Did you know mobile is now a preferred attack vector for hackers? It is perceived as a weak entry point into the corporate network. With millions of apps available on the iOS and Android platforms, it is incredibly challenging to keep on top of the apps your employees decide to use. We can help.
Tag: Security
Do you like football? Beware of APPs!
As football fever sweeps across Europe due to the 2016 UEFA European Championship, the SmartWire Labs Team at Wandera has been analyzing the mobile data traffic patterns across our network of enterprise customers in the European countries that make up this year’s tournament. By investigating the billions of daily data inputs that are scanned by our Secure Mobile Gateway, we’ve made some startling discoveries about data security and mobile phone usage in the lead up to and during the tournament (Research period 25 May to 24 June 2016).
MALICIOUS WEBSITES AND DATA LEAKS
With the tournament in full swing, users are becoming more active on their mobile devices, by exploring new content and being exposed to an increasing number of online ads. As a result of this spike in activity, SmartWire Labs discovered an increase in the number of malicious websites being accessed by smartphones. Worryingly, it seems that the host country has been actively targeted by hackers with 72% of malicious websites and 41% of exposed passwords being detected on smartphones in France.
During our research period, the number of data leaks observed by our research team increased. We predict this number will continue to rise as the tournament goes on as a result of more people travelling across Europe and using unfamiliar apps and websites to access match information. Our research suggests that data leaks will peak in late June towards the end of Euro 2016 before going back to normal levels in late July.
UEFA APP FOR FANS IS LEAKING DATA
One of the most startling discoveries by our researchers relates to the ‘UEFA EURO 2016 Fan Guide’ App. It’s one of the official UEFA mobile applications for Euro 2016, designed to provide practical tourist information for fans that are travelling to France for the tournament.
We have discovered that user credentials (including username, password, address and phone number) submitted to the online UEFA store website, are being transferred by both the iOS and Android versions of the app, over an insecure connection. The app itself has over 100,000 downloads on the google play store alone, and a very high rating. The implications of this are huge with potentially thousands of people having their personally identifiable information exposed and possibly stolen.
CONCLUSION
Overall, the increased data usage during the beginning of Euro 2016 will come as no surprise to anyone. The risks associated with this increase in traffic however have huge implications. With more people traveling across Europe, using unfamiliar websites and apps, as well as the shocking discovery that the official UEFA app is leaking data could all lead to serious security breaches with thousands of fans’ data being put at risk.
UEFA’S RESPONSE
Since SmartWire Labs exposed the treat UEFA have acknowledged the problem and fixed the issue. A UEFA spokesperson confirmed:
It is correct that there is an issue with the fan app, concerning a third party component in the myfanzone section, where the contact details of around 4,000 users (name, email and phone number) were not fully protected.
Within a few days UEFA made the following statement:
All security vulnerabilities have been solved. Data exchange between the mobile App and the server are now encrypted.
Download report
Download “Euro_Paper.pdf” Euro_Paper.pdf – Downloaded 989 times – 778 KB
Wandera ed AirWatch in partnership
Wandera e AirWatch sono partner per offrire una prevenzione perfettamente integrata dalle minacce nel mondo mobile.
La nuova distribuzione “over-the-air” mette nelle condizioni i clienti di AirWatch di inviare Wandera Mobile Security a migliaia di dispositivi in un istante.
Direttamente dalla console di AirWatch e’ possible distribuire il Wandera Secure Mobile Gateway a qualsiasi numero di dispositivi. Gli amministratori semplicemente scelgono i gruppi di dispositivi, che interessano, e Wandera fa il push silente “over the air” a tutti i dispositivi senza che i possessori subiscano alcuna interruzione del servizio.
Il Wandera Secure Mobile Gateway protegge i dispositive mobili aziendali con una prevenzione delle minacce in tempo reale e permette di gestire la conformita’ e la riduzione dei costi del traffico dati.
L’architettura multilivello di Wandera include il primo gateway cloud al mondo per mobile.
Wandera analizza miliardi di input giornalieri per prevenire attacchi sui dispositivi e proteggere i dati sensibili delle aziende.
L’app di integrazione con AirWatch sul dispositivo permette agli amministratori di identificare e bloccare le minacce come la perdita dei dati, malware e attacchi man-in-the-middle, in tempo reale.
Wandera
The Wandera team are proven innovators in enterprise cloud services and security. The team founded ScanSafe (now part of Cisco), pioneer of the cloud secure web gateway market and trusted provider to thousands of global enterprises.
The same passion for innovation and focus on customer experience is behind Wandera and the design of our unique transparent gateway architecture. They are excited to help their customers navigate the next generation of enterprise mobility challenges beyond traditional EMM. Recognized by Gartner as a Cool Vendor, and by Computing for Mobile Security Vendor Excellence.
Wandera
Open/Close all the descriptions
I Dispositivi mobili e la gestione del traffico dati
Gestire i dispositivi mobili e’ ormai prassi comune in tutte le realta’ che hanno visto proliferare nelle aziende, in questi ultimi anni, l’utilizzo di smartphone, tablet, etc.
Fino a qualche tempo fa si riteneva anche che IOS fosse una piattaforma molto sicura mentre Android fosse piu’ vulnerabile.
Tutti gli sforzi dei produttori di MDM in particolare AirWatch erano quindi orientati nel rendere piu’ “blindata” la piattaforma Android in modo da utilizzarla con maggior tranquillita’ in azienda. In questo senso AirWatch ha collaborato strettamente con Samsung e con gli altri produttori hardware su piattaforma Android per fornire garanzie di sicurezza alle aziende che adottavano questa piattaforma.
Un aspetto meno in evidenza e’ invece stato quello relativo alla sicurezza e alla gestione del traffico dati.
In questo campo si evidenziano parecchie brecce di sicurezza anche su piattaforme considerate sicure come Apple.
Alla gestione del traffico dati si dedica Wandera una soluzione integrata in AirWatch che affronta proprio il campo del traffico dati, la cui crescita esponenziale pone nuove sfide ai reparti IT, Security e Governance.
Wandera si occupa anche di contenere i costi del traffico affrontando la questione del roaming ma anche della riduzione tramite compressione dei dati stessi in transito.
Scarica il documento