Lookout puts the trust in zero trust with new post-perimeter security solutions

Lookout’s new approach to cybersecurity is designed to protect businesses as their employees work from outside the corporate perimeter. With integrations to Okta, VMware and other technology partners, Lookout brings security and compliance to tod… Continue reading Lookout puts the trust in zero trust with new post-perimeter security solutions

The DNC False Alarm Hack Is Good Cybersecurity, Bad PR

The DNC thought it was getting hacked again, but it was just a false alarm set off by a security test. It’s a sign that the organization is taking its cybersecurity seriously. Continue reading The DNC False Alarm Hack Is Good Cybersecurity, Bad PR

DNC says phishing incident was a false alarm

The Democratic National Party now says a phishing campaign against its voter database revealed Wednesday was in fact an unauthorized test by a third party and not the work of a malicious attacker. “We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder,” DNC Chief Security Officer Bob Lord said in a statement. “The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.” Lord did not identify the unauthorized third party that had carried out the phishing test. Citing a source familiar with the matter, PCMag reported that the Michigan Democratic Party had given its approval for an unnamed organization to carry out the test. Spearphishing was devastatingly effective during the 2016 presidential campaign, as Russian hackers breached […]

The post DNC says phishing incident was a false alarm appeared first on Cyberscoop.

Continue reading DNC says phishing incident was a false alarm

Democrats find hackers targeting voter database

The Democratic National Committee reached out to the FBI after cybersecurity firm Lookout found a spearphishing operation aimed at breaking into the Democrats’ voter database, CNN reported on Tuesday. Lookout discovered the hacking attempt on Monday using its “phishing AI detection” tool which found a phishing site replicating the login to NGP VAN, the tech provider to Democratic and progressive campaigns and organizations. The DNC was the victim of an expansive and successful phishing campaign leading into the 2016 elections that saw thousands of internal emails made public. That campaign has been widely linked to Russian government-sponsored hackers. On Monday, the same day the attempted hacking campaign was first discovered, President Donald Trump again expressed doubt that Russians hacked Democratic targets in the 2016 campaign. “Our Principal Engineer for phishing, Jeremy Richards, received an alert from our phishing AI detection, and Lookout started to investigate the phishing site, which we […]

The post Democrats find hackers targeting voter database appeared first on Cyberscoop.

Continue reading Democrats find hackers targeting voter database

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages. Continue reading Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

SentinelOne partners with Lookout to extend endpoint protection to mobile devices

SentinelOne has partnered with Lookout to integrate mobile threat data into the SentinelOne console to protect mobile endpoints from attacks. Attackers are redirecting ransomware and malware attacks from desktops to target mobile endpoints, and organiz… Continue reading SentinelOne partners with Lookout to extend endpoint protection to mobile devices

DHS touts tech it funded to block mobile phishing

A Department of Homeland Security-funded product designed to better protect mobile-phone users from phishing is becoming available to government and private-sector clients, the department said Thursday. DHS’s Science and Technology Directorate, which partially funded the tools made by mobile security company Lookout, hailed the product’s ability to block phishing attempts and detect malware lurking in mobile applications.  The beefed-up product, Lookout Mobile Endpoint Security, is now available for Android and iOS operating systems, the department said. Phishing offers hackers a cheap and easy foothold into a network by exploiting people’s trust in the internet. The rate at which victims are falling for phishing attacks on mobile devices has grown an average of 85 percent annually since 2011, according to a study by Lookout, which is based in San Francisco. DHS is trying to lessen the threat to mobile users, including those in government, by investing in Lookout’s technology, which the department said inspects all outbound network […]

The post DHS touts tech it funded to block mobile phishing appeared first on Cyberscoop.

Continue reading DHS touts tech it funded to block mobile phishing

Pakistani military leverages Facebook Messenger for wide-ranging spyware campaign

Security researchers discovered two pieces of malware used by the Pakistani military in order to to spy on specific targets in the Middle East, Afghanistan and India, according to the mobile security company Lookout. The malware, dubbed Stealth Mango and Tangelo, appears to have successfully compromised government officials, medical professionals and civilians in Afghanistan, India, Iraq, Iran, the United Arab Emirates and Pakistan. Targets were compromised via Android and possibly iOS. Government officials in the United States, Australia, the United Kingdom and Iran were indirectly compromised after interacting with direct Stealth Mango victims. Instead of sophisticated and expensive exploits, attackers relied on phishing through third-party app stores and possibly physical access to targeted devices. The campaign is ongoing as of April 2018. The malware, developed by independent contractors, is constantly being updated. Developers are releasing up to two new versions per week. “What’s interesting is the ability, insight and amount […]

The post Pakistani military leverages Facebook Messenger for wide-ranging spyware campaign appeared first on Cyberscoop.

Continue reading Pakistani military leverages Facebook Messenger for wide-ranging spyware campaign

New targeted surveillance spyware found on Google Play

A new targeted surveillance app has been found and booted from Google Play. The app, named Dardesh, posed as a chat application and acted as a downloader for a second app that could spy on users. The Dardesh app was spotted and analyzed by Lookout rese… Continue reading New targeted surveillance spyware found on Google Play

Hamas-linked spyware targeting Palestinians removed from Google Play store

A hacking group which analysts believe is linked to Hamas successfully placed highly targeted surveillanceware in the Google Play Store in order to spy on Palestinian targets, according to new research from the mobile security firm Lookout. The newly identified malware, known as Desert Scorpion, was deployed against over 100 individuals of interest in Palestine. A similar 2017 campaign from the same “highly active” group, dubbed APT-C-23.  The group has been linked to Hamas’s political rivals as well as government employees, security services and university students. Desert Scorpion has been tied to a 2017 campaign, known as Frozen Cell, by reuse of the same social media profiles to promote the malware as well as infrastructure using similar IP blocks. APT-C-23 has been active since at least 2015 when U.S. cybersecurity firms Palo Alto Networks and ThreatConnect identified a campaign by the group targeting the United States, Israel, Palestinian Territories and Egypt. The malware allows its users to steal data from […]

The post Hamas-linked spyware targeting Palestinians removed from Google Play store appeared first on Cyberscoop.

Continue reading Hamas-linked spyware targeting Palestinians removed from Google Play store