Tag: device | SpinSafe

How Samsung Knox Suite enables best-in-class security and device management for financial services

April 9, 2024/in Mobile Security

icon of a clock Published Apr 9, 2024By: Jeannine DeFoe

Security and compliance are common concerns for IT leaders in the financial services industry — but over the last few years, they’ve become top priorities, with businesses facing a significant spike in cybersecurity threats.

Given the rise of the hybrid workplace, mobile devices and tablets allow employees to stay connected, whether they are in the office, out in the field or meeting with customers. However, financial services companies are subject to a range of regulatory requirements around data protection and security on their devices. This puts extra pressure on financial firms to secure their data, enforce IT policies and protect those devices against malicious actors and threats.

Still, research shows that about 25% of malware attacks target financial services companies. In 2023, 64% of IT and cybersecurity professionals in the financial industry were hit by ransomware. With many financial workers now splitting their working days between the office, home and client visits, IT leaders and their teams are facing increased pressure to secure mobile devices regardless of where they are.

Samsung Knox, which is built into Samsung Galaxy mobile devices, tablets and wearables, protects business data for financial services and other regulated industries with government-grade protection. Samsung Knox offers mobile security, unified endpoint management, and fraud and theft protection to businesses. The platform is trusted for robust, government-grade security, with its defense starting at the hardware level and continuing to protect against the most advanced security threats.

Shop special offers

Find out about offers on the latest Samsung technology.

see deals

Speak to a solutions expert

Get expert advice from a solutions consultant.

Talk to an expert

Secure, deploy and manage data with Samsung Knox

IT leaders can use Samsung Knox Suite to manage various devices from a central location and a…

Source…

Watch out — that free Android VPN app could hijack your device

March 28, 2024/in Mobile Security

Almost two dozen free Android VPN apps were actually turning host devices into residential proxies, researchers have revealed announced. All of the apps were subsequently removed from the Play Store, with some making a comeback after cleaning up their code.

Cybersecurity researchers from HUMAN’s Satori Intelligence Team recently discovered a total of 28 apps, all of which had the “Proxylib” software development kit (SDK). This SDK, built in the Golang programming language, was designed to do the proxying, a process in which internet traffic is routed through third-party devices.

All of the apps were subsequently removed from the Play Store, with some making a comeback after cleaning up their code.

Russian fingers

While proxying has its legitimate, legal use cases, when it’s not clearly stated in the app, it’s most likely criminal. Hackers use it to hide their traffic as they commit ad fraud, phishing, and more.

Of the 28 apps, 17 were free VPN apps. Here is the full list:

Lite VPN
Anims Keyboard
Blaze Stride
Byte Blade VPN
Android 12 Launcher (by CaptainDroid)
Android 13 Launcher (by CaptainDroid)
Android 14 Launcher (by CaptainDroid)
CaptainDroid Feeds
Free Old Classic Movies (by CaptainDroid)
Phone Comparison (by CaptainDroid)
Fast Fly VPN
Fast Fox VPN
Fast Line VPN
Funny Char Ging Animation
Limo Edges
Oko VPN
Phone App Launcher
Quick Flow VPN
Sample VPN
Secure Thunder
Shine Secure
Speed Surf
Swift Shield VPN
Turbo Track VPN
Turbo Tunnel VPN
Yellow Flash VPN
VPN Ultra
Run VPN

The researchers speculate that these apps are linked to Asocks, a Russia-based residential proxy service provider, given that many apps connected to the Asocks’ website, and the Asocks service is commonly promoted to cybercriminals on hacking forums.

After discovering the apps, Google removed all of them from the Play Store, with some reappearing, possibly after removing the malicious SDK.

Users would be wise to double-check if any of their apps are still listed on the Play Store, and remove them if they’re not. Alternatively, they should at least keep them updated to the latest version.

Via

Source…

New industry-backed IoT security standards aim to improve device safety

March 19, 2024/in Internet Security

New IoT security standards could make it easier to choose devices that are hardened against some of the most common vulnerabilities.

IoT covers pretty much any physical device which can be connected to a digital network. IoT devices like digital locks, smart speakers, home surveillance systems, and routers are increasingly common, but have frequently been flagged as at-risk to threat actors.

That poor security can create risks for the users of these devices, such as the wrong people being able to access their security webcam, and can risk opening a backdoor into their network.

IoT security flaws also can create problems for the wider world, such as when vulnerable routers were enrolled into a botnet, which was then used in a Russian espionage campaign. In a recent survey, 50% of IT leaders said they thought IoT was the weakest point of their security.

Now, the Connectivity Standards Alliance (CSA) has published the first version of its IoT Device Security Specification, which it hopes will create a single IoT cyber security standard and certification program.

That should give manufacturers an easy way to show that their devices comply with multiple international regulations and standards – and hopefully help consumers and businesses alike make better choices.

The CSA’s Product Security Working Group has consolidated the requirements from three sets of IoT cyber security regulations in the US, Singapore, and Europe into a single program so device makers can comply with international requirements. The alliance has already signed a mutual recognition arrangement with the Cyber Security Agency of Singapore.

The 32-page specification includes dozens of specific device security provisions.

Manufacturers must demonstrate compliance with those provisions by supplying evidence to an authorized test lab. If they pass, manufacturers will be able to use the ‘Product Security Verified’ badge on their packaging. a printed URL, hyperlink, or QR code on the badge gives consumers access to more information about the device’s…

Source…

Largest navigation device maker combats bots with Cequence’s API Spartan

March 13, 2024/in Internet Security

The world’s largest navigation device manufacturer has opted to secure its eCommerce experience and combat bot attacks with the bot detection and mitigation solution API Spartan, created by Cequence and part of the overarching Unified API Protection platform.

This decision was made in response to significant financial risks exposed by bot attacks. The company encountered approximately 100 million SSO login requests monthly, with 15 to 20 percent of these identified as malicious. They also revealed that account takeovers could result in costs ranging from $50 (40) to $12,000 (9,500) each. If left unchecked, these costs could culminate in billions potentially lost, spelling out disaster for the business.

Previously, the company had struggled with substandard bot protection from another internet security provider, who used rudimentary techniques reliant on identifying bad IP addresses. However, this method proved insufficient in detecting advanced malicious bots given its lack of behavioural analysis, leading to unresolved bot attacks and difficulties in ensuring business continuity and customer experience.

In searching for a more proactive solution to this predicament, the company turned to Cequence’s API Spartan. Cequence’s capabilities to discern genuine users from bots in real-time and adapt to evolving bot tactics appealed to the company, offering a reliable and future-proof answer to their bot issue.

“Bots aren’t just a technical nuisance; they’re customer experience assassins,” stated Ameya Talwalkar, CEO of Cequence. “Imagine loyal customers, eager to purchase your products, locked out by an army of automated bad actors. The frustration, lost sales, and reputational damage are a nightmare scenario no business can afford. That’s why Cequence is dedicated to providing solutions that go beyond simple bot detection. We empower companies to proactively safeguard their legitimate customers and foster a thriving online environment where trust and genuine interactions flourish.”

The OWASP API Security Top 10 highlights the vulnerability of poorly secured APIs to automated bot attacks, blurring the line between traditional API and bot attacks with unified security solutions…

Source…

Tag Archive for: device

Shop special offers

Speak to a solutions expert

Secure, deploy and manage data with Samsung Knox