Every end-point security agent has a server somewhere behind it, whether it is on premises or in the cloud.
A new variant of the Cerberus malware was placed on the mobile devices by compromising the unnamed company’s Mobile Device Manager (MDM) server.
#Flaws in zoom keybase app kept android#
_ Hackers Infected Company’s Android Devices Through Its MDM ServerĪ banking Trojan has infected more than 75 percent of a multinational conglomerate’s Android devices. This is not really an enterprise scale service yet, but pointing home users toward it makes sense to reduce phishing risk. Apple has done this in the Apple App Store between app developers and app users, and many are familiar with other intermediaries, such as eBay and Amazon, acting as similar buffers. If you trust Mozilla as an intermediary, it can provide one-time email addresses, if needed for website registration, and act as a buffer between the user and the website or application. Mozilla Firefox has a small market share in the browser space, but it continues to introduce new security features.
#Flaws in zoom keybase app kept software#
Enterprises should (a) require all security product vendors to show evidence of security testing of their product as part of evaluation criteria and (b) make sure all security and admin servers that distribute software or updates are configured in high-security configurations and that any change in operational software or configuration of those servers is flagged as a high priority alert. Any security or administration tool that is used to distribute software must be the strongest link in the chain-obviously not the case here. The Cerberus malware was observed spreading across an organization by using the company’s Mobile Device Management (MDM) server to propagate itself. The second two are examples of adding new capabilities to software products to raise the bar against attacks. The first item focuses on another example of attackers using security software as a vulnerable target to compromise and then use as an attack point against the enterprise. This week’s Drilldown focuses on three items (included below) from NewsBites Issue 36 and Issue 37. SANS Director of Emerging Security Trends Immediately apply the skills and techniques learned in SANS courses, ranges, and summits
0 kommentar(er)
