Events

CTIA’s Super Mobility Week 2014

The world’s largest mobile innovation forum, “Super Mobility Week”, is being held in Las Vegas. We were there to participate and moderate a panel on mobile and cloud cyber-security with speakers from Verizon, Samsung, and Eriksonn Mobile.

Powered by CTIA

The event maintains an impressive vendor floor and multiple stages for discussions and panels throughout the days. The floor hosts vendors presenting their newest products, including wearables and other IoT. The afternoon keynotes yesterday brought a switch from the planned Twitter’s CEO to their “President of Global Revenue” Mark Bain, who spoke about both their technology push onto wearables and IoT, and a glimpse into their data mining capabilities derived from their Gnip acquisition. It’s notable that he didn’t mention anything about security or privacy. Two factor authentication is ancient history for them, while Apple and their customers unfortunately continue to learn the hard way that some inconvenience is a small tradeoff for privacy and security.

Microsoft also keynoted, bringing their EVP of Devices Group onstage to discuss their push into mobile to cloud technologies with Nokia devices and “Cloud OS”. Again, no mention of security baked into these technologies, although we haven’t seen any recent naked celebrity photo theft from the Microsoft cloud.

My panel’s discussion weaved mainly in and out of enterprise wide security challenges to BYOD and cloud adoption, along with recent and relevant threats that we noted:

1. The recent Apple iCloud mess revealed several things

  • Apple provided password and knowledge based authentication services that enabled social engineering and brute force attacks and dismissed 2FA (until now). On cloud service authentication security, Apple “led from behind”
  • Apple’s cloud security enabled brute forcing of both AppleIDs and iCloud passwords
  • In general, mobile to cloud customers have no idea of where their data resides, if it or how much of it flows off of their mobile device, how many organizations have access to it, or how well it is secured

2. Mobile malware volumes continue to surge – our mobile malware collection now includes almost half a million samples. Digging deeper, in 2013, we saw around 600 mobile banking trojans and now our malware collection maintains around 8,500 banker variants specifically supporting financial cybercrime.

3. Wifi and Ssl insecurities, as implemented in and used by mobile technologies, are on the increase and will likely continue to be.

4. Targeted attackers express interest in an expanded set of technologies, including various mobile devices by the Rocra, LuckyCat and Chuli attackers.

The event lasts from September 9th to the 11th.

CTIA’s Super Mobility Week 2014

Your email address will not be published. Required fields are marked *

 

  1. CTIA’s Super Mobility Week 2014 | IT Security News

    […] The world’s largest mobile innovation forum, "Super Mobility Week", is being held in Las Vegas. We were there to participate and moderate a panel on mobile and cloud cyber-security with speakers from Verizon, Samsung, and Eriksonn Mobile. The event maintains an impressive… Read Full Article […]

Reports

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Subscribe to our weekly e-mails

The hottest research right in your inbox