Mobile

3/2/2015
07:00 AM
Ericka Chickowski
Ericka Chickowski
Slideshows
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Mobile Security By The Numbers

Rounding up the latest research on mobile malware and security practices.
Previous
1 of 7
Next

As ubiquity of mobility paired with the availability of cloud continues to drive major technological disruptions within just about every type of enterprise transacting business today, CIOs and CISOs are increasingly put on notice to incorporate mobile into their security plans or risk irrelevance. Over the past several months, numerous surveys and studies have done a good job offering up some statistical proof points about the scope of the mobile security dilemma. We've broken down some of the most salient stats for our readers.

Mobile Fraud Estimates
Mobile fraud is on the rise, and as enterprises struggle to meet the challenges, the costs keep piling up. According to a research report by J. Gold Associates created on behalf of RSA and TeleSign, 63 percent of enterprises say they've experienced a 5 percent loss in revenue or greater due to mobile fraud. 
Source: TeleSign

Mobile Fraud Estimates

Mobile fraud is on the rise, and as enterprises struggle to meet the challenges, the costs keep piling up. According to a research report by J. Gold Associates created on behalf of RSA and TeleSign, 63 percent of enterprises say they've experienced a 5 percent loss in revenue or greater due to mobile fraud.

Source: TeleSign

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
flexcapacitr
50%
50%
flexcapacitr,
User Rank: Apprentice
3/12/2015 | 4:40:47 PM
Re: Gating apps
True to a point.  Android is the primary target because its the largest & higher chance of success...smaller pool iphone lesser statistical chance of success.  If your designing malware which would you attack? this was mentioned at BHat 2012. These TOE evals will change based upon the obvious user base and easily exploitable CVE's.
AntonioL282
0%
100%
AntonioL282,
User Rank: Apprentice
3/10/2015 | 4:58:08 AM
Android Malware report
The National CyberSecurity Institute of Spain (INCIBE) has released a complete report of the current situation of the malware in Android devices. https://www.incibe.es/CERT_en/publications/Studies/android_malware_situation_en
Joe Stanganelli
0%
100%
Joe Stanganelli,
User Rank: Ninja
3/7/2015 | 11:32:04 PM
Gating apps
Even though iOS has technically has had more vulnerabilities of late, 96% of mobile malware targets Android -- because it's so darn easy through the unregulated, ungated Google app store!  (On iOS, hackers have to resort to SMS and email phishing.)

If Google refuses to gate its apps, I think it's high time for the enterprise to finally put Android to bed.
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
Election Websites, Backend Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10510
PUBLISHED: 2018-08-15
A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations.
CVE-2018-10511
PUBLISHED: 2018-08-15
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.
CVE-2018-10512
PUBLISHED: 2018-08-15
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS).
CVE-2018-8753
PUBLISHED: 2018-08-15
The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack.
CVE-2018-9129
PUBLISHED: 2018-08-15
ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.