Corrata

Organizations today offer employees nearly unrestricted access to enterprise systems on mobile. But without the right tools, InfoSec teams are left with almost zero visibility into the attacks targeting these devices. This "Mobile Security Gap" is exploited through a range of threats: ➡️ Spear phishing through SMS and messaging apps is used to steal credentials and breach organizational defenses. ➡️ Adversary-in-the-Middle (AiTM) attacks bypass MFA, giving attackers prolonged access to sensitive data. ➡️ Remote Access Trojans (RATs), deployed via social engineering, allow deep control over compromised devices. ➡️ Sophisticated spyware exploits OS vulnerabilities to target critical sectors like government, infrastructure, and strategic industries. Want to learn more? Check out our October 2024 edition of "Today's Top Mobile Threats." #mobileendpointsecurity #quishing #smishing #RATs #spearphishing #mobilethreatdefense

Increasingly, attackers are targeting their spear-phishing attacks at mobile channels, taking advantage of their lack of enterprise-grade protections. Unlike texting scams targeting the general population, these attacks target specific individuals and are crafted to include personal details designed to make them more believable. They use both consumer messaging apps such as SMS, WhatsApp, Signal and Telegram and corporate applications like Teams and Slack. They may also leverage QR codes embedded in email. Attackers use these channels to bypass the anti-phishing tools commonly found on email systems and traditional endpoints. To learn more about this threat read our latest blog. (link in the comments) #spearphishing #smishing #quishing #mobilethreatdefense #antiphishing

Last week Corrata was delighted to present at Cyber Ireland's annual conference in the historic city of Kilkenny. Great event, excellent speakers and a highly knowledgeable and engaged audience. Delighted to share the stage with Douglas E. of Waratek and Aidan Finn of Binarii Labs #cinc24

THREAT ADVISORY: Remote Access Trojans What if one of your employees' devices was under the remote control of a cybercriminal—able to steal passwords, capture MFA codes, access sensitive messages, and extract files from cloud storage? Unfortunately, this is not science fiction, but a real and growing threat in today's mobile environment. Welcome to the world of Remote Access Trojans (RATs). In this short video, we explain how these attacks can be carried out more easily than you might think. To learn more about RATs and the risks they pose, visit the Corrata website and check out our latest blog post. Link in the comments below. #mobileendpointsecurity #mobilethreats #android

Delighted to be selected to present at this year's Cyber Ireland conference in Kilkenny. Thanks to Enterprise Ireland. Looking forward to meeting up with Ireland's vibrant cyber ecosystem.

THREAT ADVISORY: Remote Access Trojans What if one of your employees' devices was under the remote control of a cybercriminal—able to steal passwords, capture MFA codes, access sensitive messages, and extract files from cloud storage? Unfortunately, this is not science fiction, but a real and growing threat in today's mobile environment. Welcome to the world of Remote Access Trojans (RATs). In this short video, we explain how these attacks can be carried out more easily than you might think. To learn more about RATs and the risks they pose, visit the Corrata website and check out our latest blog post. Link in the comments below. #mobileendpointsecurity #mobilethreats #android

Great piece of in-depth research on the global spyware market from The Lawfare Institute: Mythical Beasts and Where to find them https://lnkd.in/eWxdrqXb hashtag #spyware #pegasus #predator

Often organizations block mobile access from employee owned devices because they have no way of telling whether the device is secure or not. But with the introduction of Circuit Breaker from Corrata, this is about to change. For the first time, it will be possible to incorporate signals from a security solution when deciding whether to grant access to any device, managed or not: ➡ Devices without the active protection of an endpoint security solution won't be able to access your environment ➡ Where an endpoint security solution provides positive confirmation that a device is secure, access is granted. ➡ However, if this changes, for example, because of malware infection, then access is instantly terminated. Get in touch to learn more about how Corrata can help drive secure digital transformation and improve your security posture.

THREAT ADVISORY: Remote Access Trojans What if one of your employees' devices was under the remote control of an attacker, an attacker who could then copy passwords and MFA codes, read the content of sensitive messages and extract files from cloud storage ? Unfortunately such a circumstance is not in the realm of science fiction but is a realistic threat in today's mobile environment. Welcome to the world of "Remote Access Trojan's (RAT's)." Executing such an attack is simpler than you might think: ➡ A targeted SMS message is sent to the employee urging them to download an apparently benign app. It might be disguised as a newly mandatory enterprise app, an enticing opportunity for access to free content or promotions or an urgent update to your operating system. ➡ Ignoring system warnings, an employee who proceeds to download the app will have unwittingly installed malicious code which once activated will grant the attacker complete control over the device. ➡ On opening the app the employee is tricked into granting the Accessibility Permission. This is a feature of Android designed to help users with disabilities such as impaired vision but which is routinely abused by malicious apps. ➡ Once Accessibility Permission is enabled the attacker can, among other things, read the content of screens, create overlays to trick users into revealing information and grant itself additional permissions. In short a nightmare position for your organization. To learn more about RAT's and the menace the pose visit the Corrata website to read our latest blog. Link the comments below.