Zimperium Deepens Integration with AirWatch to Stop Mobile Cyberattacks

We are excited to share that earlier today AirWatch announced our charter membership in their Mobile Security Partner Alliance Program. That announcement is about providing AirWatch customers with solutions to ensure the best security and visibility to mitigate the growing mobile threat landscape. While we already had a console-to-console integration with AirWatch to enable our customers to detect, analyze and remediate against both known and unknown cyberattacks that threaten valuable corporate data, we are showcasing an even deeper integration at AirWatch Connect.

airwatch zimperium jointNow, the AirWatch app and the zIPS app have the ability to communicate directly to provide immediate security right on the device. This means that if the device or an app is under attack, zIPS can make a call back to the AirWatch agent, alerting that the device/app has been compromised. The AirWatch agent will display the Zimperium alert and launch the Zimperium app so that the threat information can be seen and defined policy actions can be triggered.

The Zimperium team has worked very hard to deliver a ton of innovative features wrapped into a Zimperium for AirWatch solution that tightly integrates with AirWatch.  Here is a run-down of some of the key features.

Industry-leading mobile security to keep sensitive data safe
When Zimperium detects that a device has been compromised by malware (malicious app or spear-phishing), AirWatch can enact risk-based compliance policies to remediate based on the severity of the threat. The policies can temporarily disable the mobile device’s connections to corporate services (email or other apps, Wi-Fi and VPN) or even remove enterprise applications from the device. These actions stop the spread of the infection and prevent risk to your corporate data.

Network Attack Protection
When a man-in-the-middle network attack is detected, Zimperium will work hand-in-hand with AirWatch to take the mobile device out of harm’s way by disconnecting it from the compromised wireless network.

Comprehensive Visibility for Your Security Team
Zimperium provides configurable end-user notifications and administrator alerts by attack type to suit the needs of your enterprise. Your incident response team can take advantage of unprecedented mobile forensics to add to their enterprise view too.

You can learn more about the AirWatch-Zimperium Integrated Solution at www.zimperium.com/products

Follow Us

Join Zimperium at AirWatch Connect 2015

Zimperium is pleased to participate and sponsor AirWatch Connect in Atlanta next week. Zimperium will be showcasing some of its newest features and capabilities with AirWatch and performing live demonstrations of how hackers are compromising enterprises. Please come by and see a demo and enter for a chance to win a GoPro Hero4 Silver camera every day.

AirWatch Connect Atlanta 2015
Hyatt Regency Atlanta & Atlanta Marriott Marquis
September 21-24, 2015

  • Monday – Pre-Conference Industry Workshops
  • Tuesday and Wednesday – Demonstrations and Live Hacks
  • Thursday – Certification Workshops

Register Now using Zimperium discount code “ZimperiumATL” and receive 10% off. For more information, please refer to the AirWatch Connect website: http://air-watch.com/connect/atlanta-2015

See you there!

Follow Us

Return of the Hack

As our world has evolved, so has our technology. And, as that technology has evolved, so has its consumption. Now more than ever consumers are adopting the newest technological devices and integrating them into their daily lives. One prime example? Smart phones.

Once used only to make phones calls and play the occasional game of Snake, mobile phones have now grown into a one stop shop for everything you need to make life easier and more manageable. With consumers’ dependence on smart phones to make it through their days, it only makes sense that they have become a major target for today’s hackers.

Recently, there was an attack that affected 225,000 iOS users. These users had their iTunes login credential stolen through malware called KeyRaider. The information stolen included the account username, password and iPhone unique ID. Hackers sent this information to a remote server and then used it to install paid apps on other iOS devices.

A separate app was created to allow other people to install the paid apps on their own phones. Close to 20,000 people have downloaded the software that the hackers provided to steal from the affected iPhone users. There have also been cases of the malware locking phones and holding them for ransom. So, should you be worried? The answer is yes – if you have a  jailbroken iPhone.

As discussed in a recent article, Jailbreaking an iPhone is a popular practice that enables the iPhone owner to customize their phone. This typically means allowing jailbreakers to download apps that are not approved by the iTunes App Store.

Jailbreaking a phone is a way to bypass barriers that the device maker puts in place to protect users from attacks. While jailbreaking an iPhone might seem like a  way to personalize your device, it also puts each user at a higher risk.

When it comes to the security of your information, it’s better to be safe than sorry. Even if you haven’t purposely put your phone at risk, hackers are lurking around every corner, looking for a weakness. Here are some tips to stay protected from a potential hack:

  • Don’t jailbreak your phone. Smart phone software is designed to protect user information. When those guidelines are ignored, the data – and the user – are at risk.
  • Secure your phone with security software. McAfee® Mobile Security is free for both Android and iOS, and offers a variety of features  to safeguard personal information.
  • Download apps that are safe. If you aren’t comfortable with the permissions an app is requesting, it’s best not to download it. Go with your gut; if something feels fishy, there’s probably a different app you can download similar to the one you want.
  • Download apps from legitimate sources. It is important to download apps from reliable sources, such as the Apple Store and Google Play.

To keep up with the latest security threats, make sure to follow @IntelSec_Home on Twitter and like us on Facebook.

lianne-caetano

How to Stop Sharing Your Location Information

The Internet helps us connect and share with people around the world, but there are some people with whom you definitely shouldn’t be sharing your information. Although it’s not pleasant to think about, it’s not just friends and family that can see your online posts, bad guys can too, including criminals and even sex offenders.

So, when you take a photo of your kids in your backyard, know that if you post that picture on social media, a predator can potentially obtain the GPS coordinates of where that picture was shot.

This is because every time you take a picture, technical data is created and stored along with the image. This is called “EXIF data”, or exchangeable image file format. When this data includes location information, such as the exact GPS coordinates of where the photo was taken, the image is then “geotagged.”

The good news is you can view the EXIF data, and remove it to prevent predators from getting your location information. EXIF data will always be added to the storage of every picture you take; there’s no way to prevent this. But you can delete it.

Here’s how to prevent strangers from seeing your location information:

  • Select the image on your computer and right-hand click on it.
  • Select “properties.” You’ll find all the data here.
  • Go to the location, or EXIF data.
  • At the end of all the information you’ll see “Remove Properties and Personal Information.” This will wipe out the coordinates.
  • You should go through this process before posting photos online, because once they’re online, you can’t control who sees this information.
  • However, it will still be worth your while to strip this data from photos already posted online. For all you know, tomorrow is the day that a bad guy reads your location information, so today is the day to delete it.

Some people’s social media pages have an endless scroll of personal photos, including pictures of their children and teens. Be very selective of what you post online, and always delete the EXIF data before posting.

Save the pictures you don’t post for a hardcopy photo album. That way you’ll dramatically cut down on the time spent eradicating your location information, while increasing your online security.

Here’s some more tips to use location services safely:

  • Turn off the GPS function on your smartphone camera or digital camera. This is important if you are going to be sharing your images online. Instructions on how to turn off geotagging will vary, but we suggest referring to your phone or camera’s manual for further instructions on how to adjust this feature. You also might want to consider only letting certain apps (like maps) use your location data on your mobile device.
  • Check your privacy settings on social networks and photo sharing sites. Make sure that you are only sharing information with friends and family. Also, make sure that you only accept people into your network that you know in real life.
  • Be aware of the fact that the information you share on one social network may be linked to another.For instance, a photo you post to Twitter may automatically post to your Facebook profile. Because of this, it’s important that you check the privacy settings on all your accounts.
  • Finally, be careful about what images you’re sharing and when you are sharing them. Rather than uploading a picture that reveals your location the moment you take it, wait until you get home to upload it.

 

 

 

The post How to Stop Sharing Your Location Information appeared first on McAfee.

Good Morning Karen. Cool or Scary?

Last month I spoke at a telecommunications industry event. The briefer before me showed a video by the Hypervoice Consortium, titled Introducing Human Technology: Communications 2025. It consists of a voiceover by a 2025-era Siri-like assistant, speaking to her owner, “Karen.” The assistant describes what’s happening with Karen’s household. 15 seconds into the video, the assistant says:

The report is due today. I’ve cleared your schedule so you can focus. Any attempt to override me will be politely rebuffed.

I was already feeling uncomfortable with the scenario, but that is the point at which I really started to squirm. I’ll leave it to you to watch the rest of the video and report how you feel about it.

My general conclusion was that I’m wary of putting so much trust in a platform that is likely to be targeted by intruders, such that they can manipulate so many aspects of a person’s life. What do you think?

By the way, the briefer before me noted that every vision of the future appears to involve solving the “low on milk problem.”