The enterprise manager’s checklist: Getting to grips with DDoS attacks and the botnet army

Distributed denial of service (DDoS) attacks jumped into the mainstream consciousness last year after several high-profile cases - one of the largest and most widely reported being the Dyn takedown in October 2016. While not necessarily a new threat - they have in fact been around since the late ‘90s - the Dyn takedown is an interesting example as it used poorly secured IoT devices to coordinate the attack.  

When you consider that by 2020 it is predicted...

By Ingo Schneider, 26 April 2017, 0 comments. Categories: IoT, Malware, Security.

DDoS attacks grew at CAGR of 68% over past five years, says Arbor Networks

(c)iStock.com/daoleduc

Here’s news we already suspected: DDoS attacks are getting larger and becoming more frequent and complex with it, according to a report released by Arbor Networks. 

The company, the security division of application and performance management firm NetScout, has released its 12th annual worldwide infrastructure security report, and of the 356 respondents, from a mix of service providers, hosting, mobile, enterprise, and network operators, the threat landscape has been...

By Enterprise CIO, 30 January 2017, 0 comments. Categories: Data & Analytics, Data Loss, Malware, Security.

Skycure gets AT&T on board for mobile security partnership

(c)iStock.com/RiverNorthPhotography

Mobile threat solutions provider Skycure has announced that AT&T will resell the Skycure Mobile Threat Defense Platform, helping secure personal and business data on the millions of devices of AT&T business customers.

The company cited research from Information Security, an IT security community on LinkedIn, back in April which argued that one in five organisations analysed had suffered a mobile security breach primarily driven by malware and malicious Wi-Fi, while...

By James Bourne, 19 October 2016, 0 comments. Categories: Enterprise Mobility, Malware, Security.

Lookout and Microsoft enterprise mobility partnership now generally available

(c)iStock.com/AndreyPopov

Mobile security provider Lookout has announced the general availability of its Microsoft-flavoured Lookout Mobile Endpoint Security product, which integrates with the Redmond firm’s Enterprise Mobility + Security (EMS) suite.

The two companies’ partnership was first announced in June, with the message from both sides being clear: companies need to...

By James Bourne, 10 October 2016, 0 comments. Categories: Enterprise Mobility, Malware, Security.

Malware and ‘connection hijacking’ remain biggest BYOD risks, report warns

(c)iStock.com/eabff

A new report from data centre provider CyrusOne outlines malware, device theft and phishing as among the key risks for organisations looking to implement a bring your own device (BYOD) policy.

The findings, located in the report entitled ‘The Top Four BYOD Security Risks and How Enterprise Firms Combat Them’, are not especially surprising, yet still bear consideration. Malware was considered the number one risk, with CyrusOne citing a Blue Coat report from 2015.

The report...

By James Bourne, 05 September 2016, 0 comments. Categories: BYOD, Employee Education, Enterprise Mobility, Malware, Security.

Appthority examines Android mobile threat landscape – but it’s not all bad news

(c)iStock.com/maislam

A new report from mobile security provider Appthority concludes the mobile threat landscape continues to evolve and singles out three recent vulnerabilities in the Play Store which could be a serious issue for enterprises.

The report, the firm’s latest quarterly Enterprise Mobile Threat Update, examines Godless, LevelDropper, and Overlay. Godless, discovered by Trend Micro researchers, potentially affects almost 90% of Android devices, and is able to silently install apps on...

By James Bourne, 12 August 2016, 0 comments. Categories: Android, Enterprise Mobility, Malware, Security.

Microsoft and Lookout seal partnership deal to “secure enterprise mobility together”

(c)iStock.com/Julia_Sudnitskaya

Redmond giant Microsoft and mobile security firm Lookout have announced a new partnership which integrates Lookout’s Mobile Threat Protection product with Microsoft’s Enterprise Mobility Suite (EMS).

Lookout’s Mobile Threat Protection was released almost a year ago to the day, after the company gained a big reputation in uncovering various...

By James Bourne, 08 June 2016, 0 comments. Categories: Enterprise Mobility, Malware, Security.

Mobile threats: Every tool is a weapon if you hold it right

(c)iStock.com/Balavan

A good friend of mine is fond of saying: “The first thing to do in any crisis is panic, but once you’ve got that out of the way you need to figure out what you’re going to do next.” That phrase has always resonated with me because, while alarmism might be our natural instinct, it’s usually not very helpful.

Mobile malware is perplexing because we can’t seem to collectively decide whether it warrants actual panic or is just a minor irritant. The

By MobileIron, 04 January 2016, 0 comments. Categories: Data Loss, Enterprise Mobility, Malware, Security.

Microsoft puts up shutters to stop rogue enterprise apps

(c)iStock.com/JasonDoiy

Microsoft has announced the availability of a new opt-in which claims to stop potentially unwanted applications (PUAs), such as adware from seemingly harmless software bundles, in their tracks.

Enterprise Windows users running System Center Endpoint Protection or Forefront Endpoint Protection will have PUAs blocked at download and install time, according to a company blog post.

The Redmond giant also outlined a series of best practice tips for rolling out PUA protection. Companies need...

By James Bourne, 03 December 2015, 0 comments. Categories: Applications, Malware, Microsoft, Security.

Collaboration features highly in blacklisted apps, claims MobileIron

(c)iStock.com/LPETTET

Dropbox, Angry Birds, and Facebook are the top three consumer apps blacklisted by organisations, according to research from enterprise mobility management (EMM) provider MobileIron.

Not surprisingly, enterprise file sync and share features highly in the top 10 banned apps; with OneDrive (#4), Google Drive (#5), Box (#6), and SugarSync (#10) all registering. The other blacklisted apps listed were WhatsApp, Twitter, and Skype.

It’s worth noting that with many of these banned apps,...

By James Bourne, 04 November 2015, 0 comments. Categories: Applications, Enterprise Mobility, Malware, Security.

Mobile security 101: Eight must-haves to protect mobile data

(c)iStock.com/1PhotoDiva

The new EU Data Protection regulation will hold any company or individual that processes data responsible for its protection, including third parties such as cloud providers. While expected to be implemented in 2017, several countries are getting a head start and are already issuing their own regulations. For example, the Federal German Data Protection Act, includes strict guidelines on how company data should be stored, used, and accessed from...

By Stephan Romeder, 02 October 2015, 0 comments. Categories: Enterprise Mobility, Malware, MAM, MDM, Security.

Appthority warns of spear phishing through Quicksand enterprise iOS vulnerability

(c)iStock.com/Onfokus

Mobile security provider Appthority has disclosed a previously unknown sandbox violation in iOS that was liable to affect enterprise users which has since been patched.

Named ‘Quicksand’, the vulnerability exploited mobile device management (MDM) clients, as well as mobile apps distributed via an MDM which use the ‘managed app configuration’ setting.

For ease of use in setting up MDM clients and apps, IT departments will normally push through the credentials...

By James Bourne, 24 August 2015, 0 comments. Categories: Authentication, Enterprise Mobility, iOS, Malware, Security.

Security awareness and spear phishing: How to stay out of danger

(c)iStock.com/hailshadow

Have you ever received an e-mail that urges you to act quickly and provide your username and password, or one that asks for your birth date and Social Security number through a legitimate-looking (but fraudulent) website to verify your identity? How about a computer request to update your bank details and personal information with the warning that your account was compromised and might be closed if you do not comply?

The first instinct is to click on the provided link or open the...

By Daniel Brecht, 24 August 2015, 0 comments. Categories: Enterprise Mobility, iOS, Malware, Security.

Loss of customer trust biggest downside to DDoS attack, research claims

(c)iStock.com/maxkabakov

Loss of customer trust and confidence were the key downsides to suffering a distributed denial of service (DDoS) attack, according to a new piece of research.

The study, conducted by Corero Network Security, found more than half (52%) of IT security professionals polled say their customers showed a lack of trust following an outage, while more than one in five (22%) said DDoS attacks directly impacted their bottom line.

Nearly half admitted they responded reactively rather than...

By James Bourne, 13 July 2015, 0 comments. Categories: Authentication, Malware, Security.

Beware the zombie app risk in the enterprise, report warns

(c)iStock.com/DanielBendjy

There are many security risks your organisation has to be wary of, from mobile malware to cybercriminals and even your own employees. Yet a new report from Appthority has revealed a threat which companies may see as remiss – dead apps.

3.9% of Android apps and 5.2% of iOS apps in the Enterprise 100 have ‘zombie’ status – in other words, they’ve been removed from their  app stores and are no longer supported – while approximately a third...

By James Bourne, 07 May 2015, 0 comments. Categories: Applications, Enterprise Mobility, Malware, Security.

The weakest link: How to protect your BYOD program against human error

(c)iStock.com/FrankPeters

In a world where threats against corporate data are becoming commonplace at every level, enabling a BYOD mobile program can seem like a risky move for IT. Disallowing these devices, however, is simply not an option in today’s world. Mobile has become an integral, interwoven part of the way we work and IT must prioritise mobile device security. That said, even after millions are spent on data protection through firewalls, proxies, physical security controls and DLP, a single...

By Jarred White, 23 April 2015, 0 comments. Categories: Enterprise Mobility, Malware, Security.

“I got 99 problems but mobile malware ain’t one”: Verizon’s verdict

(c)iStock.com/stevanovicigor

The latest Data Breach Investigations Report (DBIR) from telco giant Verizon has argued that mobile devices are not a preferred vector in data breaches, among other interesting findings.

The 70 page behemoth is a refreshing read, written as it is in a relatively informal style and not the insomnia-inducing texts of competitors. Hence the title for the DBIR mobile section – “I Got 99 Problems and Mobile Malware Isn’t Even 1% of Them”.

One interesting fact...

By James Bourne, 15 April 2015, 0 comments. Categories: Android, Applications, Malware, Security.

More concerns arise over DDoS threats facing enterprises and service providers

(c)iStock.com/daoleduc

According to data released by distributed denial of service (DDoS) security provider Black Lotus, average packet volume for DDoS attacks increased 340% and average bit volume shot up 245% in the final quarter of 2014.

The attacks, which appeared in the Black Lotus Q4 2014 Threat Report, were described by Shawn Marck, co-founder and chief security officer at Black Lotus, as “smokescreens for other underhanded activity.”

The largest attack drew 41.1 gigabits per second in bit...

By James Bourne, 27 March 2015, 0 comments. Categories: Malware, Security.

Mac OS X and iOS most vulnerable operating systems in 2014, according to GFI

(c)iStock.com/pressureUA

It’s good news and bad news for Microsoft, according to the latest figures from network and security solutions provider GFI. While Windows was no longer the most vulnerable operating system in 2014, Internet Explorer remains by a distance the most insecure application.

The figures, which were taken from the National Vulnerability Database (NVD), found Apple Mac and iOS as the most dangerous operating systems for vulnerabilities with 147 and 127 separate incidents reported in...

By James Bourne, 23 February 2015, 0 comments. Categories: Authentication, Malware, Security.

The changing face of endpoint management and its ramifications for EMM

(c)iStock.com/tumpikuja

Autotask, a company traditionally associated with IT management software, is now moving into endpoint management to further its portfolio.

The move came after the acquisition of SaaS-based platform CentraStage in September, with the New York-based company officially moving into the remote monitoring and management (RMM) space in December with the launch of Autotask Endpoint Management for managed service providers. Patrick Burns, vice president of product management at Autotask,...

By James Bourne, 17 February 2015, 0 comments. Categories: Authentication, Employee Education, Enterprise Mobility, Malware, Security.