De 5 största säkerhetsriskerna för mobila företag

De 5 största säkerhetsriskerna för mobila företag

Mobila enheter har förändrat hur företag arbetar. Men de har också medfört nya säkerhetsrisker. Här är de fem största hoten som ni behöver känna till – och vad ni kan göra åt dem. 1.  Falska meddelanden och länkar (Mishing/Phishing) Du kan få ett sms, mejl eller meddelande som ser äkta ut men som är falskt….

Zimperium Predicts Data Privacy Emphasis, More Evasive Phishing Attacks and Rise of Sideloading in 2025

Zimperium Predicts Data Privacy Emphasis, More Evasive Phishing Attacks and Rise of Sideloading in 2025

Predictions by: Nico Chiaraviglio, Chief Scientist and Krishna Vishnubhotla, VP Product Strategy & Threat Intelligence Each year around this time, security leaders cast their predictions on how the industry will change in the new year. What new threats will arise? How will organizations shift their security priorities? Which cybercriminal tactics will increase and which will…

Mishing: The Rising Mobile Attack Vector Facing Every Organization

Mishing: The Rising Mobile Attack Vector Facing Every Organization

Most would agree that the evolution of mobile devices over the last 10 years has been remarkable, including a significant impact to communication and productivity in the workplace. The combination of 5G technology, cloud-based business applications and device computing power has resulted in even the most basic mobile devices becoming essential tools for many employees…

Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware

Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware

Executive Summary As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a new variant of a well-known malware previously reported by ThreatFabric and Kaspersky. This malware, named FakeCall, employs a technique known as Vishing (voice phishing), in which fraudulent phone calls or voice messages are used to deceive victims into…

Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

The Water Makara spear-phishing campaign, recently reported by Trend Micro, leverages social engineering tactics and obfuscated JavaScript files to target victims. The attack entices victims into clicking malicious links or downloading harmful attachments, ultimately leading to credential theft and data compromise. While there is no indication that this specific campaign is targeting mobile devices, it highlights…

The Mobile Malware Chronicles: Necro.N – Volume 101

The Mobile Malware Chronicles: Necro.N – Volume 101

Executive Summary zLabs researchers have been tracking a Necro.N, a mobile malware campaign, since July. Expanding upon Kaspersky’s report, we’ve gathered additional insights. Over this time, we’ve collected more than 30 samples and few of them had low detections from other security vendors. As stated in the original report, Necro.N is highly intrusive and is emerging as a…

Debunking Five Myths About Mobile Security

Debunking Five Myths About Mobile Security

Mobile security is a critical concern for enterprises. However, several myths surrounding mobile security could be putting your organization at risk. I’ve identified and debunked the top five myths about mobile security and explained how to safeguard your enterprise with clarity and confidence. Myth 1: All Android and iOS devices are inherently secure While Android…

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Executive Summary On September 10, Cleafy publicly disclosed a new variant of the Banking Trojan called TrickMo. This variant employed innovative techniques to evade detection and analysis, such as zip file manipulation and obfuscation.  While Cleafy did not release any Indicators of Compromise (IOCs), our research team conducted its own research and identified 40 recent variants…

ISM’s Guidelines for Enterprise Mobility

ISM’s Guidelines for Enterprise Mobility

Most cybersecurity professionals in Australia are well-acquainted with the Information Security Manual (ISM) cyber security framework, the Essential 8 (E8) and how they apply to traditional endpoints. In addition to these controls, there are mobile-specific controls that are critical to securing iOS, Android and ChromeOS devices. In this blog, we will analyze the ISM’s mobile…

iOS and the WebP Vulnerability

iOS and the WebP Vulnerability

A Retrospective on WebP CVE Executive Summary Earlier this year, Zimperium analyzed and reported on the patching process of CVE-2023-4863 for Android. Upon the conclusion of our research, we observed a steady and solid patching trend once a patch was made available. In this blog we will underline the differences and the similarities on how iOS developers reacted to the…