What to Know and What to Do About the MOVEit Vulnerabilities
Progress recently announced the discovery of three critical vulnerabilities for MOVEit.
Top Mobile App Security Risks
TikTok to Pinduoduo and Temu are just some of the most recent examples of mobile app risks. Read this blog to learn about how you can protect your organization from them.
BYOD Increases Mobile Phishing, and Risks Have Never Been Higher
We've just published our Global State of Mobile Phishing report, which explores phishing trends and the risk they present to both your data and your financial bottom line.
Protecting Data & Promoting Collaboration During Times of Change
Organizations that try to keep using their perimeter-based security solutions are hindering their workers’ ability to collaborate while also losing a handle on their data.
Beyond BEC: How Modern Phishing Has Evolved Past Email
Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for $2.4 billion in cyber crimes.
Social Engineering and VPN Access: The Making of a Modern Breach
It’s tough to find the silver lining in a security incident, but we can always do our best to learn from each one. Let’s take a look at what we can glean from the Uber breach.
How to Protect Against SMS Phishing and Other Similar Attacks
Whenever a breach occurs, we always need to think about the lessons that can be learned. Here are my tips for keeping your organization safe from mobile phishing attacks.
Lookout Contributes to 2022 Verizon MSI With Security Insights
This year’s MSI is especially interesting, as it dives deeper into the interconnectivity that now exists between endpoint devices and cloud applications.
How to Stay Current with Changing Security Landscape
I spoke with Ramy Houssaini, Chief Cyber and Technology Risk Officer at BNP Paribas, about the challenges CISOs face in an increasingly complex digital landscape.
3 Lessons from Confluence Server Vulnerability (CVE-2022-26134)
The vulnerability would allow an unauthenticated malicious actor to execute arbitrary code on a Confluence Server or Data Center instance that could grant full command.
Lookout Helps Leading Fintech Company Improve Compliance
See how Lookout helped a leading FinTech provider protect customer data and reach security compliance using Secure Cloud Access with DLP.
Don’t Leave it to Apps: Security Needs is a Shared Responsibility
Whether you’re building your footprint on-premises, on the cloud or on a hybrid architecture, security needs to be a converged effort.
How to Protect Yourself from NSO's Pegasus Spyware
Even five years after Lookout and Citizen Lab discovered it, advanced mobile spyware Pegasus remains highly relevant.
How to Protect Your Data When Ransomware Strikes
A ransomware attack isn’t a single event; it’s persistent. To secure your organization, you need a full picture of what is happening with your endpoints, users, apps and data.
Lookout Helps a Large Construction Firm Securely Share Data
One of the largest commercial and civil contractors in the United States moved to the cloud to help unlock operational efficiencies.
Lookout Helps a Large Oil Company Migrate to Cloud-Based Software
Lookout helped to implement granular access control for sensitive HR data, achieve compliance, and prevent malware from being uploaded to their infrastructure.
Cyber Readiness and the Russia-Ukraine War
The cyber threats initially directed at Ukrainian government bodies and infrastructure could easily be targeted at other nations.
How to Protect Yourself from Supply Chain Attacks
To better understand these attacks, I invited Vodafone security experts Andy Deacon and Verity Carter-Johnson to the Lookout podcast.
The Olympics & Burner Phones: What About the Safety of QR Codes?
While QR codes make navigating activities at the Games easy and contactless, it creates opportunities for them to be abused for phishing purposes.
How a Leading University Hospital Secures Patient Data
See how Lookout helped them protect their sensitive data and meet compliance regulations as they migrated to full cloud adoption.
How Financial Service Firm Prevents Email Data Leaks with Lookout
This large financial services firm needed to ensure they were protecting data in email without increasing complexity or limiting productivity.
Four Ways to Assess Your Zero Trust Security Posture
While most of us understand Zero Trust conceptually, the path to Zero Trust is complex and constantly evolving. In this blog, I break down what is and what isn’t Zero Trust.
Protect Your Cloud Data From Insider Threats
We often associate breaches with corporate espionage and advanced persistent threat groups, but often, data is leaked by an organization’s own employees.
How to Keep Data Secure in Light of Apache Log4j Vulnerabilities
In quick succession in December, The Apache Software Foundation released information on two critical vulnerabilities in its Log4j Java-based library.
Achieving Zero Trust? One Size Does Not Fit All
We discuss the opportunities and challenges mobile and cloud technologies have created with Art Ashmann, Staff EUC Solutions Engineer at VMware.
Mobile App SDKs: The Nesting Dolls of Hidden Risk
With the number of devices being used for work everyday — especially as more employees bring their own devices — it’s impossible for security and IT...
Don’t Let Attackers Crumble Your Cookies: Electronic Arts Breach
Leading American video game company Electronic Arts (EA) recently disclosed a breach that resulted in the theft of hundreds of gigabytes of data.
Code Blue: Healthcare Security in the Age of 5G and Remote Work
Why were hospitals so frequently breached by attacks? To answer that question, I turned to an old friend of Lookout — former CISO Mike Murray.
3 Actions To Take Based on the Colonial Pipeline Ransomware Attack
Attackers launched a ransomware attack against the Colonial Pipeline that confirms how cybercriminals exploit reduced visibility, legacy security systems, and mobile devices.
Financial Sector Phishing Attacks Increase 125%
To better understand how the financial industry reacted to this digital shift, I took a deep dive into the millions of device and threat data in the Lookout Security Graph.
Malware as a Service Meets Mobile Phishing: A Dangerous Combo
This campaign is the latest example of how attacks are leveraging various mobile-targeting methods to maximize their return.
Mission Possible: Kiersten Todt on Securing the Public Sector
I recently had the pleasure of having Kiersten Todt, Managing Director of the Cybersecurity Readiness Institute, on the Endpoint Enigma podcast.
Zero Trust Lesson From Mobile Phishing Against Australian Govt.
Australia recently confirmed that a series of mobile phishing attacks were successfully executed on senior officials. Discover more at Lookout today.
When Legit Apps Turn Malicious. Hint: It Happens Often
A popular Android app Barcode Scanner was recently found to be infected with adware. After an update in late 2020, it started pushing advertising to users without warning.
Mobile Security Best Practices for Law Firms
Proper training will go a long way to reduce the risk to which your firm is exposed, as will having effective security in place.
What SolarWinds Teaches Us About Zero Trust for Mobile Endpoints
On 12/17/2020, CISA put out an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, tech companies and public facilities.
Pharma on the Hook: Cyberattackers Phishing for Secret Formulas
We found that 77 percent of mobile phishing attempts on pharmaceutical organizations through the third quarter of 2020 intended on delivering malware.
Work Is No Longer Tethered to the Office. Neither Should Security
While work no longer revolves around an office space, security still does for many organizations. it’s time for us to fundamentally rethink how we secure our organizations.
FBI Cries Foul on Rise in “Vishing” Volume
On August 20, the Federal Bureau of Investigation (FBI) issued a warning about the rise in vishing attacks.
Personal Privacy and the TikTok Brouhaha
Large employers such as Wells Fargo have banned TikTok from company-owned devices, but that alone won’t prevent tablets and smartphones used for work to be free of TikTok.
Mobile Phishing Encounters Surged by 37% With Work-From-Home
Mobile Phishing Spotlight Report - Lookout revealed that enterprise mobile phishing encounter rates surged 37% between the last quarter of 2019 and the first quarter of 2020.