Remote and hybrid work have blurred the lines between personal and work tasks and the boundaries between the two have become indistinguishable – yet many organisations still struggle to secure an increasingly mobile-centric environment. According to The Global State of Mobile Phishing Report published by Lookout, 2022 saw the highest mobile phishing encounter rate ever, with more than 50% of personal devices exposed to a mobile phishing attack. Lookout estimates the potential annual financial impact of a mobile phishing attack to an organization of 5,000 employees is nearly $4 million.

Lookout Mobile Endpoint Security is the industry’s most advanced mobile threat defence solution to deliver mobile endpoint detection and response (mobile EDR). Lookout provides visibility into mobile threats and state-sponsored spyware, while also protecting against mobile phishing and credential theft that can lead to unauthorized access to sensitive corporate data. The solution analyses telemetry from more than 215 million devices, 269 million apps and more than 500 million web destinations to uncover thousands of new threats each day. Lookout is FedRAMP JAB P-ATO Authorized and available through CDM DEFEND, trusted by enterprise and government customers alike to protect sensitive data, enabling the workforce to connect freely and safely from any device.

“We are honoured to be named the ‘Overall Mobile Security Solution of the Year’ by CyberSecurity Breakthrough,” said David Richardson, Vice President of Product, Lookout. “This is further validation of the ability for the Lookout Mobile Endpoint Security solution to provide organisations with detection, remediation and prevention capabilities across the entire spectrum of mobile risk, allowing them to effectively manage and reduce that risk. With Lookout, organisations can seamlessly integrate mobile security into their existing security and mobile management solutions, ensuring a cohesive and comprehensive security strategy that protects highly sensitive data across the entire organisation.”

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security and many more. This year’s program attracted thousands of nominations from over 20 different countries around the world.

“Lookout Mobile Endpoint Security allows organisations to better understand the extent of their risks by increasing visibility posed by mobile devices across the organization. After all, most organizations don’t have full visibility into how mobile devices within their company process data,” said Steve Johansson, managing director, CyberSecurity Breakthrough. “For most people, their mobile phones are where their personal lives converge with work, increasing the chance of company data ending up in the wrong hands. Congratulations to Lookout for developing a solution that tirelessly protects and secures an organization’s users and their devices, in a mobile-first world.”

The post Lookout Named Mobile Security Solution of the Year by the CyberSecurity Breakthrough Awards Program appeared first on IT Security Guru.

Global enterprises operating in mainland China must provide local workers with the same application access, security and overall user experience as employees elsewhere. But providing consistent connectivity isn’t easy in China. Operational issues arising from China’s unique internet landscape, including IP address blocking, bandwidth throttling and unpredictable latency, can impact productivity and day-to-day operations. In the past, the only way to address these challenges was to route traffic over a private network connection or VPN from mainland China to an international site. This can sometimes be a difficult approach because in some cases, companies are restricted from utilizing leased lines to international locations.

Lookout China Connect offers multinational companies a comprehensive strategy to navigate the connectivity challenges that arise in China’s complex regulatory environment. It also provides consistent visibility and security in a simplified SaaS-delivered solution. And because it’s based on the Lookout Cloud Security Platform, it provides the same converged protection for:

• SaaS connectivity: Global enterprises reliant on SaaS applications, such as Microsoft 365, Salesforce, ServiceNow and others can connect and secure remote workers operating in mainland China with consistent security policies across their entire global infrastructure.
• Remote users or teams: Remote users working from home in China can access private corporate applications and data hosted in locations outside of mainland China with the same experience and protection as their colleagues elsewhere in the world.
• International websites: Employees operating in China are protected from accessing and being infected by malicious web traffic, websites with vulnerabilities, internet-borne viruses, malware and other cyber threats.

“Global organizations rely on secure connectivity to ensure a consistent user experience and maintain productivity — no matter where they may be,” said Sundaram Lakshmanan, Lookout CTO. “Lookout China Connect provides these organizations with a positive user experience and the peace of mind that their data is protected and accessible – regardless of device, user or location.”

The post Lookout Announces Operations in Mainland China appeared first on IT Security Guru.

Further to this, unnamed “security sources” told the Mail on Sunday that the incident was discovered during the Conservative Party leadership contest over the summer, causing Truss sleepless nights as she worried it may impact her chances of winning.

In addition, then-Prime Minister Boris Johnson and cabinet secretary Simon Case are said to have imposed a total news blackout on the incident.

“It is not a great look for the intelligence services if the foreign secretary’s phone can be so easily plundered for embarrassing personal messages by agents presumed to be working for Vladimir Putin’s Russia,” a security source told the paper.

It appears that there is no evidence was given linking the breach to the Kremlin, although it’s believed that a year’s worth of messages were downloaded from Truss’s device by an unauthorized intruder.

Apparently, these included “highly sensitive” conversations with other countries’ foreign ministers about the war in Ukraine, including detailed discussions about arms shipments.

Additionally, the use by ministers of personal devices and consumer-grade services for government business is creating unacceptable national security risks, according to security experts.

It has also been reported that home secretary Suella Braverman was recently forced to resign after it was revealed that she used her personal email to send a confidential government document on immigration policy to a Tory backbencher. She was subsequently reappointed by incoming PM Rishi Sunak.

Jake Moore, ESET global cybersecurity advisor, pointed to notorious phone-snooping malware Pegasus as a potential culprit for the Truss attack.

“Its quiet, under-the-radar delivery method enables it to monitor the vast majority of a device and those targeted will have no idea of its residence,” he argued.

“High-profile people such as politicians are often targeted, so it is extremely important they keep their personal phone number private and to change it immediately if ever leaked. It is also imperative that they keep their phones up to date and patched with the latest security updates to reduce the chance of such attacks.”

VP EMEA for Absolute Software, Achi Lewis, added that everyone in an organization is a potential target.

“From the Prime Minister to a new joiner, every potential employee and endpoint is at risk of a cyber-attack,” he said.

“All members of staff and electronic devices contain sensitive data in some form which makes them vulnerable to threat actors and requires that they not only have sufficient cyber-training to identify the dangers but also effective cybersecurity technologies to both prevent and react when – not if – an attack occurs.”

The post Truss Phone Hacking Scandal Blame Foreign Culprits appeared first on IT Security Guru.

Further to this, Hamburg-headquartered Aurubis revealed in a brief statement that the attack struck on Friday evening.

“This was apparently part of a larger attack on the metals and mining industry,” it said. “As a result, numerous systems at Aurubis sites had to be shut down and disconnected from the internet as a preventive measure.”

At the moment, it’s unclear exactly what the impact has been on production. Aurubis claims to produce over one million tons of copper cathodes each year and is the world’s largest recycler of the metal.

Evidently, copper is an increasingly important metal, used among other things in renewable energy production, electric vehicles and energy storage technologies.

“The primary goal is to keep production and the procurement of raw materials as well as the delivery of metals and products running. However, Aurubis is not yet able to provide any information on when the systems will be fully functional again,” its statement concluded.

“The production and environmental protection facilities at the smelter sites are running, and incoming and outgoing goods are also being maintained manually. Transitional solutions are being implemented to make the company’s full services available to business partners again starting next week. Customers and suppliers can still reach their Aurubis contacts by phone.”

For now, it’s unclear what the “larger attack” on the metals industry was, but the steps taken by Aurubis are similar to those taken when organizations find ransomware on their networks.

In addition, the German Federal Office for Information Security (BSI) claimed in a new report published last week that cyber-threat levels from June 2021 to May 2022 were higher than they’ve ever been in the country.

It appears that they named ransomware as the biggest threat, citing one municipality that had to declare a disaster after being compromised during the period; the first time in the country’s history a cyber-attack has had such an impact.

The post Biggest Copper Producer in Europe Targeted by Cyber-Attack appeared first on IT Security Guru.

Chris Dobrec, VP of Product and Industry Solutions, at Armis recommends the following for security teams to do to prepare.

OpenSSL does provide for a command line utility and a quick query will return the results of your SSL library running on any device:

% openssl version
OpenSSL 3.0.5 5 Jul 2022 (Library: OpenSSL 3.0.5 5 Jul 2022)

The results above depict a system with an SSL 3.x library in need of the patch that will be released Tuesday, November 1st.

In addition to this check, you may need to search for non-standard installations, as it is possible for systems to also be running application software or appliances that include OpenSSL. Keep an eye out for communications from all your software suppliers, particularly those that supply Internet-facing software or hardware.

While taking the requisite time to identify and remediate the upcoming OpenSSL 3.x vulnerabilities, know that there have been other critical OpenSSL vulnerabilities identified that should be patched along the way: CVE-2016-6309, and the biggest OpenSSL issue of all – Heartbleed, disclosed in 2014 (Heartbleed predates OpenSSL’s severity criteria). Heartbleed allowed remote attackers to expose sensitive data and continued to wreak havoc years after the event. It exposed the Internet’s dependence on small and unfashionable projects run by volunteers, and spawned forks like LibreSSL and BoringSSL that attempted to clean up OpenSSL’s complex codebase.

As additional important information comes to light as we approach November 1st’s release, and thereafter, we will update this post with the most relevant information including how to use Armis to search for and identify all IT, OT, and IoT devices in your environment that are vulnerable to this security flaw.

Join Armis’s latest webinar ‘OpenSSL Vulnerability Explained’ on Wednesday 2nd November 2022 at 11:30 EST/15:30pm GMT to hear from their security experts discuss and explain the latest OpenSSL vulnerability and what it means to you and your firm. Click here to register.

The post Time is Ticking on a New OpenSSL Vulnerability appeared first on IT Security Guru.