

Lookout
Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Security Cloud can identify connections that would otherwise go unseen and predict and stop mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.
My Articles
Cloud Data Protection: How 5 Organizations Stay Secure With Lookout
To enforce cloud data protection policies across SaaS apps, a cloud access security broker (CASB) has become a necessity.
4 Best Practices for Protecting Against Cloud Security Risks
SaaS apps are essential in driving efficiency and promoting collaboration, but securing your organization against cloud security threats can be a unique challenge.
Cloud Application Security: Protecting Data in SaaS Apps
IT teams must find a way to secure SaaS apps, and existing security solutions simply aren’t designed to protect sensitive data in the cloud.
The Work-Life Mix-up: How to Stay Secure in the Hybrid Work Era
Workers’ attitudes toward work and technology have shifted, and with this, the security landscape has also changed.
Office 365 and Azure Exploited in Massive U.S Government Hack
According to SolarWinds filings with the SEC, the involved attackers were able to compromise the company’s Microsoft Office 365 emails with forged SAML tokens.
Why Do I Need a Next-Gen Secure Web Gateway?
The internet is now your default corporate network. To support the way your organization now operates, you need a modern, cloud-based SWG that matches the way you work.
Q&A: Why Diversity in Cybersecurity Is So Important
In anticipation of the Day of Shecurity happening on December 8th, we sat down with Staff Security Intelligence Engineer, Kristina Balaam to get her take on diversity.
Symmetric vs. Asymmetric Encryption – Which is Best?
One of the basic questions in considering encryption is to understand the differences between symmetric and asymmetric encryption methods, and where to apply each method.
Critical Mobile Security Capabilities Everyone Needs
While away from the office, your workers are using their mobile devices to stay productive. So how do you secure your data in this new reality?
Four Best Practices for Securing Microsoft 365 Against Risks
Let's tackle security gaps across Office 365 and other connected clouds that are typically missed by traditional cloud security and data protection controls.
Framing ZTNA & Security Parameters: Risks Tenets & Best Practices
The prolific adoption of all things cloud (IaaS, PaaS, and SaaS) continues to drive massive fragmentation in security strategies and tooling used to address these challenges.
The Cloud, the Breach, and the Increased Role of CSPM
Cloud adoption has reached stratospheric levels causing increased volume of workloads & applications usage. Enter Cloud Security Posture Management (CSPM).
Three Key Takeaways From Our ‘Security in Motion’ Summit
As the leader in mobile security, we hosted a summit to help professionals around the world unpack the challenges related to today's mobile reality.
Securing SAP SuccessFactors – Protecting Human Capital
Organizations require tighter controls to protect their multi-cloud environments and data from potential data leaks or breaches due to misconfigurations.
Gartner 2020 CASB Magic Quadrant - Visionary Performance
We’re extremely pleased to note that the Lookout CASB platform has successfully captured the title of “Visionary” from industry analysts Gartner.
Advancing Cloud DLP Through Smarter Policies
In the world of data loss prevention (DLP), the issue of policy effectiveness is similarly a critical aspect of ensuring overall success.
Improving Data Security for SaaS Apps | CASB
Today’s security practitioners need practical guidelines and technical capabilities that support their expanding SaaS usage.
4 Best Practices for Securing Enterprise Data in Microsoft Office 365
How to address O365 and Teams security issues.
Q&A: Michael Kaiser on State of Election Campaign Security
According to Tech for Campaigns, 90% of presidential campaigns’ 2018 digital campaign ad spend was delivered to mobile devices.
Securing the Multi-Cloud Environment through CSPM and SSPM
With the growing cloud popularity and adoption, organizations migrating their business-critical applications to the cloud are overlooking a simple cloud security question.
Five Step UEBA to Detect and Stop Insider Attacks
While organizations invest substantially into security solutions, one thing overlooked is the communication between apps and devices in the cloud-mobile environment.
CASB for Box
Easily enable data loss prevention and data protection without compromising Box ease-of-use
CASB for Microsoft 365
Lookout CASB safeguards your Microsoft 365 data while boosting cloud productivity
CASB for SAP SuccessFactors
Leverage SAP SuccessFactors to its fullest potential, meet strict privacy and data protection requirements.
CASB for Slack
Collaborate on Slack without compromising your data, empower digital communication without sacrificing security.
Cloud Data Encryption
Encrypt your data in the cloud and keep the keys to assure security and compliance.
Lookout Data Loss Prevention
Full Visibility and Data Protection for Email, SaaS and IaaS Applications
Q&A: With Christoph Hebeisen, Head of Threat Intelligence
We sat down with our Head of Threat Intelligence, Christoph Hebeisen, to learn what it means to be a security researcher in a world of constantly evolving threats.
Lookout Partners With Google To Protect Users From App Risk
With this partnership, Lookout can stop malicious apps before they become a threat by scanning apps submitted to the Google Play Store before they are available for download.
Continuous Conditional Access for Office 365
In a well-attended session at Microsoft ignite yesterday, Brad Anderson, Corporate Vice President, Microsoft Corp, demoed Lookout Continuous Conditional Access for Office 365.
5 Steps in the Mobile Phishing Kill Chain
In order for enterprises to protect their users and corporate data from modern phishing attacks, they must first understand how mobile phishing attacks work.
The Government IT Problem: The Security Perimeter Has Disappeared
Government work has changed. Critical data needed for employees to work has moved to the cloud and needs to be accessible from any device, wherever employees are.
Q&A: A Candid Conversation With Women Working in Cybersecurity
In anticipation of the Day of Shecurity San Francisco, happening on October 11, we sat down with a few of our security intelligence engineers.
Schneider Electric Secures 50k Devices with Lookout MES
By selecting Lookout Mobile Endpoint Security, Schneider Electric gained immediate visibility into the mobile security and risk posture of its mobile users.
Lookout & VMWare Partner to Tackle Mobile Threats
Lookout has completed its integration with the VMware Workspace ONE Intelligence platform, providing organizations with a consolidated view of their digital environment.
Q&A: Update on FISMA Mobility Metrics for Federal Agency Leaders
Victoria Mosby, Federal Sales Engineer for Lookout, shares insights and talks about what needs to be done to strengthen the government’s overall mobile security posture.
Lookout and Buguroo Partner To Combat Fraud and Data Compromise
New strategic partnership provides a cloud-based, deep learning approach to mitigate cyber threats and fraud on mobile apps and online channels in real-time
Mobile Phishing Protection: Defend Against HTTPS Phishing Attacks
With Lookout deployed, enterprises have comprehensive mobile phishing protection, ensuring that their corporate data is secure in today’s mobile-first world.
Lookout & Trustonic: Enhanced Mobile Security for Banking Apps
Lookout and Trustonic join to provide customers with protection from cyberthreats targeting banking, payment and other critical mobile transactions
Partnership with DXC Technology | Post-Perimeter Security
In order to support and secure the ever-evolving workplace, DXC Technology is introducing DXC Mobile Threat Defense, combining forces with Lookout.
Tackle Endpoint Security Challenges With Mobile Threat Management
Most enterprise employees now use smartphones and other mobile devices to access business data and apps from anywhere and at any time.
Lookout Integration With the Microsoft Graph Security API
Announced at Microsoft Ignite, this integration will enable Lookout mobile security threat information to be accessible from the Microsoft Graph Security API.
Improve Mobile Security Now — Or It Could Be Mandated Later
The trend toward mobility is an essential part of fulfilling the government’s mission of service to the American public.
Lookout Brings Mobile Security to SentinelOne Customers
Together with Lookout, SentinelOne will now be able to offer organizations a way to secure mobile endpoints as thoroughly as they protect traditional endpoints.
Day of Shecurity: The Top Women in Federal Cybersecurity
Now is the time to change the status quo by advocating more women to consider cybersecurity as a possible career path.
Mobile Threat Defense: A Super-Guide for Buyers
Here are our top three considerations and resources we feel will guide you when evaluating mobile threat defense/mobile threat management vendors.
Govt. Employees Being Human: How Mobile Behavior Impacts Security
The federal government has moved aggressively in recent years to put mobile technology into the hands of its workforce.
Mobile Security at the Center of Federal Internet of Things (IoT)
The "Internet of Things Cybersecurity Improvement Act of 2017," ensures that vendors selling IoT devices to the U.S. government meet certain cybersecurity standards.
Better Federal Mobile Security — An Interview With Kiersten Todt
Over the past decade, the federal government has followed the rest of society in a general move towards mobility.
Mobile Phishing: The Biggest Unsolved Problem in Cybersecurity
Mobile phishing brings together new channels for phishing employees and reduced screen size, causing one of the biggest problems businesses have faced in cybersecurity yet.
Federal IT Change and the Leaders Making It Happen
2018 will bring the most change on the federal IT front in the past two decades, with the move to mobile being a major catalyst.
Lookout Joins MaaS360 on IBM Security App Exchange
Lookout is excited to announce that Lookout Mobile Endpoint Security is now available on the IBM Security App Exchange.
Myth: Federal Agencies Aren’t Being Attacked on Mobile
Government agencies are being actively attacked on mobile, according to a new Lookout survey of 200 security and IT professionals.
New Survey Indicates Mobile Risks Are High, Visibility Is Low
While most IT and business leaders believe that mobile threats and risks to corporate data are a real problem, their visibility into these risks is lacking.
The Evolving Mobile Threat Landscape
Unfortunately, it's fairly common for employee to use a smartphone at work that has access to vital corporate information assets.
Lookout Is ISO 27001, FedRAMP, and Privacy Shield Certified
When government agencies and multinational companies choose a security solution it's critical that they are able to trust those solutions to handle data securely.
Mobile Data Leaks How to Think About Behaviors and Configurations
A CISOs' number one priority is to protect the enterprise from data loss and leakage. This means protecting all endpoints — mobile included — from attack.
Network Protection for Mobile Man-in-the-Middle Attacks
Today we are excited to announce the availability of network protection, an automated on-device analysis of network connections that defends against man-in-the-middle attacks
Where Federal Agencies Are Putting Their Money in Mobile Security
Lookout VP of Federal Bob Stevens disusses how the Spectrum of Mobile Risk impacts government agencies and organizations.
Sideloaded Apps Demo: How ThirdParty Apps Can Leak Corporate Data
See this video to learn why enterprises should have visibility into sideloaded apps within their fleet of mobile devices.
How to Think About the Risks Facing Data From Mobility
The Spectrum of Mobile Risk research report and the Mobile Risk Matrix is designed to help security organizations understand the risks to enterprise data from mobility.
Mobile Risk: How to Think About Risks Facing Mobile Data
The Spectrum of Mobile Risk research report helps security organizations understand the range of risks to enterprise data from mobility
Management Solutions That Don’t Secure Dead Perimeters
Ed Amoroso, former CSO at AT&T and current CEO of TAG Cyber, talks about the complexities of securing your enterprise now that mobile devices are a ubiquitous technology.
Securing Mobile Now Will Give You Stronger Security Later
Phil Reitinger discusses the importance of CIOs and CISOs sharing goals and why enterprises won’t be able to secure everything while still remaining compliant.
5 Non-Negotiable Principles to Combat Cyber War on Mobile
Cyber war is a term the U.S. government is intimately familiar with, but woefully unprepared for when it comes to mobile.
Mobile Devices Are the Future of Work
Enterprise employees are using their mobile devices to do their jobs today, but the day when these devices usurp PCs as the preferred device for work is coming fast.
Privacy Zeitgeist
Lookout/ICM research shows that Brits are now hyper-vigilant about protecting the privacy of the data on their mobile phones.
It’s 9am, Do You Know Where Your Data Is?
Fifty-six percent of IT and security professionals believe people are only accessing texts and emails, according to a report from The Ponemon Institute.
Holistic Mobile Security Means Protection From Apps & Data Leaks
Mobile apps have become the primary way we access data, employees have wide control over their mobile environment, and you don’t know who developed those mobile apps.
Device Already Infected With Pegasus? Updating Your OS Won’t Help
Updating a device to the latest iOS version will not remove or identify a pre-existing Pegasus infection on a device.
Encryption and VPNs Alone Do Not Protect You From Pegasus/Trident
Encryption and VPNs are excellent tools that protect sensitive data in most situations. But, given the extreme sophistication of the Pegasus attack these tools won’t work.
MDM Solutions Don’t Deliver Sufficient Protection Against Pegasus
A Mobile Device Management (MDM) solution is not by itself a sufficient protection against advanced, targeted threats like the Pegasus spyware.
You Heard About Pegasus & Trident. Here’s What You Should Do Now
CIOs and CISOs need to be reacting to the Pegasus attack now to prevent further damage. Here are the top five things to do.
Now Available: The Practical Guide to Enterprise Mobile Security
The Practical Guide to Enterprise Mobile Security is a one-stop shop for enterprise IT teams looking to enable mobile productivity in their organizations.
Android Security Bulletin: A Year of Patches
One year into Google’s monthly patching for Android, the August 2016 bulletin contains 103 patches, just short of the high of 108 from last month.
Introducing the App Genome Project
Lookout App Genome Project was created to identify security threats in the wild and provide insight into how applications are accessing personal data
Lookout and Microsoft: Securing Enterprise Mobility Together
Lookout and Microsoft announced a new partnership that integrates Lookout Mobile Threat Protection with the Microsoft Enterprise Mobility Suite.
What a Mobile Data Breach Will Do to Your Bottom Line
With the average cost to triage a mobile malware infection at $9,485, IT and security departments could spend a total of $26.4 million annually.
How Global Enterprises Protect Themselves Against Mobile Attack
Employee access to confidential data on mobile has increased substantially over the past two years. Enterprises worldwide are adopting new tactics to secure that data.
Cybersecurity Effectiveness Will Be Measured by Risk Reduction
Many businesses think deploying a security solutions is enough, but checking a box isn’t going to keep corporate data safe.
Yahoo’s 2013 Breach Proves You Should Be Tracking Data Breaches
This Yahoo data breach story shows the great difficulty both companies and the public face in understanding the full scope of a breach.
Security Advice to Tesla and the Auto Industry
After hacking a Tesla over the past year, Kevin Mahaffey came to a simple conclusion: “When you connect a car to the Internet, it is a computer on wheels.”
KeyRaider: Simplified
The recently revealed KeyRaider is yet another proof point that malicious actors are looking to tinker with iOS.
POODLE: What It Is and What Lookout Has Done to Protect You
Poodle lets criminals hijack your secured sessions, steal the information needed to pretend to be you, and then act on your behalf.
Mobile Mind Isn't Going To Be Profitable
Digital currency miners are a new trend in the mobile world including BadLepricon, CoinKrypt, Widdit, FreeLotto, and TokenCrypt. What are the threats?
Lookout Business Resilience
With mobile devices used to complete business processes and access company data, our customers rely on our software to deliver round-the-clock protection.
Security Alert: A Flap Over Fakes
FlappyBird fell victim to attackers who exploited the games popularity by injecting Trojans in fake versions of the extinct app.
Carrier IQ: What You Should Know
What is Carrier IQ? Carrier IQ is diagnostic software that comes pre-installed on some mobile devices.
iOS 16.6.1 and iOS 17.0
Apple recently released two software updates for iOS and iPad OS for vulnerabilities that can form an exploit chain and are also known to install Predator spyware.
Scattered Spider
Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign
CVE-2023-4863
Google released a patch for a new zero-day vulnerability in Chrome tracked as CVE-2023-4863, which CISA also listed in their database.
ASPL 2023-09-01 / CVE-2023-35674
An Android framework privilege escalation vulnerability, was recently discovered being exploited in the wild, and has since been fixed by the 2023-09-01
BlastPass - iOS 16.6 and 15.7.8
Apple released two security updates, 16.6.1 and 15.7.9 for iOS and iPadOS to address the vulnerabilities exploited by the BlastPass exploitation chain.
iOS 15.7.5/ iOS 16.4
Apple recently released two critical updates for iOS with heavy security implications.
Multiapp-CVE-2023-3079
Google released an emergency patch for a new zero-day vulnerability tracked as CVE-2023-3079 on June 5th.
Operation Triangulation
Triangulation malware is now known to be in use against Kaspersky employees for at least four years.
iOS 16.5.1
Apple released Rapid Security Response (RSR) late last week to cover for a vulnerability which is affecting all iPhones and iPads.
Samsung & Android Security Fixes
CISA announced 7 actively exploited vulnerabilities recently which were fixed by the vendors over the time.
iOS 16.5
Apple released two new iOS versions, iOS 16.5.1 and iOS 15.7.7, last week. In a recently released Lookout threat guidance for Operation Triangulation, we described the severity of the Triangulation malware.
Pegasus for Android: The Other Side of the Story Emerges
Lookout and Google are releasing research into the Android version of one of the most sophisticated and targeted mobile attacks we’ve seen in the wild: Pegasus.
Good News: Lookout Can Protect You From XcodeGhost
Lookout protects you from XcodeGhost by automatically detecting and alerting you to the offending app. See how iOS users are being protected with Lookout.
mAPT ViperRAT Found in Google Play
Lookout researchers discovered samples belonging to the ViperRAT malware family, a known mobile advanced persistent threat (mAPT), in the Google Play Store.
Trident Vulnerabilities: All the Technical Details in One Place
Today, Lookout released the technical details behind “Trident,” a series of iOS vulnerabilities that allow attackers to jailbreak a user’s device and install spyware.
Trojanized Adware Family Abuses Accessibility Service
In addition to rooting a victim’s device, Lookout observed Shedun abusing the Android Accessibility Service for its malicious means.
Pegasus and Trident: Your Questions Answered
Pegasus is a highly sophisticated piece of spyware that uses three previously unknown vulnerabilities called “Trident.” This is the most sophisticated mobile attack seen.
InstaAgent: What It Is and What You Can Do About It
Recently, news broke about a concerning app called InstaAgent. The app connects to the victim’s Instagram account and steals the user’s login credentials.
Phishing Sites Distributing IOS & Android Surveillanceware
Lookout researchers have been tracking Android and iOS surveillanceware, that can exfiltrate contacts, recordings, photos, & more. Discover what was found.
Brain Test Re-Emerges: 13 Apps Found in Google Play
With the help of the Lookout Security Cloud, we confirmed our suspicions that the author(s) behind the Brain Test malware had slipped additional malicious apps to Google Play.
Strandhogg Vulnerability | Android OS Safeguards
Promon, a Lookout partner, reported on Strandhogg, a vulnerability in the Android OS that allows for one app to display an Activity in the UI context of another app.
South Korea's Govt Approved Child-Targeted Surveillanceware
How did one of the most widely-used, South Korean government-approved "monitoring software" solutions actually leave children's data wide open? Learn more.
LevelDropper: A Takedown of Autorooting Malware in Google Play
LevelDropper, an app in the Google Play Store that Lookout determined to be malicious, the latest example of a new and persisting trend in mobile threats: autorooting malware.
KeyRaider: Simplified
The recently revealed KeyRaider is yet another proof point that malicious actors are looking to tinker with iOS.
Ghost Push and Gooligan: One and the Same
This is not actually a net new malware family, but rather it’s a variant of the family “Ghost Push,” a threat first discovered in 2014.
Tiktok Pro
Lookout conducted an in-depth analysis of the fake TikTok Pro app and has classified it as toll fraud malware.
Tiktok
In January 2020, two US military organizations banned TikTok because of communication with servers in China and Russia.
Government Impersonator Targeting Small Businesses
Lookout Phishing AI detected a phishing campaign impersonating local government websites, including the City of San Mateo, City of Tampa, and Dallas County.
Spyware in the Enterprise
The Lookout Threat Intel team's recent discovery of Hermit, a mobile surveillanceware tool, shows how mobile surveillanceware could adversely affect enterprise organizations
Monokle RTD
Monokle is an advanced and highly-targeted surveillanceware developed by Russian firm STC. It has a number of unique capabilities for stealing data from Android devices
Lookout Security Intelligence Team's Discovery of BeiTaAd RTD
BeiTaAd is a well-obfuscated advertising plugin that forcibly displayed ads on the user’s lock screen, triggered video and audio advertisements even while the phone is asleep.
Lookout Security Intelligence Team Discovery of ArmaSpy
ArmaSpy was a surveillance family, which appears to have been targeting Iranian users since late 2016 with new samples discovered as recently as mid-2019
InfectedAds/AgentSmith RTD
This is a family of applications that infects programs by adding its own components to a target Android Package (APK) without changing its digital signature.
Hornbill and Sunbird - Android Surveillanceware/RAT
Novel Android surveillanceware developed by pro-India APT group Confucius targeting Pakistani officials
Goontact: iOS and Android Malware
A blackmail and sextortion campaign targeting individual users on both iOS and Android
eSurvAgent RTD
eSurvAgent is a sophisticated Android surveillanceware agent.
Lookout Phishing AI Discovers Campaign Targeting Verizon Employees
Phishing AI discovered this campaign targeting Verizon employees on mobile devices.
Lookout Phishing AI Discovers Campaign Targeting UN and Humanitarian Orgs
This campaign targeted non-governmental organizations around the world, including but not limited to UN and humanitarian organizations.
Attack Targeting AT&T Corporate Employees
Phishing AI discovered this campaign targeting AT&T employees on mobile devices.
AbstractEmu: Mobile Rooting Malware
Mobile rooting malware found on Google Play, Amazon Appstore, and the Samsung Galaxy Store.
xHelper
This malware can deploy second-stage malware payloads which can steal user login information, keylog, deploy ransomware, and bypass MFA with SMS interception.
Voatz App Security Flaws
The Voatz vulnerability, discovered by researchers at MIT, could allow hackers to see someone’s vote or even change their vote.
unc0ver Jailbreak
Unc0ver is a widely used jailbreak present in the market for some time, and more recently started taking advantage of an iOS kernel vulnerability discovered in 2019.
Twitter Phone Spear Phishing Attack
This Twitter phone spear phishing attack compromised the accounts of influential individuals and exemplifies the effectiveness of voice phishing, also known as vishing.
ToTok
ToTok is a very popular chat app used in the Middle East that was discovered to be spying on all its users despite not having any nefarious permissions built into the app.
SolarWinds: Software Supply Chain Attack
Solarwinds showed the effectiveness of a software supply chain attack, an effective tactic for compromising a high volume of devices with a single infected software update.
SimJacker
SimJacker is a vulnerability in the SIM card of certain iOS and Android devices that is executed via a specially crafted SMS message sent to the target device.
Samsung Devices | CVE-2021-25337/369/370
Google TAG under Project Zero revealed an active kill chain that exploits vulnerabilities in Samsung devices.
REvil Ransomware Attack on Kaseya
Kaseya recently fell victim to a ransomware attack executed by the REvil group. In all between 800 and 1,500 businesses down the chain were affected by this attack.
ReboundRAT
This attackers behind this remote access trojan (RAT) attack used social engineering to target Israeli Defense Force (IDF) soldiers.
Pulse Secure VPN
Several vulnerabilities discovered in the Pulse Secure VPN are being exploited by threat actors to bypass authentication and install malware in enterprise infrastructure.
Preinstalled Android Apps
A number of apps that come preinstalled on Android devices were found to have vulnerabilities that could be exploited on any Samsung device.
Pinduoduo App
Pinduoduo, a large Chinese online retailer, recently had their app removed from both the Google Play Store and iOS App Store because of malicious activity in their app.
Office 365 Account Takeovers
The expanded remote workforce has increased organizations’ threat surface in the cloud, which resulted in a surge of attacks and breaches on Microsoft Office 365 services.
NSO Group & Pegasus
A data leak of more than 50,000 phone numbers revealed a list of identified persons of interest by clients of NSO, developers of the Pegasus malware, since 2016.
Mobile Phishing Attacks on Australian Government
Australian government officials were targeted by a mobile phishing campaign through Telegram and WhatsApp, where attackers could send messages on their behalf.
Mobile APT Attack on Amazon CEO
Amazon's CEO was targeted by a mobile advanced persistent threat (APT) that enabled the attacker to steal data with a compromised video file sent to the victim via WhatsApp.
Mintegral SDK (SourMint)
The advertising SDK by Mintegral used in iOS apps had some risky permissions that could violate end-user privacy.
Lookout Security Intelligence Team Discovery of AzSpy
AzSpy appeared to be part of a commercial Android spy platform, known as FullSpy, with a user login page to monitor infected devices.
Chinese Surveillanceware
The Lookout Threat Intelligence team discovered four Android surveillanceware tools used to target the Uyghur ethnic minority group.
LightSpy
LightSpy was the malware behind the Poisoned News watering hole campaign on iOS.
Joker Trojan
Joker is a widely-used trojan that continues to appear in apps on the Google Play Store.
iOS WebKit Vulnerabilities
Apple released an urgent software update to iOS 14.4 to patch a vulnerability in Apple’s WebKit browser engine, which enabled attackers to perform arbitrary cross-scripting.
iOS Mail Exploit
A vulnerability in the native iOS Mail app allowed an attacker to execute an attack with zero or one-click.
iOS 16 Zero Day
Apple recently released a software update to iOS 16.1 and iPadOS 16 to patch a zero-day kernel vulnerability identified as CVE-2022- 42827
iOS 16.3 Vulnerability Fixes
Apple recently released iOS 16.3.1, which includes a number of critical security fixes for vulnerabilities including CVE-2023-23514 and CVE-2023-23529.
iOS 16.1.1 and 16.1.2 Vulnerability Fixes
Apple recently released two software updates with security fixes: iOS 16.1.2 and iOS 16.2.
iOS 15.6 Vulnerabilities
Apple released a software update to iOS and iPadOS 15.6 to patch two core zero-day vulnerabilities, CVE-2022-32894 (Kernel) and CVE-2022-32893 (Webkit).
iOS 15.6.1 Zero-Day
Apple released a software update to iOS and iPadOS 15.6.1 to patch a zero-day kernel vulnerability identified as CVE-2022-32917.
iOS 15.5 Vulnerabilities
Apple released a software update to iOS and iPadOS 15.5 to patch 35 issues, including two critical vulnerabilities identified by Lookout which grant control of the device.
iOS 15.3 Vulnerabilities
Apple released an urgent software update to iOS 15.3 to patch a vulnerability in Apple’s WebKit browser engine, which enabled attackers to execute arbitrary code remotely.
iOS 15.0.1 Vulnerabilities
Apple released an urgent software update for iOS 15.0.1, in response to the latest zero-day vulnerability in the IOMobileFrameBuffer.
iOS 14.8 Update
Apple released an urgent software update for iOS 14.7 to patch a vulnerability that was found to be exploitable by attackers using the surveillanceware known as Pegasus.
iOS 14.3 Vulnerabilities
Apple announced three exploitable vulnerabilities in iOS 14.3. Two of them were tied to the Apple WebKit, while the third was a vulnerability of the device kernel.
Instagram for Android Vulnerabilities
This vulnerability in Instagram for Android app versions prior to 120.0.0.26.128 could allow attackers to take control of Instagram's functionality and permissions.
Flubot Smishing
Attackers are using phone numbers leaked from Facebook to socially engineer mobile users into downloading malicious apps infected with the FluBot banking trojan
Firefox for Android Vulnerabilities
Vulnerability in Firefox for Android, found in the app's SSDP protocols, allows an attacker to trigger actions on a victim’s device if connected to the same Wi-Fi network.
Exynos Modems
Google Project Zero listed 18 vulnerabilities in Samsung Exynos modems produced by Samsung Semiconductor.
EA Games Credentials Leaked via Slack Cookies
Attackers were able to gain access to EA's infrastructure with employee credentials in cookies from Slack and exfiltrate almost 1TB of data.
CVE-2022-3075
Google released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind some popular web browsers.
CVE-2022-1633 – 1641
Researchers recently discovered and disclosed to Google nine vulnerabilities in Google Chrome for Android. The vulnerabilities are CVE-2022-1633 through CVE-2022-1641.
CVE-2022-1364
Google's Threat Analysis Group recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-1364.
CVE-2022-1096
A researcher recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-1096 in the V8 Javascript Engine component.
CVE-2022-0609
Google recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-0609.
Colonial Pipeline Ransomware Attack
The Colonial Pipeline ransomware attack demonstrated how cybercrime groups exploit diminishing visibility, legacy security systems, and mobile devices to extort money.
ChromeHeap | CVE-2022-4135
Google patched a new zero-day found in the GPU component of the Chromium open-source web browser causing a heap buffer overflow.
Chrome Zero Day | CVE-2022-3723
Google recently released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind popular web browser
Chrome for Android Vulnerabilities
This vulnerability affects Chrome for Android v86.0.4240.185 and below. In the event of a successful exploit, the actor could access any capability that the browser has.
Chrome 9th Zero Day | CVE-2022-4262
Google released an emergency patch for a new zero-day vulnerability tracked as CVE-2022-4262. The CVE is found in the V8 Javascript engine of Chromium
Cerberus Distributed Via MDM
This new variant of the banking malware Cerberus has been observed being distributed via a breached MDM.
BitScam & CloudScam: Crypto Scamming Apps
Dozens of crypto apps in the Play Store have scammed money from over 93,000 individuals
BancaMarStealer
A customizable Malware-as-a-Service banking trojan delivered through any app with messaging capabilities.
AndroidOS/MalLocker.B Ransomware
This is a variant of an existing mobile ransomware with novel techniques and behavior on Android devices.
Adobe Acrobat for Android
There has been a critical vulnerability in Acrobat Reader for Android devices that could enable an unauthorized user to execute arbitrary code executing on the user’s device.