Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With the rise of hybrid work, data leakage has become a significant issue. Employees are now working from a variety of locations, including their homes, coffee shops, and even public libraries. This makes it more difficult to keep track of data moving between managed endpoints and your organization's SaaS applications or private apps. Shadow IT, the use of unauthorized or unapproved software and services by employees has always been a challenge for IT departments.

For more than two decades, virtual private networks (VPNs) have been the go-to technology for enterprise remote access — and by extension, for enforcing remote access security. Even ubiquitous internet connections are often redirected via VPN to a central data center, where security enforcement occurs through various hardware appliances. From there, the traffic is forwarded onward to the internet. Of course, it must follow the same indirect path back on the response side.

We often think of advanced persistent threats or APTs as threats primarily targeting governments for cyber espionage, but they could have just as much impact on the private sector. Oftentimes, both the techniques and the tooling used overlap between APTs and financially-motivated cybercriminals, and some APT groups themselves have taken to moonlighting as cybercriminals for profit.

In quick succession at the end of May into mid-June, software developer Progress released three advisories that any customers using its popular managed file transfer (MFT) solution MOVEit should immediately update to the latest release. In this time, they were made aware of three critical vulnerabilities, CVE-2023-34362 on May 31, CVE-2023-35036 on June 9, and CVE-2023-35708 on June 15.

In today's increasingly mobile-driven world, securing our digital assets and protecting sensitive information is of paramount importance. To address this need, the National Institute of Standards and Technology (NIST) recently released the latest version of their publication, NIST 800-124 Rev. 2: Guidelines for Managing the Security of Mobile Devices in the Enterprise.

Mobile devices have become indispensable in our modern lives, enabling us to stay connected, access information, and conduct transactions on the go. However, the rise of mobile usage for accessing corporate information is attracting the increased attention of cybercriminals seeking to exploit vulnerabilities and gain unauthorized access to sensitive data.

In recent years, especially with hybrid work, almost everyone uses an iOS or Android device for work. In fact, in a recent survey, Lookout found that 92% of remote workers use their personal laptops or smartphones for work tasks, with 46% of them having saved files onto their devices. Now that employees expect to be productive from anywhere, organizations across all industries have become more relaxed with allowing the use of personal devices with bring-your-own-device (BYOD) programs.

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tool which we attribute with moderate confidence to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). Named BouldSpy for the “BoulderApplication” class which configures the tool’s command and control (C2), we have been tracking the spyware since March 2020.

Remote work is no longer a trend — in 2022, remote workers represented 30% of the overall workforce. Cloud services and mobile devices have made the work environment more flexible, and organizations have implemented bring-your-own-device (BYOD) policies to enable employees who are working from anywhere to get more done.