Tag : mobile

Threats That Are Spoofing Mobile Enterprise Apps

Nicht jede App ist vertrauenswürdig. Manche installieren Schadsoftware, andere klauen Dokumente oder Passwörter. Von diesen sollte man besser die Finger lassen.

Malware has taken to mobile applications, namely those in the enterprise. Enterprise employees use mobile applications to share data, send packages, manage email, and otherwise juggle the needs of a functioning business. Spoofing applications such as Cisco’s Business Class Email app, ADP, Dropbox, FedEx Mobile, Zendesk, VMware’s Horizon Client, and Blackboard’s Mobile Learn app, makes for very dangerous territory. These spoofed applications are nearly identically to the real counterpart, without serious knowledge of information technology you would never know that the FedEx app you are using is really malicious malware. By impersonating these types of enterprise applications, using the brand and packaging name, unsuspecting users become the host of dangerous malware.

Shuanet is a family of malware that automatically roots a device and installs itself on the system. After Shuanet installs itself on the system it proceeds to install more applications without the permission of the user. These applications are pushed to the phone with the intention to continue installing even more applications and more opportunities to fill the unsuspecting device with malware. With each installation of more applications comes aggressive marketing tactics to try to get a user to bite. Rooted devices are essentially in an altered state, when a device is rooted it is usually for the gain of customization, however in order to remain secure one must know how to configure the security, if they do not configure the device properly the device will no longer receive important software updates. Factory resetting a device infected with malware that installs itself on the system partition, such as Shuanet, will not wipe the malware completely from the device. Apps like these continue to download applications that also house malware, which only adds fuel to the fire.

Examples of apps it spoofs: ADP Mobile Solutions, CamCard Free, Cisco Business Class Email (BCE), Duo Mobile, Google Authenticator, VMWare Horizon Client, Zendesk, Okta Verify.

AndroRAT is another family of malware spoofing enterprise applications. Originally AndroRAT was developed by university students for a class project. It was used as a remote administration tool, as it allows a third party to control the device. Well controlling the device also means allowing the software to collect information from the device such as contacts, call logs, text messages, audio from the microphone, and even device location. Not exactly a comforting piece of information. Hidden remote access software allows attackers the ability to control the device and extract data with nearly nothing standing in their way. Most compromising to the enterprise is the continued remote access to a mobile device. This mobile device is carried throughout the day and it is only a matter of time before the device connects to a business network, allowing an attacker to infiltrate Wi-Fi networks and VPNs.

Examples of apps it spoofs: Dropbox, Skype, Business Calendar

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:5 active mobile threats spoofing enterprise apps

Wires can’t keep up with faster Wi-Fi

Gigabit Wi-Fi, or 802.11ac, has been slowly appearing in homes, buildings and public hotspots, but according to researchers at OpenSignal, gigabit is not delivering to smartphones and wiring is the culprit. In part with how wireless technology works, and the performance of the wired networks Wi-Fi needs to work, the smartphone reach is strained. Researchers found that the 802.11ac which is the latest and greatest in Wi-Fi capabilites, gives users an average of 32.4Mbps, more than double the speed of anything else on the market. In anticipation of even newer technology, this is actually a great deal slower than the 400Mbps that should be made available with newer versions not on the market, yet.

Researchers wanted to know what accounted for the hold up, as 32.4 and 400 have a great range between them. What has been noticed is that the built-in limitations of wireless are partly to blame, but rather that the speed of wire that is plugged into the access point is the real cause of slower speeds. As technology moves forward, Wi-Fi has surpassed wired networks in many places. However, the wired networks still remain, and if the data ultimately carries over 25Mbps cable broadband, that is basically as much as any user is going to get.

Ethernet is attempting to keep up as 802.11ac gets faster, with new LAN interfaces that can run 5Gbps. At the moment the pickings are slim, and getting 802.11ac with a smartphone is not the norm. In order to do so, a smartphone and wired network are necessary. Most of the time when a smartphone is using Wi-Fi it is on the older, slower, 802.11n. Currently, users in the United States were only on 802.11ac 7.9 percent of the time. wifi_80211ac


If you would like to educate yourself in more detail about the information presented in this blog post please visit: Newer Wi-Fi’s faster, but it needs a fast wire behind it

 

Whats Up HTC 10

The HTC 10 had no choice but to revamp their design in order to compete with the Samsung Galaxy S7. A mere 5.6 ounces the phone feels more solid than previous models especially the G5. The back of the phone is curved, even rocking when placed on a flat surface. The front has a 5.3 inch, 2,560 by 1,440 Super LCD 5 screen. There is a physical home button complete with a fingerprint reader below the screen.

The design may have improved but the hardware still the same as the S7 and G5 with  2.2 GHz Qualcomm Snapdragon 820 processor and 4 GB of Ram. Although not wireless charging, the phone houses a USB-C jack on the bottom of the phone and supports Quickcharge 3.0.

What really makes the HTC 10 pop in terms of customer attraction is the audio. The 10 uses two speakers, a front facing tweeter at the top and toward the bottom an edge facing woofer. This combination leads to less distortion than you receive on many other smart phones on the market. The 10 comes with a “hi res certified” headset worth about $90. A pretty nice gift if you ask me. You can tune the headset to your hearing preferences and capabilities by listening to a series of tones. The headphone amp is one of the most powerful with 1v amp connected to a 24-bit DAC.

Different than other smartphones, the photo gallery app and calendar have been replaced with Google Photos and Google Calendar. In addition the phone is pre-loaded with Facebook, Messanger, and Instagram. Not a social media wizard? Don’t get your hopes up for a cleaner phone, these pre-loaded apps are not permitted for deletion.

The HTC 10 will be available in the next coming weeks for pre-order from T-Mobile, Sprint, and Verizon for about $699.

418508-bottom418512-display418514-back


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Hands On With the HTC 10

The Almighty Apple finally falls!…well sorta

apple_topic

Apple released financial reports this week that revealed a decline in quarterly revenue, something that hasn’t happened since 2003. In terms of product, Apple sold 51.2 million iPhones compared to 61.17 million iPhones sold in the same quarter last year.

As Jason Perlow, writer for Tech Broiler states, Apple sits on billions of dollars in cash assets. However, the core product of the Apple corporation is the iPhone, making up 68% of revenue. Perlow points out that the smartphone market is beginning to resemble that of the PC market. What has been done, is being done again and again. Smartphone innovation  is almost to the point of little advancement, and will eventually give up shares to more price-aggressive Chinese products.

Aggressive prediction, but he has a point. Most of the model advancements we witness on the latest editions of smartphones are standard, improved battery life, sharper display, faster downloads and cloud storage. Nothing too major.

As Perlow writes, “Apple does not play by the same rules the rest of the industry does. This is both an advantage and a disadvantage.” One of Apple’s best skills is creating brand loyalty within its customers. Much of how Apple sustains itself is due to repeat customers, buying their products over and over again. How many of us are filled with excitement and joy at the hint of a new Apple product release? I’ll speak for myself here, I am a shining example of the usual Apple consumer. I have two Apple smartphones, both the 6 and the 5c, an iPad, and a Macbook. I began with one device and once I learned how to navigate the Apple “language” so to speak, I was hooked.

But is this enough? Perlow doesn’t seem to think so. He makes a valid point that once someone creates something that capitalizes on the Apple magic, but for a much cheaper price, most of Apple’s loyal fan base will probably jump ship. Once the displays, the RAM, flash, batteries and so on can be manufactured in China, Apple and Samsung are going to have some major competition.

Are we worried? Not really. Apple has close to 200 Billion dollars in cash assets just sitting, and they have braved lows like this before. Usually a downturn like this one leads to a peak innovation cycle for Apple.

Go figure.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Here comes the iPhone apocalypse and the end of Apple as we know it

 

Windows 8 to Go Tested

Just the other day I thought I would go ahead and test out the windows 8 to go feature that is included with Windows 8 enterprise. I used a USB 2.0 device that had a 128 GB Solid State drive in it and began my work. I initially tried setting it up using the built in gui but soon found that while formatting the drive it would lose its drive letter and then fail. I eventually had to use the command line and the image.exe application from the Windows automated installation kit (AIK). It took about 12 minutes to get the whole thing setup and I was off. When you first plug it in it looks like you are starting your computer for the first time and it sets up the devices. The first time you boot it on a specific machine it does this but the second time it works fine. Once loaded, I was able to load all the applications I need and all drivers were detected as they should. Overall the response and interaction was as if I were sitting at my normal computer.

Galaxy S4

Are you thinking about upgrading to Samsung Galaxy’s S4? Or maybe just you’ve seen all the commercials and want to know what the hype is all about. Either way I found a great article that will fill you in on the newest Samsung phone. After reading this article I am very curious about the camera fuctions this phone has. From deleting photobombers to making your own “cinemagraph” it’s right up my alley!

BYOD Security concerns

From Slashdot

A Bring Your Own Device policy might save companies money, but a new survey highlights a lack of security procedures for keeping it secure.

Some two-thirds of businesses follow some sort of BYOD (“Bring Your Own Device”) policy, allowing workers to use their personal devices in a work context. That’s according to a new survey by consulting firm ITIC and KnowBe4.com.

The Web-based survey, which queried respondents from 550 companies worldwide between July and August 2012, also found something disturbing, at least from a security perspective: around 71 percent of businesses had no specific policies or procedures for keeping BYOD secure. Around 13 percent had such policies in place, while another 9 percent were in the process of developing them, with the remainder unsure of where their companies stood in terms of hardening personal devices against attack or data loss.

Full article here:  http://slashdot.org/topic/cloud/byod-lacks-security-survey/

Not Even NASA’s data is safe!

For those of us who think we are pretty good at keeping our information safe, I would highly suggest you think again. Most leading government organizations have issues on keeping their data secure. Take for instance NASA. According to a recent article in Popular Science, NASA was targeted some 47 times last year by cyber criminals and they were successful 13 times giving hackers full control of critical NASA networks. They even lost the codes to control the International Space Station at one point.

NASA is often a target for cybercriminals and often NASA hardware is stolen. Between 2009 and 2011, 48 mobile computing devices were lifted from NASA or NASA employees. One of which containted those control codes for the ISS. Believe it or not, the device in question was not encrypted, and it appears that a lot of NASA devices are like this.

One would think that NASA, a pioneering government organization would have this type of stuff under wraps considering they have a 1.5 billion dollar a year IT security budget. It gives you the sense that if somebody really wanted to, they could easily get into your computer and get your personal information.

Furthermore, think of all of the companies and business that are not NASA, with much smaller IT budgets, that are targets all the time. Hackers could easily can access to these networks without anyone even knowing it and that often happens. A good recommendation is that you be very cautious with your personal information and where you put it. Doing research into security standards and checking to see if companies have had previous IT breaches.

You can also encrypt your hard drive with Windows BIT Locker or 3rd party software if you would like. You can use software such as Pretty Good Privacy (PGP), TrueCrypt, or CyberAngel.

You can never be too safe with your personal information!