Scammers Are Impersonating Singapore Post With Phishing Messages

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel.

Lookout Discovers Hundreds of Predatory Loan Apps on App Stores

Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior.

New

Lookout Discovers Long-Running Surveillance Campaigns Targeting Uyghurs

Researchers from Lookout Threat Lab have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.

Lookout Contributes to 2022 Verizon MSI With Security Insights

This year’s MSI is especially interesting, as it dives deeper into the interconnectivity that now exists between endpoint devices and cloud applications.

How to Stay Current with Changing Security Landscape

I spoke with Ramy Houssaini, Chief Cyber and Technology Risk Officer at BNP Paribas, about the challenges CISOs face in an increasingly complex digital landscape.

Lookout Uncovers Hermit Spyware Deployed in Kazakhstan

Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.

Three Lessons from the Confluence Server Vulnerability (CVE-2022-26134)

The vulnerability would allow an unauthenticated malicious actor to execute arbitrary code on a Confluence Server or Data Center instance that could grant full command.

New

Pfizer IP Leak Isn't Unique | Protect Your Cloud Data

This Pfizer IP leak exemplifies a rather mundane problem that has been amplified by cloud connectivity: data leakage.

What You Need To Know About the Banking Trojan Anubis

Lookout researchers have discovered a novel distribution of the Anubis Android banking malware masquerading as telecommunications company, Orange S.A.

New

Lookout Takes Down Phishing Scams Targeting U.S. Military Families

Lookout Threat Lab researchers looking into phishing campaign that has actively targeted families of United States military personnel. Details inside.

Achieving Zero Trust? One Size Does Not Fit All

We discuss the opportunities and challenges mobile and cloud technologies have created with Art Ashmann, Staff EUC Solutions Engineer at VMware.

Rooting Malware Makes a Comeback: Lookout Discovers Global Campaign

Security researchers at the Lookout Threat Labs have identified a new rooting malware distributed on Google Play, the Amazon Appstore and the Samsung Galaxy Store.

2021 Day of Shecurity Event Reignites Diversity in Cyber

The exponential growth in success illustrates the fact that the tech industry is determined to reverse the diversity trend and encourage more women to join the field.

When Legit Apps Turn Malicious. Hint: It Happens Often

A popular Android app Barcode Scanner was recently found to be infected with adware. After an update in late 2020, it started pushing advertising to users without warning.

Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict

The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.

What SolarWinds Teaches Us About Zero Trust for Mobile Endpoints

On 12/17/2020, CISA put out an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, tech companies and public facilities.

New Spyware Used by Sextortionists | iOS/Android Blackmail

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.

Multiyear Surveillance Campaigns Discovered Targeting Uyghurs

The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).

Nation-state Mobile Malware Targets Syrians with COVID-19 Lures

Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.

Phishing Attack Targeting UN Discovered by Lookout Phishing AI

Lookout Phishing AI has detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including UNICEF.

Q&A: A Candid Conversation With Women Working in Cybersecurity Today

In anticipation of the Day of Shecurity San Francisco, happening on October 11, we sat down with a few of our security intelligence engineers.

checkm8 IOS Vulnerability | Mobile Threat Defense Needs

Based on millions of iOS users that have installed Lookout and Lookout for Work apps, more than 80% of iPhones are vulnerable.

New Surveillanceware Developed by Russian Defence Contractor

Monokle is a new and sophisticated set of custom Android surveillanceware tools developed by the Russia-based company, Special Technology Centre, Ltd.

Adware "BeiTaAd" Found Hidden in Popular Applications

BeiTaAd is a well-obfuscated advertising plug-in hidden within a number of popular applications in Google Play. Discover more about this mobile threat.

Lookout Researchers Disable Android Malware

Lookout researchers have disabled DressCode, an Android malware family, with their click fraud business model and malware designed to evade detection in novel ways.

New

Lookout Discovers Phishing Site Targeting DNC

As reported in the media, Lookout has discovered a customer phishing kit targeted at the Democratic National Committee (DNC) via a third-party technology provider NGP VAN.

Stealth Mango and Tangelo | Surveillanceware Stealing Data

Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.

Mobile Persistent Threat Actor Running Global Espionage Campaign

Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign.

Tropic Trooper Goes Mobile With Titan Surveillanceware

Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.

New

Mobile Vulnerabilities: What They Are and How They Impact Enterprise

Mobile device vulnerabilities can have equally devastating consequences, including compliance fines and brand reputation loss.

FrozenCell: Multi-Platform Surveillance Campaign Against Palestinians

Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.

XRAT Malware Tied to "Xsser/MRAT" Surveillance

Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.

New

Sideloaded Apps Demo: How Third-Party Apps Can Leak Corporate Data

See this video to learn why enterprises should have visibility into sideloaded apps within their fleet of mobile devices.

New

How to Think About the Risks Facing Data From Mobility

The Spectrum of Mobile Risk research report and the Mobile Risk Matrix is designed to help security organizations understand the risks to enterprise data from mobility.

ViperRat - Mobile APT Targeting Israeli Defense Force

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.

The New NotCompatible | Threat to Enterprise Networks

Over the past two years, Lookout has tracked the evolution of NotCompatible, which has set a new bar for mobile malware sophistication and operational complexity.

Just the Facts: Xsser mRAT iOS Malware

There has been a lot of alarm about Xsser mRAT, the iOS and while there might be some cause for concern, we wanted lay out the facts as we see them.

New

Mobile Mind Isn't Going To Be Profitable

Digital currency miners are a new trend in the mobile world including BadLepricon, CoinKrypt, Widdit, FreeLotto, and TokenCrypt. What are the threats?

Protect Cloud Data in the Wake of the Pfizer Data Leak

We often associate breaches with corporate espionage and threat groups, but as the Pfizer IP leak incident showed, cloud connectivity has actually amplified security gaps.

Energy Industry Threat Report

The energy industry is a prime target for attacks as mobile threats like phishing and app encounter rate is higher than other industries. Discover what these threats mean.

Telework Exposed to Heightened Mobile Risk

Lookout data reveals that U.S. government organizations are exposed to hundreds of vulnerabilities from outdated operating systems and risky apps which steal credentials.

The Pharmaceutical Threat Report

Access the Pharmaceutical Threat Report to better understand the risks mobile devices have introduced into your organization with Lookout today.

Financial Services Threat Report

Mobility and cloud apps are now a key component of how financial institutions operate. Read this report to better understand the risks your organization is exposed to.

Securing Telework From 2020 and Beyond

As public and private industries shift to telework, thanks to long-term innovation and short-term necessity, it’s clear that telework is here to stay. But to what scale?

SilkBean Technical Report

The Lookout Threat Intelligence team discovered four Android surveillanceware tools used to target the Uyghur ethnic minority group.

Technical Analysis of Pegasus Whitepaper

Read Lookout's investigation into this highly sophisticated espionage software. The attack takes advantage of how essential mobile devices in our lives.

iOS 16.1.1 and 16.1.2

Apple recently released two software updates with security fixes: iOS 16.1.2 and iOS 16.2.

Chrome 9th Zero Day | CVE-2022-4262

Google released an emergency patch for a new zero-day vulnerability tracked as CVE-2022-4262. The CVE is found in the V8 Javascript engine of Chromium

ChromeHeap | CVE-2022-4135

Google patched a new zero-day found in the GPU component of the Chromium open-source web browser causing a heap buffer overflow.

Samsung Devices | CVE-2021-25337/369/370

Google TAG under Project Zero revealed an active kill chain that exploits vulnerabilities in Samsung devices.

Chrome Zero Day | CVE-2022-3723

Google recently released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind popular web browser

iOS 16 Zero Day

"Apple recently released a software update to iOS 16.1 and iPadOS 16 to patch a zero-day kernel vulnerability identified as CVE-2022- 42827"

CVE-2022-3075

Google released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind some popular web browsers.

iOS 15.6.1 Zero-Day

Apple released a software update to iOS and iPadOS 15.6.1 to patch a zero-day kernel vulnerability identified as CVE-2022-32917.

Sharkbot V2

Threat researchers discovered multiple Google Play listings for dropper apps which installed the infamous mobile banking trojan Sharkbot.

iOS 15.6 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.6 to patch two core zero-day vulnerabilities, CVE-2022-32894 (Kernel) and CVE-2022-32893 (Webkit).

iOS 15.5 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.5 to patch 35 issues, including two critical vulnerabilities identified by Lookout which grant control of the device.

8 iOS & Android CVEs

CISA recently announced several exploitable mobile vulnerabilities that can affect both Android and iOS devices. They vary in severity and can be deployed in several ways.

CVE-2022-1633 – 1641

Researchers recently discovered and disclosed to Google nine vulnerabilities in Google Chrome for Android. The vulnerabilities are CVE-2022-1633 through CVE-2022-1641.

CVE-2022-1364

Google's Threat Analysis Group recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-1364.

Cyber Readiness and the Russia-Ukraine War

Listen in on this 5-minute Fridays episode where I discuss what’s going on in Ukraine and how organizations can be cyber ready.

Are You the Unintended Victim of a Supply Chain Attack?

In this episode, host Hank Schless is joined by Vodafone security experts Andy Deacon and Verity Carter-Johnson to define what a supply chain is, and the risks involved

Abstract Emu Threat Report

Researchers at the Lookout Threat Lab have identified a new rooting malware distributed on Google Play, Amazon Appstore and the Samsung Galaxy Store.

U.S. Federal Mobile Threats

Lookout analyzed its mobile security data to provide a view into the current mobile security risks facing US Federal government mobile users.

Productivity Suites Like Office 365 Are Vital to How Work Remotely

Lookout helps businesses scale mobile security as employees go remote.

Know Thy Enemy: What Is Pegasus and What Can You Do?

Veteran of the cybersecurity industry, Joseph Davis of Microsoft, explains how spyware came to be, its implications and how you can protect yourself and your organization

How Manufacturers Can Mitigate Mobile Phishing Risks

From the inherent risks of cloud apps to the ongoing need to protect intellectual property and maintain industry compliance. Learn how to protect your manufacturing business.

Lookout + Google Cloud

Together, Lookout and Google ensure only trusted mobile devices have access to your sensitive data.

It’s All About Phishing

Tune in to find out how the likes of WhatsApp, Twitter, and Tinder have made phishing so dangerous on the mobile device.

Lookout Discovery – Chinese Surveillanceware

Lookout is constantly discovering and researching new threats to protect and advise our customers

Lookout CCA + GSuite Continuous Conditional Access

Read the four mobile security insights CISOs must know to prepare for a strategic conversation with the CEO and board about reducing mobile risks.

The Four Biggest Threats to Financial Services

With mobile as a catalyst for digital transformation in financial services, organizations must secure all users, devices, apps, and data —from endpoints to the cloud.

Lookout Integrations and Alliances Overview

As the leading provider of mobile security, Lookout integrates with tools that help organizations benefit from unified security, visibility, and management of endpoints.

Schneider Electric Rapidly Deploys Security to Global Fleet

Learn how an organization with 50,000 mobile devices was able to seamlessly deploy and integrate mobile security.

Nation State Mobile Surveillanceware Using Phishing To Con Victims

Lookout Security Intelligence has discovered a set of custom Android and iOS surveillanceware tools we’re respectively calling Stealth Mango and Tangelo.

Lookout App Security Assessment

A Lookout App Security Assessment report summarizes the relevant, actionable results of Lookout's machine intelligence and researcher-driven analyses.

Mobile Intelligence: Get Access to the World’s Largest Mobile Dataset

Lookout's Mobile Intelligence Center accelerates mobile threat investigations with real-time access to the world's largest mobile dataset.