Posts

Sierra Wireless offers its customers 5G cellular wireless connectivity for their business-critical apps


Sierra Wireless launched its 5G managed network service in the United States, offering customers the speed and ultra-low latency of 5G cellular wireless connectivity for their business-critical applications.

Sierra Wireless’ fully managed network services provide end-to-end broadband solutions for permanent, temporary, and back-up connectivity in retail, food and beverage, healthcare, digital signage, kiosk/POS, and distance e-learning applications. These turnkey solutions offer simple, cost-effective, and reliable internet connectivity with no upfront equipment purchase cost, guaranteed uptime, and seamless management, with accountability from one point of contact.

“With cloud-based management and reporting, and cross-carrier pooling ensuring the best network coverage at all times, Sierra Wireless’ 5G managed network service can be used with our world leading XR Series 5G routers,” said Tom Mueller, Vice President of Product Enterprise Networking, Sierra Wireless.

“In addition, it also offers plan flexibility with a rental option lowering initial investment, and can reduce the cost of using, managing, and operating a connectivity network internally. With 5G changing the business landscape, Sierra Wireless is enabling customers to transform their digital operations, and to take advantage of 5G’s ground-breaking new capabilities with the availability of our new managed network services.”

With their unique service-level agreement, Sierra Wireless’ managed network services ensure business-critical functions with guaranteed connectivity uptime and constant monitoring of network performance managed 24/7/365 by Sierra’s team of wireless professionals. The services also include use of Sierra Wireless’ hardware and software, with updates for security and firmware, as well as an always-on out-of-band management link to the AirLink Management Service (ALMS). This unique capability ensures the ongoing operational success of 5G deployments, simplifies operations, and reduces downtime.

Sierra Wireless’ managed network services are available in three options:

  • Basic, the cost-effective backup cellular solution for non-critical systems.
  • Premium, including all the…

Source…

Zimperium partners with PCI SSC to help secure payment data on mobile apps and devices


Zimperium announced it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. Zimperium will work with the PCI SSC to help secure payment data worldwide on mobile apps and devices. It will also leverage its threat research and technology to help evolve requirements and drive the adoption of PCI Security Standards.

Zimperium PCI SSC

The PCI SSC leads a global, cross-industry effort to increase payment security by providing flexible, industry-driven, and effective data security standards and programs. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process and preventing, detecting, and mitigating criminal attacks and breaches.

As a Participating Organization, Zimperium adds its voice to the standards development process and will collaborate with a growing community of more than 800 Participating Organizations to improve payment security worldwide.

Zimperium will also have the opportunity to recommend new initiatives for consideration to the PCI Security Standards Council and share cross-sector experiences and best practices at the annual PCI Community Meetings.

“At Zimperium, our mission is to secure all our digital lives on mobile. Our unified platform leverages machine learning-based protection to secure mobile devices and applications — both of which are key to not just digital payments but e-commerce globally,” said Shridhar Mittal, CEO of Zimperium “Joining the PCI Security Standards Council as a Participating Organization aligns with our overall vision. We are committed to raising awareness about risks impacting mobile and helping the adoption of necessary data security standards for safe payments worldwide.”

Source…

Social Engineering Threats Rose 270% in 2021 – Indicating a Shift to Multi-Channel Phishing Attacks as Apps and Browsers Move to the Cloud


Humans are the most vulnerable cybersecurity entry points into an organization. By moving completely to the cloud, apps and browsers are all humans need to communicate with work, family, and friends. In the Human Hacking report recently published by SlashNext Threat Labs, data shows phishing attacks rose 51% over 2020 (a record-breaking year), and 59% were credential stealing. 

As human interaction has largely moved to the cloud, cybercriminals are taking advantage of this by attacking outside of email and looking to less secure channels like SMS text, social media, gaming, collaboration tools, and search apps. Social engineering is the cybercriminal’s preferred method of hacking humans, as demonstrated in the 270% increase in social engineering threats found by SlashNext in 2021. There were many contributing factors to the increase, including one million malicious URLs in July during the Tokyo Olympics found on all digital channels, including apps and browsers.

DevOps Experience

The other contributing factor to the spike in social engineering is the 2021 LinkedIn data breach. The two data breaches at LinkedIn resulted in over one billion records being sold on the Darkweb, available to cybercriminals to increase spear-phishing efforts towards high-value targets. Cybercriminals are using these attacks to gain access to corporate data, which leads to 91% of all successful cyber breaches – including ransomware attacks, data theft, and over $30 billion of financial fraud.  

Another trend revealed in the report is the increase in phishing on legitimate hosting infrastructure. Of the more than 14 million malicious URLs SlashNext identified in 2021, 2.5 million were spear-phishing hosted on legitimate infrastructures like AWS, Azure, outlook.com, and sharepoint.com. What is attractive about using legitimate infrastructure is the opportunity for cybercriminals to easily evade current detection technologies like secure email gateways, firewalls, and proxy.

The shifting phishing landscape, combined with cybercriminals’ access to automation, data, and intelligence, has quickly made human hacking the number one cyber threat. Previous security strategies, including secure email gateways,…

Source…

Google Play Store Photo Editor Apps Are Actually Android Malwares! Uninstall 3 Dangerous Apps Now


A bunch of Android apps listed on the Google Play Store were recently discovered stealing Facebook users’ credentials, running ad campaigns and collecting payment information. Unfortunately, over 500,000 unaware users have already installed them.

Typically, many available apps on Google Play Store would ask users if they want to “sign in with Facebook.” This option makes it easier for the users to remember their account details and for the app to quickly verify the users’ identity.

Unfortunately, malicious actors have exploited this system, using the linked-up account details to steal sensitive user information.

Android Malware Discovered: Do Not Download These Apps

Sources from BleepingComputer explained the nature of this newly discovered malware. They received technical advice from Tatyana Shishkova, an Android malware analyst at Kaspersky, and Maxime Ingrao, a security researcher at Evina.

To quickly summarize, these apps would first ask for Facebook account credentials via “sign in.” It would then collect Facebook account information via encrypted JavaScript. The malicious app would eventually access Facebook Graph API, where it would see ad campaigns and stored payment information. Eventually, the hacker would create their own ad campaigns. Hackers would also connect the victim’s Facebook credentials and link their payment information on the newly developed campaign.

The Android apps discovered with this malware are:

  • Blender Photo Editor – Easy Photo Background Editor
  • Magic Photo Lab – Photo Editor
  • Pix Photo Motion Edit 2021

Ingrao explained in detail how he found the suspicious codes on these apps. “I noticed the suspicious code first by doing a dynamic analysis. I noticed that the WebView was running JavaScript to retrieve the credentials. Then I downloaded the code and I recoded the function that decrypts the texts inside the code, that’s how I found the executed JavaScript and the calls to the Facebook Graph API,” per BleepingComputer

Android users are warned to be extremely careful because these apps had “passed” Google Play Store’s standards. Users who recognize these apps should immediately uninstall them now. 

Read Also: Google Warning: Hackers…

Source…