sight.

Categories:

Tags:

(Read more…)

The post Mobile Menace Monday: Adware MobiDash gets stealthy appeared first on Malwarebytes Labs.

Read more

Is mobile sensor-based authentication ready for the enterprise? Some big players think it might be.

Credit to Author: Evan Schuman| Date: Thu, 19 Jul 2018 11:18:00 -0700

An Arizona security company is working on an interesting approach to mobile authentication, one that leverages the exact angle a user holds the phone as a means of making replay attacks a lot more difficult. Aetna has been testing the method internally (according to the security company’s CEO) and the company — Trusona — has announced about $18 million in funding, from Microsoft Ventures ($10 million) and Kleiner, Perkins, Caufield and Byers ($8 million).

The Microsoft Ventures funding is interesting because one of the more popular mobile authentication methods today is Microsoft’s Authenticator app. Is Redmond covering its bases, or does it see the Trusona effort as threatening to displace Authenticator, at least in the enterprise IT world?

To read this article in full, please click here

Read more

BlackBerry's Android upgrade track record should give anyone pause

Credit to Author: JR Raphael| Date: Thu, 28 Jun 2018 08:56:00 -0700

Hey, look: A new BlackBerry phone is here! And no, you didn’t just wake up from a 12-year coma. I promise you, it is still 2018.

The new BlackBerry Key2, however, is aimed squarely at those who miss the glory days of the physical-keyboard-packin’ phone — specifically, business users who still place some sort of value on the BlackBerry name (even if it’s technically a different organization making the devices now). The company’s own landing page for the device placards that focus plainly:

To read this article in full, please click here

Read more

Supreme Court: Your digital location is protected by the Constitution

Credit to Author: Lucas Mearian| Date: Fri, 22 Jun 2018 12:15:00 -0700

The U.S. Supreme Court today ruled that access to historical cell-site records of a person’s location based on their mobile phone will require law enforcement to obtain a warrant before searching a person’s historical location records.

This is the first time the high court has ruled on whether a phone subscriber has a legitimate expectation of privacy regarding a telephone company’s records of their cellphone location data, according to Aloke Chakravarty, a partner in the Denver-based law firm of Snell & Wilmer.

“This is a landmark case for privacy, and how the court will deal with emerging technologies going forward,” Chakravarty said via email. “It creates a new lens through which to view a government’s ability to obtain third-party records where a criminal defendant neither possesses the records, doesn’t have a property interest in them, may not even know they exist, and he cannot personally even access them.”

To read this article in full, please click here

Read more