Scammers Are Impersonating Singapore Post With Phishing Messages

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel.

Lookout Discovers Hundreds of Predatory Loan Apps on App Stores

Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior.


Lookout Discovers Long-Running Surveillance Campaigns Targeting Uyghurs

Researchers from Lookout Threat Lab have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.

How to Protect Yourself from NSO's Pegasus Spyware

Even five years after Lookout and Citizen Lab discovered it, advanced mobile spyware Pegasus remains highly relevant.

Lookout Uncovers Hermit Spyware Deployed in Kazakhstan

Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.


Pfizer IP Leak Isn't Unique | Protect Your Cloud Data

This Pfizer IP leak exemplifies a rather mundane problem that has been amplified by cloud connectivity: data leakage.

Anubis Campaign Targeting Hundreds of Fin. Applications

Lookout researchers discovered a distribution of the Anubis banking malware masquerading as the official management app from the telecommunications company, Orange S.A..

What You Need To Know About the Banking Trojan Anubis

Lookout researchers have discovered a novel distribution of the Anubis Android banking malware masquerading as telecommunications company, Orange S.A.


Lookout Takes Down Phishing Scams Targeting U.S. Military Families

Lookout Threat Lab researchers looking into phishing campaign that has actively targeted families of United States military personnel. Details inside.

Achieving Zero Trust? One Size Does Not Fit All

We discuss the opportunities and challenges mobile and cloud technologies have created with Art Ashmann, Staff EUC Solutions Engineer at VMware.

Rooting Malware Makes a Comeback: Lookout Discovers Global Campaign

Security researchers at the Lookout Threat Labs have identified a new rooting malware distributed on Google Play, the Amazon Appstore and the Samsung Galaxy Store.

Lookout Unearths Android Crypto Mining Scams

Security researchers at the Lookout Threat Lab have identified over 170 Android apps, including 26 on Google Play, scamming people interested in cryptocurrencies.


Malware as a Service Meets Mobile Phishing: A Dangerous Combo

FluBot is a cheap but highly customizable baking trojan. SMS phishing takes advantage of the trust we put on our mobile devices.

2021 Day of Shecurity Event Reignites Diversity in Cyber

The exponential growth in success illustrates the fact that the tech industry is determined to reverse the diversity trend and encourage more women to join the field.

When Legit Apps Turn Malicious. Hint: It Happens Often

A popular Android app Barcode Scanner was recently found to be infected with adware. After an update in late 2020, it started pushing advertising to users without warning.

Why We Need More Women in Cybersecurity

As a member of the Lookout threat intelligence team, I’m often asked: “how do I break into the cybersecurity and IT industry?” I discuss this and more with Victoria Mosby.

Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict

The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.

Ensure Everyday is Data Privacy Day

The main theme I want to get across here is that data privacy is essential, especially as we continue to rely on our mobile devices for personal and...

What SolarWinds Teaches Us About Zero Trust for Mobile Endpoints

On 12/17/2020, CISA put out an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, tech companies and public facilities.


Predictions 2021: We Now Live in a Truly Mobile-first World

Here are five predictions about how we anticipate individuals and organizations will be forced to confront the threats targeting their information, privacy and devices.

New Spyware Used by Sextortionists | iOS/Android Blackmail

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.

Multiyear Surveillance Campaigns Discovered Targeting Uyghurs

The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).

Nation-state Mobile Malware Targets Syrians with COVID-19 Lures

Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.

New Threat - Commercial Surveillanceware Operators Exploit COVID-19

Are cybercriminals and scammer's taking advantage of increased communication around COVID-19? Discovery shows new surveillanceware exploits the pandemic.

Inside Look Into Phishing Campaign Targeting Mobile Banking

Lookout Phishing AI discovered a phishing campaign targeting customers via SMS messaging to lure them to fake websites of well-known Canadian and American banks.


Q&A: With Christoph Hebeisen, Head of Threat Intelligence

We sat down with our Head of Threat Intelligence, Christoph Hebeisen, to learn what it means to be a security researcher in a world of constantly evolving threats.

Phishing Attack Targeting UN Discovered by Lookout Phishing AI

Lookout Phishing AI has detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including UNICEF.

Q&A: A Candid Conversation With Women Working in Cybersecurity Today

In anticipation of the Day of Shecurity San Francisco, happening on October 11, we sat down with a few of our security intelligence engineers.

checkm8 IOS Vulnerability | Mobile Threat Defense Needs

Based on millions of iOS users that have installed Lookout and Lookout for Work apps, more than 80% of iPhones are vulnerable.

New Surveillanceware Developed by Russian Defence Contractor

Monokle is a new and sophisticated set of custom Android surveillanceware tools developed by the Russia-based company, Special Technology Centre, Ltd.

Adware "BeiTaAd" Found Hidden in Popular Applications

BeiTaAd is a well-obfuscated advertising plug-in hidden within a number of popular applications in Google Play. Discover more about this mobile threat.


Too Close to Home: Local Businesses Targeted by Phishing Attacks

Lookout Phishing AI has detected a campaign impersonating local government websites, including the City of San Mateo, City of Tampa, and Dallas County.

Commercial Spyware Has a New Name: Stalkerware

Stories like Pegasus and Dark Caracal’s Pallas are memorable because they tell a story of severe privacy threat with profound impact on victims’ lives.

Phishing Sites Distributing IOS & Android Surveillanceware

Lookout researchers have been tracking Android and iOS surveillanceware, that can exfiltrate contacts, recordings, photos, & more. Discover what was found.

An Inside Look at Nation-State Cyber Surveillance Programs

Based on attacker communications found on a command and control server, this talk provides rare insight into a nation state’s $23 million surveillance program.

Lookout Researchers Disable Android Malware

Lookout researchers have disabled DressCode, an Android malware family, with their click fraud business model and malware designed to evade detection in novel ways.


Lookout Discovers Phishing Site Targeting DNC

As reported in the media, Lookout has discovered a customer phishing kit targeted at the Democratic National Committee (DNC) via a third-party technology provider NGP VAN.

Stealth Mango and Tangelo | Surveillanceware Stealing Data

Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.

mAPT ViperRAT Found in Google Play

Lookout researchers discovered samples belonging to the ViperRAT malware family, a known mobile advanced persistent threat (mAPT), in the Google Play Store.

New Surveillanceware in Google Play Targeting Middle East

Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.


5 Year Old Banking Trojan/Malware As a Service Booming

BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials.

Mobile Persistent Threat Actor Running Global Espionage Campaign

Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign.

Mobile APT (mAPT) SpyWaller Re-emerges, May Include Western Targets

Lookout has discovered new variants of the SpyWaller surveillanceware with advanced espionage capabilities.


Understanding the Real Value of Machine Learning in Mobile Security

When done correctly, ML helps organizations defend against new, novel, and increasingly sophisticated mobile threats.

Fake Bitcoin Wallet Apps | Lookout Threat Intelligence

Lookout has identified three apps disguised as bitcoin wallet apps, previously in the Google Play Store, that trick victims into sending payments to bitcoin addresses.

Tropic Trooper Goes Mobile With Titan Surveillanceware

Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.

JadeRAT Mobile Surveillanceware Spikes in Espionage Activity

Lookout researchers are monitoring the evolution of an Android surveillanceware family known as JadeRAT, we believe may be connected to a government sponsored APT group.


Mobile Vulnerabilities: What They Are and How They Impact Enterprise

Mobile device vulnerabilities can have equally devastating consequences, including compliance fines and brand reputation loss.


Machine Learning in Cybersecurity: Cutting Through the Hype

Here’s a little insight into the fundamentals of ML to help you separate empty claims and buzzwords from real value creation when evaluating cybersecurity solutions.

FrozenCell: Multi-Platform Surveillance Campaign Against Palestinians

Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.

XRAT Malware Tied to "Xsser/MRAT" Surveillance

Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.

Igexin Advertising Network Put User Privacy at Risk

The Lookout Security Intelligence team has discovered an advertising software development kit (SDK) called Igexin that had the capability of spying on victims.

SonicSpy: Over a Thousand Spyware Apps Discovered

Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Discover more with Lookout today.


DEFCON Preview: Security Research on the Apple Watch

Sometimes security research sheds light on the incredible amount of patience and creativity needed to better understand the inner workings of today’s latest technologies.


Sideloaded Apps Demo: How Third-Party Apps Can Leak Corporate Data

See this video to learn why enterprises should have visibility into sideloaded apps within their fleet of mobile devices.


How to Think About the Risks Facing Data From Mobility

The Spectrum of Mobile Risk research report and the Mobile Risk Matrix is designed to help security organizations understand the risks to enterprise data from mobility.

Pegasus for Android: The Other Side of the Story Emerges

Lookout and Google are releasing research into the Android version of one of the most sophisticated and targeted mobile attacks we’ve seen in the wild: Pegasus.

Mobile Safari Scareware Campaign Thwarted

Apple released an update to iOS (10.3) changing how Mobile Safari handles JavaScript pop-ups after Lookout discovered scammers using the functionality to execute scareware.

ViperRat - Mobile APT Targeting Israeli Defense Force

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.


Ghost Push and Gooligan: One and the Same

This is not actually a net new malware family, but rather it’s a variant of the family “Ghost Push,” a threat first discovered in 2014.

Trident Vulnerabilities: All the Technical Details in One Place

Today, Lookout released the technical details behind “Trident,” a series of iOS vulnerabilities that allow attackers to jailbreak a user’s device and install spyware.


DirtyCow and Drammer Vulnerabilities | Android Threats

Two especially critical flaws that allow an attacker to root or completely compromise a device have just been added to the litany of vulns on Android devices.

Four Spyware Apps Removed from Google Play

Through close collaboration with an enterprise customer, Lookout identified Overseer, a piece of spyware we found in four apps live on the Google Play store.

Encryption and VPNs Alone Do Not Protect You From Pegasus/Trident

Encryption and VPNs are excellent tools that protect sensitive data in most situations. But, given the extreme sophistication of the Pegasus attack these tools won’t work.

Pegasus and Trident: Your Questions Answered

Pegasus is a highly sophisticated piece of spyware that uses three previously unknown vulnerabilities called “Trident.” This is the most sophisticated mobile attack seen.

Security Alert: Apple Just Patched Trident in Macs, Too

Lookout and our partners discovered another detail: three software holes were present in Apple’s Mac computers.

Sophisticated Mobile Attack Against High-Value Targets on iOS

Citizen Lab and Lookout have uncovered a threat using three critical iOS zero-day vulnerabilities that form an attack chain that subverts even Apple’s security environment.

Linux Flaw Allows Anyone to Hijack Internet Traffic | Android Devices

Lookout has discovered that an exploit in TCP also impacts nearly 80% of Android, or around 1.4 billion devices, based on an install base reported by Statista.


A Closer Look at iOS 9.3.3: Apple Patches 43 Security Vulnerabilities

Apple released the latest version of iOS version 9.3.3 on July 18 including patches for 43 security vulnerabilities.

Pokemon Go: New Tampered Apps & What You Can Do

Pokemon Go, is arguably the biggest mobile game in US history, but while fame breeds fans — even employees in the enterprise — it also attracts many opportunistic attackers.

A Spike in Shedun, Also Known as HummingBad

Shedun is trojanized adware that roots Android devices, masquerading as legitimate apps such as Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app.


LevelDropper: A Takedown of Autorooting Malware in Google Play

LevelDropper, an app in the Google Play Store that Lookout determined to be malicious, the latest example of a new and persisting trend in mobile threats: autorooting malware.

What a Real Life Risky App Looks Like: A Warning From the DoD

In late May 2016, the U.S. Department of Defense (DoD) released an advisory about an Android app called “CAC Scan,” which was found publicly available on Google Play.

The House Always Wins: Takedown of a Banking Trojan in Google Play

Lookout recently identified an app called “Black Jack Free” in the Google Play store, which turned out to be a variant of the malware family Acecard.

4 New Threats to Banking Apps That Show App Hardening's Importance

Four recently uncovered threats targeting banking apps shine new light on why all apps that handle sensitive data need to be secured from the inside out.

Brain Test Re-Emerges: 13 Apps Found in Google Play

With the help of the Lookout Security Cloud, we confirmed our suspicions that the author(s) behind the Brain Test malware had slipped additional malicious apps to Google Play.

Trojanized Solitaire App Slips Into Google Play Store

What solitaire app in Google Play’s gaming category is actually a version of the malware family FruitSMS? See what has been done at today.

Trojanized Adware Family Abuses Accessibility Service

In addition to rooting a victim’s device, Lookout observed Shedun abusing the Android Accessibility Service for its malicious means.

InstaAgent: What It Is and What You Can Do About It

Recently, news broke about a concerning app called InstaAgent. The app connects to the victim’s Instagram account and steals the user’s login credentials.

New Trojanized Adware Found - 20K Popular Apps Caught

See why auto-rooting adware is a worrying development in the Android ecosystem. Discover more information in mobile security with Lookout today.


South Korea's Govt Approved Child-Targeted Surveillanceware

How did one of the most widely-used, South Korean government-approved "monitoring software" solutions actually leave children's data wide open? Learn more.


Kemoge: Lookout Protects Against Malware That Roots Devices

ShiftyBug is a piece of Android malware that roots a victim’s device and installs itself as a system application. What are the threats? Are you protected?

Good News: Lookout Can Protect You From XcodeGhost

Lookout protects you from XcodeGhost by automatically detecting and alerting you to the offending app. See how iOS users are being protected with Lookout.

XcodeGhost iOS Malware: Affected Apps and What You Should Do

Researchers recently found a piece of iOS malware called XcodeGhost in a number of apps in the Apple App Store. XcodeGhost is a piece of malware that can steal data


First iOS Malware Outbreak | How Many Devices Affected?

XcodeGhost is the latest example that iOS devices, indeed any device, can be subject to attack and that even a highly-curated app store can contain malicious apps.


Security Advice to Tesla and the Auto Industry

After hacking a Tesla over the past year, Kevin Mahaffey came to a simple conclusion: “When you connect a car to the Internet, it is a computer on wheels.”


KeyRaider: Simplified

The recently revealed KeyRaider is yet another proof point that malicious actors are looking to tinker with iOS.

Hacking a Tesla Model S: What We Found and What We Learned

Vehicles are becoming computers on wheels with today's ever-changing auto tech. See why the auto industry must consider cybersecurity more than ever before.


3 Best Practices for Building Secure Connected Cars

Vehicles are becoming computers on wheels and now have more in common with your laptop than they do the Model T.

Stagefright New Android Vulnerability | Threat Intelligence

Update: We have released a detector app to help you know whether your device is affected. Learn more here. What is Stagefright?

Jailbreaking Not a Requirement for Infection iPhones

This week, the security world exploded with the news that Hacking Team, a vendor of Italian spyware was hacked.


Japanese Malware Abuses Service | Android Accessibility

The accessibility service in Android helps give the disabled and individuals with restricted access to their phones alternative ways to interact with their mobile devices.


The FREAK Vuln: What It Is and What You Can Do

What is the FREAK vulnerability? FREAK is the latest in a line of recently uncovered vulnerabilities affecting the way communications are secured over the Internet.

13 More Pieces of Adware Slip Into the Google Play Store

Lookout has found 13 instances, or apps, with adware in Google Play, some of which pretend to be Facebook and have malware-like characteristics.


SocialPath Malware Pretends to Protect Data, Then Steals It

Today, privacy tools are of increased importance. They help people understand what kind of data they're sharing and can help keep your personal information personal.

DeathRing: Pre-Loaded Malware Hits Smartphones

DeathRing is a Chinese Trojan that is pre-installed on a number of smartphones most popular in Asian and African countries.

The New NotCompatible | Threat to Enterprise Networks

Over the past two years, Lookout has tracked the evolution of NotCompatible, which has set a new bar for mobile malware sophistication and operational complexity.


WireLurker: Another Sign Mobile Is the Emerging Dominant Platform

WireLurker, the iOS malware hitting headlines this morning, is a proof point that malware authors are turning their heads toward the tiny computers living in your pockets.


Android Lollipop Top Security Features

Android got a security leg-up in today’s roll out of Lollipop, the latest mobile operating system version to come out of Google.


POODLE: What It Is and What Lookout Has Done to Protect You

Poodle lets criminals hijack your secured sessions, steal the information needed to pretend to be you, and then act on your behalf.

Protect Cloud Data in the Wake of the Pfizer Data Leak

We often associate breaches with corporate espionage and threat groups, but as the Pfizer IP leak incident showed, cloud connectivity has actually amplified security gaps.

Energy Industry Threat Report

The energy industry is a prime target for attacks as mobile threats like phishing and app encounter rate is higher than other industries. Discover what these threats mean.

Lookout | GovLoop Academy

This course, developed in collaboration with Lookout, explores the key risks of app security and highlights two tools that can help you assess and address those risks.

Telework Exposed to Heightened Mobile Risk

Lookout data reveals that U.S. government organizations are exposed to hundreds of vulnerabilities from outdated operating systems and risky apps which steal credentials.

The Pharmaceutical Threat Report

Access the Pharmaceutical Threat Report to better understand the risks mobile devices have introduced into your organization with Lookout today.

Rise in Mobile Phishing Credential Theft Targeting U.S. Public Sector

Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities.

Financial Services Threat Report

Mobility and cloud apps are now a key component of how financial institutions operate. Read this report to better understand the risks your organization is exposed to.

Securing Telework From 2020 and Beyond

As public and private industries shift to telework, thanks to long-term innovation and short-term necessity, it’s clear that telework is here to stay. But to what scale?

iOS 16.1.1 and 16.1.2

Apple recently released two software updates with security fixes: iOS 16.1.2 and iOS 16.2.

Chrome 9th Zero Day | CVE-2022-4262

Google released an emergency patch for a new zero-day vulnerability tracked as CVE-2022-4262. The CVE is found in the V8 Javascript engine of Chromium

ChromeHeap | CVE-2022-4135

Google patched a new zero-day found in the GPU component of the Chromium open-source web browser causing a heap buffer overflow.

Samsung Devices | CVE-2021-25337/369/370

Google TAG under Project Zero revealed an active kill chain that exploits vulnerabilities in Samsung devices.

Chrome Zero Day | CVE-2022-3723

Google recently released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind popular web browser

iOS 16 Zero Day

"Apple recently released a software update to iOS 16.1 and iPadOS 16 to patch a zero-day kernel vulnerability identified as CVE-2022- 42827"


Google released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind some popular web browsers.

iOS 15.6.1 Zero-Day

Apple released a software update to iOS and iPadOS 15.6.1 to patch a zero-day kernel vulnerability identified as CVE-2022-32917.

Sharkbot V2

Threat researchers discovered multiple Google Play listings for dropper apps which installed the infamous mobile banking trojan Sharkbot.

iOS 15.6 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.6 to patch two core zero-day vulnerabilities, CVE-2022-32894 (Kernel) and CVE-2022-32893 (Webkit).

iOS 15.5 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.5 to patch 35 issues, including two critical vulnerabilities identified by Lookout which grant control of the device.

8 iOS & Android CVEs

CISA recently announced several exploitable mobile vulnerabilities that can affect both Android and iOS devices. They vary in severity and can be deployed in several ways.

CVE-2022-1633 – 1641

Researchers recently discovered and disclosed to Google nine vulnerabilities in Google Chrome for Android. The vulnerabilities are CVE-2022-1633 through CVE-2022-1641.


Google's Threat Analysis Group recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-1364.

Cyber Readiness and the Russia-Ukraine War

Listen in on this 5-minute Fridays episode where I discuss what’s going on in Ukraine and how organizations can be cyber ready.

Are You the Unintended Victim of a Supply Chain Attack?

In this episode, host Hank Schless is joined by Vodafone security experts Andy Deacon and Verity Carter-Johnson to define what a supply chain is, and the risks involved

Abstract Emu Threat Report

Researchers at the Lookout Threat Lab have identified a new rooting malware distributed on Google Play, Amazon Appstore and the Samsung Galaxy Store.

U.S. Federal Mobile Threats

Lookout analyzed its mobile security data to provide a view into the current mobile security risks facing US Federal government mobile users.

Productivity Suites Like Office 365 Are Vital to How Work Remotely

Lookout helps businesses scale mobile security as employees go remote.

Know Thy Enemy: What Is Pegasus and What Can You Do?

Veteran of the cybersecurity industry, Joseph Davis of Microsoft, explains how spyware came to be, its implications and how you can protect yourself and your organization

How Manufacturers Can Mitigate Mobile Phishing Risks

From the inherent risks of cloud apps to the ongoing need to protect intellectual property and maintain industry compliance. Learn how to protect your manufacturing business.

Lookout + Google Cloud

Together, Lookout and Google ensure only trusted mobile devices have access to your sensitive data.

It’s All About Phishing

Tune in to find out how the likes of WhatsApp, Twitter, and Tinder have made phishing so dangerous on the mobile device.

Lookout Discovery – Chinese Surveillanceware

Lookout is constantly discovering and researching new threats to protect and advise our customers

Lookout CCA + GSuite Continuous Conditional Access

Read the four mobile security insights CISOs must know to prepare for a strategic conversation with the CEO and board about reducing mobile risks.

The Four Biggest Threats to Financial Services

With mobile as a catalyst for digital transformation in financial services, organizations must secure all users, devices, apps, and data —from endpoints to the cloud.

Lookout Integrations and Alliances Overview

As the leading provider of mobile security, Lookout integrates with tools that help organizations benefit from unified security, visibility, and management of endpoints.

Schneider Electric Rapidly Deploys Security to Global Fleet

Learn how an organization with 50,000 mobile devices was able to seamlessly deploy and integrate mobile security.

Nation State Mobile Surveillanceware Using Phishing To Con Victims

Lookout Security Intelligence has discovered a set of custom Android and iOS surveillanceware tools we’re respectively calling Stealth Mango and Tangelo.

Lookout App Security Assessment

A Lookout App Security Assessment report summarizes the relevant, actionable results of Lookout's machine intelligence and researcher-driven analyses.

Mobile Intelligence: Get Access to the World’s Largest Mobile Dataset

Lookout's Mobile Intelligence Center accelerates mobile threat investigations with real-time access to the world's largest mobile dataset.