Do you like football? Beware of APPs!

Do you like football? Beware of APPs!

As football fever sweeps across Europe due to the 2016 UEFA European Championship, the SmartWire Labs Team at Wandera has been analyzing the mobile data traffic patterns across our network of enterprise customers in the European countries that make up this year’s tournament. By investigating the billions of daily data inputs that are scanned by our Secure Mobile Gateway, we’ve made some startling discoveries about data security and mobile phone usage in the lead up to and during the tournament (Research period 25 May to 24 June 2016).

MALICIOUS WEBSITES AND DATA LEAKS

With the tournament in full swing, users are becoming more active on their mobile devices, by exploring new content and being exposed to an increasing number of online ads. As a result of this spike in activity, SmartWire Labs discovered an increase in the number of malicious websites being accessed by smartphones. Worryingly, it seems that the host country has been actively targeted by hackers with 72% of malicious websites and 41% of exposed passwords being detected on smartphones in France.

During our research period, the number of data leaks observed by our research team increased. We predict this number will continue to rise as the tournament goes on as a result of more people travelling across Europe and using unfamiliar apps and websites to access match information. Our research suggests that data leaks will peak in late June towards the end of Euro 2016 before going back to normal levels in late July.

 

UEFA APP FOR FANS IS LEAKING DATA

One of the most startling discoveries by our researchers relates to the ‘UEFA EURO 2016 Fan Guide’ App. It’s one of the official UEFA mobile applications for Euro 2016, designed to provide practical tourist information for fans that are travelling to France for the tournament.

We have discovered that user credentials (including username, password, address and phone number) submitted to the online UEFA store website, are being transferred by both the iOS and Android versions of the app, over an insecure connection. The app itself has over 100,000 downloads on the google play store alone, and a very high rating. The implications of this are huge with potentially thousands of people having their personally identifiable information exposed and possibly stolen.

CONCLUSION

Overall, the increased data usage during the beginning of Euro 2016 will come as no surprise to anyone. The risks associated with this increase in traffic however have huge implications. With more people traveling across Europe, using unfamiliar websites and apps, as well as the shocking discovery that the official UEFA app is leaking data could all lead to serious security breaches with thousands of fans’ data being put at risk.

UEFA’S RESPONSE

Since SmartWire Labs exposed the treat UEFA have acknowledged the problem and fixed the issue. A UEFA spokesperson confirmed:

It is correct that there is an issue with the fan app, concerning a third party component in the myfanzone section, where the contact details of around 4,000 users (name, email and phone number) were not fully protected.

Within a few days UEFA made the following statement:

All security vulnerabilities have been solved. Data exchange between the mobile App and the server are now encrypted.

Download report

Download “Euro_Paper.pdf” Euro_Paper.pdf – Downloaded 1004 times – 778 KB

Wandera ed AirWatch in partnership

Wandera ed AirWatch in partnership

Wandera e AirWatch sono partner per offrire una prevenzione perfettamente integrata dalle minacce nel mondo mobile.

La nuova distribuzione “over-the-air” mette nelle condizioni i clienti di AirWatch di inviare Wandera Mobile Security a migliaia di dispositivi in un istante.

Direttamente dalla console di AirWatch e’ possible distribuire il Wandera Secure Mobile Gateway a qualsiasi numero di dispositivi. Gli amministratori semplicemente scelgono i gruppi di dispositivi, che interessano, e Wandera fa il push silente “over the air” a tutti i dispositivi senza che i possessori subiscano alcuna interruzione del servizio.

Il Wandera Secure Mobile Gateway protegge i dispositive mobili aziendali con una prevenzione delle minacce in tempo reale e permette di gestire la conformita’ e la riduzione dei costi del traffico dati.
L’architettura multilivello di Wandera include il primo gateway cloud al mondo per mobile.

Wandera analizza miliardi di input giornalieri per prevenire attacchi sui dispositivi e proteggere i dati sensibili delle aziende.

L’app di integrazione con AirWatch sul dispositivo permette agli amministratori di identificare e bloccare le minacce come la perdita dei dati, malware e attacchi man-in-the-middle, in tempo reale.

 

Wandera

Wandera

The Wandera team are proven innovators in enterprise cloud services and security. The team founded ScanSafe (now part of Cisco), pioneer of the cloud secure web gateway market and trusted provider to thousands of global enterprises.
The same passion for innovation and focus on customer experience is behind Wandera and the design of our unique transparent gateway architecture. They are excited to help their customers navigate the next generation of enterprise mobility challenges beyond traditional EMM. Recognized by Gartner as a Cool Vendor, and by Computing for Mobile Security Vendor Excellence.

 

Wandera

Open/Close all the descriptions

Security & Management for your Mobile Data

The explosion of billions of mobile devices has created the largest technology footprint for hackers to steal corporate and personal data. At the same time, the escalation of app creation and video content, together with the adoption of 4G, means the demand for data has grown exponentially. Businesses are suffering because they cannot protect, predict or control mobile data.
Wandera helps enterprises prevent threats, enforce policy, all while reducing mobile data usage.

The true strength of the architecture is the ability for administrators to take action using automated policy controls,
including alerts, filters, blocks, caps, and device quarantining to prevent security threats, ensure compliance and manage usage.

The core solution is Wandera’s industry leading protection against the full spectrum of mobile attacks. From device configuration risks, insecure app vulnerabilities, malicious infrastructure and traditional network attacks, Wandera prevents threats in real-time.

Wandera + Airwatch Integration

Wandera and Airwatch partner to provide seamlessly integrated mobile threat prevention

Wandera’s Mobile Data Gateway (MDG) and Enterprise Mobility Management (EMM) suites are becoming central components in enterprise mobility strategies. These two entities combined provide the most comprehensive device and data management capabilities for mobile environments to date. With each picking up where the other leaves off, the two systems work in conjunction with each other to provide unmatched device management, visibility, security, and control.
EMM suites focus on device-level management, which is more persistent in nature. This includes the ability to set policies for password requirements, identity management, network enablement and app distribution.

Wandera’s EMM Connect solution enables deep integration between the Wandera Mobile Data Gateway and AirWatch. By linking the two entities together, an enterprise can realize maximum management efficiency, unified threat outbreak response, and multi-level policy based controls

Wandera Private Access

Wandera introduces ZTNA security solution that’s four times faster than VPNs.

Wandera Private Access (WPA) is a cloud-delivered service that provides secure remote access to applications hosted in the datacenter or in the cloud, using Zero Trust Network Access (ZTNA) principles.

Wandera Private Access empowers secure remote work and offers a seamless and consistent user experience from any connected device (running iOS, Android, Windows 10, and Mac) to any application wherever it is hosted. It eliminates the broad discoverability and reachability of data and apps that users shouldn’t have access to, and dramatically increases visibility for admins as well as their ability to take action.

Further, WPA provides teams the flexibility to work any time, anywhere by connecting them to the applications they need. Streamlined authentication processes improve security and enable fast seamless remote working.

WPA is a cloud-based service that requires no on-premise equipment and the service edge dynamically scales to handle unlimited client connections.

 

I Dispositivi mobili e la gestione del traffico dati

I Dispositivi mobili e la gestione del traffico dati

Gestire i dispositivi mobili e’ ormai prassi comune in tutte le realta’ che hanno visto proliferare nelle aziende, in questi ultimi anni, l’utilizzo di smartphone, tablet, etc.
Fino a qualche tempo fa si riteneva anche che IOS fosse una piattaforma molto sicura mentre Android fosse piu’ vulnerabile.
Tutti gli sforzi dei produttori di MDM in particolare AirWatch erano quindi orientati nel rendere piu’ “blindata” la piattaforma Android in modo da utilizzarla con maggior tranquillita’ in azienda. In questo senso AirWatch ha collaborato strettamente con Samsung e con gli altri produttori hardware su piattaforma Android per fornire garanzie di sicurezza alle aziende che adottavano questa piattaforma.
Un aspetto meno in evidenza e’ invece stato quello relativo alla sicurezza e alla gestione del traffico dati.
In questo campo si evidenziano parecchie brecce di sicurezza anche su piattaforme considerate sicure come Apple.
Alla gestione del traffico dati si dedica Wandera una soluzione integrata in AirWatch che affronta proprio il campo del traffico dati, la cui crescita esponenziale pone nuove sfide ai reparti IT, Security e Governance.
Wandera si occupa anche di contenere i costi del traffico affrontando la questione del roaming ma anche della riduzione tramite compressione dei dati stessi in transito.

Scarica il documento

Download “Wandera_Overview_Datasheet.pdf” Wandera_Overview_Datasheet.pdf – Downloaded 932 times – 3 MB