Category Archives:
mobile security

with iphones should not panic  -chisom Don’t panic over iOS 9 hack, Mr Mainwearing

No major worries says MWR InfoSecurity

As part of its Million Dollar iOS 9 Bug Bounty programme, Zerodium has offered up to $3 million for anyone who could prove they’ve been able to penetrate the defences of Apple’s latest mobile OS – iOS9. Without revealing the details (yet), Zerodium revealed in a tweet that it had received a successful entry – reputedly winning a $1 million reward from Zerodium. Zero Day hacks are, of course, vulnerabilities which haven’t been made widely publicised and are, of course, very lucrative for the discoverer. However, David Chismon – senior researcher with MWR InfoSecurity believes this isn’t cause for widespread panic amongst Apple fanbois. Continue reading

a clear warning - erlin Brain Test malware more cunning than 1st thought

Tripwire’s Erlin warns of dangers

An app known as Brain Test has been infecting Android phones since August [2015]. Apparently, it pushes unwanted ads onto devices. However, researchers now think the malware may be more advanced than previously thought. According to a report cited by EWeek, the malware installs a rootkit allowing hackers to run an arbitrary code on the infected device. Tim Erlin, director of security IT and risk management at Tripwire commented, “Ads appearing on your Android phone outside of a specific application are a clear warning sign that something is wrong.” Continue reading

TalkTalk breach may aid security software vendors

UK MNOs should look to beef up their customer service systems

The extremely high profile cyber attack on one of the UK’s leading ISPs [Internet Service Providers] could prove good news for those offering security solutions for MNOs’ [Mobile Network Operators] customer service systems. The victim last week [October 2015] was TalkTalk. However, its parent company – the Carphone Warehouse, was a victim of a similar attack back in August [2015] when cyber criminals reputedly gained access to the bank details of 2.4 million customers. That number included some customers of Carphone’s MVNO [Mobile Virtual Network Operator] – Here at GoMo Towers we view this latest attack as a wake-up call for MNOs and suggest that UK based MNOs,  should look to beef up their customer service systems. Continue reading

lolly_502 Motorola continues to support older Moto Gs

New OS update takes 2nd Gen models to 5.0.2 Lollipop

Proving that it hasn’t deserted its loyal fans, long-standing mobile handset supplier, Motorola has just released a new OS software update for Moto G (2nd Gen) by handsets. The handset maker revealed that the latest update cures a ‘Stagefright’ security vulnerability. Here at GoMo Towers, of course, we’d not heard of Stagefright before but assume it must be a well-known threat. In addition to clearing up this possible security weak point, Motorola says the latest version offers valuable OS stability improvements. Given that we’ve accidentally cracked the screen on the latest (3rd Gen) Motorola Moto G, this is very welcome news for us using our 2nd gen model. Particularly since we’d noticed some bugs afflicting this particular version of the Moto G. Continue reading

Malwarebytes reacts to Cinese iTunes attack

Bit worrying that XcodeGhost is almost undetectable

In the wake of the news here that Chinese hackers had managed to infiltrate mainstream apps posted on the official Apple iTunes App Store, Thomas Reed, director of Mac offerings with software security experts, Malwarebytes, has shared his reactions to the XcodeGhost outbreak. According to Reed, the attach is “the largest app store breach in history and anyone using iOS or OS X could potentially be affected.” He also gives some insights into why Apple has so far provided little guidance on how consumers could spot if they are running an affected app. Reed says it appears to be a form of dynamic library hijacking, where apps dynamically load libraries of code that they look for in one of multiple locations. “It’s hard for any user to be on guard against this kind of malware. Especially on iOS, where security features in the system make anti-malware software impossible,” Reed added. Continue reading

hidemyphone Hide My Phone! great for love cheats

We’re keeping quite about other possible uses

GoMo News remembers getting into really hot waters with Vodafone, when we suggested that installing machines that dispensed up-and-ready handsets in UK international airports was a terrorist’s charter. So we are having to play safe with the uses that a new phone app called Hide My Phone! from Privax can be put to.  Let’s just say it’s a gift for love cheats. Because it allows you to pick a telephone number that will make you look like a local number in major countries worldwide. We also suspect you can browse major sites – like Facebook, without being traceable thanks to Privax’ VPN technology. This app is a sister to Hide My Ass! which lets users surf the Net totally anonymously. Continue reading

AdaptiveMobile uncovers Koler worm variant

Spreading by text message and holding phones for ransom

Press release

October 21st 2014. AdaptiveMobile, a world leader in mobile security, has discovered a new variant of the Android malware Koler, which now spreads by text message and holds infected users’ phones hostage until a ‘ransom’ is paid. AdaptiveMobile detected the emergence of the worm on October 19th [2014], and has blocked thousands of messages from hundreds of infected phones. The attack is occurring worldwide, but the majority of the infected phones are in the USA. Continue reading

Skyep+pchome GoMo forced to watch YouTube to get Skype help

Our Skype account gets tagged to a Taiwanese web site

Here at GoMo Towers, we’ve been facing absolute chaos with our Skype account. It got ‘tagged’ to PC Home which is Skype’s partner in Taiwan or China. We’re not quite sure how it happened but escaping the mess has proved unbelievably complex and impossible to date. Despite the fact that Skype (now owned by Microsoft) is a voice call supplier, you can’t actually speak to an agent. We decided that the answer was to use Skype’s Live Chat Support service. In order to access Live Chat we first had to watch an independently produced help video on YouTube (see below). Continue reading

a tame 4chan upload Careless picking led to iCloud security breaches Apple says

All the more reason for single sign-on (SSO) access

Careless whispering usually leads to celebrity downfalls but in the recent case of hacked pics [photos] from Apple’s iCloud cloud storage system, it was careless picking. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone,” Apple said in a statement. Apple says it discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions. Which is apparently a common practice on the internet. So celebs had been picking easy to guess passwords. All the more reason to go for counter-measures like single sign-on (SSO) access, GoMo News argues. Continue reading

ghosts & footprints can remain - moses Forensic expert confirms BlackBerry BB10s are ultra secure

Longmere Consultants specialise in recovery of deleted texts

Most people believe that once you press the delete button on a mobile telephone, then that text message [SMS] has gone forever . However, according to UK forensic data recovery experts, Longmere Consultants, this is not always the case. The company specialises in recovering deleted texts; photographs; call logs; chat messages; files; and phone books from mobile phones. However, John Moses md with Longmere confirmed to GoMo News that the exception that proves the rule is the Blackberry Q & Z series (BB10 devices) plus the 9320 series which are non-recoverable. So, in effect, Longmere is confirming that BlackBerry’s smartphones are about the securest devices you can have out there. By contrast, iPhone are amongst the easiest to recover from. Continue reading

fantastic opportunity - quelle BlackBerry to acquire German anti-eavesdropping tech

Probably has lots to do with the USA’s spying on Chancellor Merkel

Reviving smartphone maker, BlackBerry should acquire a leading high-security voice, data encryption and anti-eavesdropping specialist, Germany’s Secusmart. Previously, the two companies have provided Secusmart-equipped BlackBerry smartphones to a significant number of German government agencies. This includes almost all German government ministries and naturally including Chancellor Angela Merkel. Nice to see the Canadians helping the Germans to defeat the USA’s spying activities, then. It also shows how CEO Chen knows how to focus on BlackBerry’s strenghts. Continue reading

not surprise that fingerprint scanners came top - locke Touch ID fingerprint scanner coming to iPads soon

Fingerprint scanner is most popular biometric authentication process

New research has shown that eight in ten (79 per cent) of Brits are ready to ditch their passwords in favour of biometric security measures such as fingerprint scanners. It’s no surprise to learn that sales of Apple’s iPhone 5s have helped make biometrics extremely popular with consumers. These figures were revealed by the Future Password Index from digital financial services provider Intelligent Environments. Fingerprint technology was voted as the most popular biometric method in the new 53 per cent of people would like their bank to integrate fingerprint scanners into digital banking services. Continue reading

set the industry standard - trapp Guest Post: Mobile authentication exposé

The real costs and opportunities of one-time passwords

New White Paper research, entitled ‘Unlocking the Mobile Security Potential: the Key to Effective Two-Factor Authentication‘, conducted by the Ponemon Institute and sponsored by tyntec, has revealed that 90 per cent of IT managers around the world are considering adopting two-factor authentication (2FA) this year. Rapidly becoming the authentication method of choice, SMS-enabled 2FA integration is on the rise because of its secure, cost-effective and user-friendly nature. Along with these benefits is the ability to use a One-Time Password (OTP), which can provide new and valuable visibility options and opportunities. Continue reading

vital organisations implement BYOD policies - zandbelt UK PM’s mobile tel no. leak shows lack of BYOD awareness

Mobile industry hasn’t stressed dangers of BYOD enough

The fact that a prominent UK journalist, the BBC’s Nick Robinson, lost a mobile device containing the UK Prime Minister’s mobile phone number has failed to ring alarm bells. His quasi-governmental employer has been negligent in allowing extremely sensitive data to be stored unprotected on a personal communications device. As GoMo News pointed out previously – a hostile government (Gadaffi’s Libya) has the capability of tracking mobile phones to within 200 feet. An effective BYOD implementation at the BBC would have ensured Robinson’s phone was wiped. GoMo asked Proven Legal Technologies‘ md, Phil Beckett, and Ping Identity‘s Hans Zandbelt, their views on the current state of play with BYOD. Continue reading

4 walls of an office no longer exist- harding Ping Identity delivers mobile app for single sign-on access to thousands of applications from any device

One-click access for business apps with the security controls that IT requires

Press release

May 22nd 2014. Ping Identity, the identity security company, has announced a native mobile application that delivers single sign-on (SSO) access to thousands of applications from any device. Available for iPhone, iPad and Android smartphones and tablets, the PingOne app gives users a simple yet secure way to access corporate resources via their smartphone or tablet without compromising security and compliance requirements. Continue reading