Mobile Business Expo, Chicago

I’m here at the Mobile Business Expo in Chicago. For anyone who’s been to Chicago, the great Windy City is certainly living up to its name this November.

So far, I’ve had the opportunity to sit on a panel on Best Practices in Smartphone and Laptop Security, which included representatives from NetMotion, Hewlett Packard, Good Technology and Unisys. A good mix of industry interests, and we got to share perspectives on where we currently stand on mobile device security.


There’s optimism because new technologies are being developed to detect and prevent threats to the mobile computing environment. The down side is that attackers will continue to develop methods to counteract the best-practice security measures that we put in place.

I explained to the audience that today, security awareness has to be practiced on a psychological and a technical level. Neither approach is enough on its own. There are times when only a human will be able to detect a social engineering trick, just as there are times that only a firewall will detect that data is being exfiltrated.

Although the plain truth is that things will get worse, the war against malware writers isn’t being lost. The landscape is simply changing. At the end of the day, common sense and a healthy dose of suspicion will go a long way towards ensuring security when using mobile devices.

Mobile Business Expo, Chicago

Your email address will not be published. Required fields are marked *



The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox