Mobile security is more important than ever!!!

The most used device these days is a mobile phone. Malware/Spyware/Hacking is everywhere, anytime,anywhere See: Update: Lookout re-airing on 60 Minutes

Some latest news about Mobile Security Alerts:

Hundreds of millions of devices potentially affected by first major iOS malware outbreak

Lookout discovers new trojanized adware; 20K popular apps caught in the crossfire

Soo what can you do about it:

Install Security app on your device: So i installed the free version of lookout on my phone.

unnamed

It works great so far: Testing it.

MS16-108: Security update for Exchange Server 2007/2010/2013/2016

Summary

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server computer. To learn more about this vulnerability, see Microsoft Security Bulletin MS16-108.

More information about this security update

The following articles contain more information about this security update as it relates to individual product versions.

  • 3184736 MS16-108: Description of the security update for Exchange Server 2016 and Exchange Server 2013: September 13, 2016
  • 3184728 MS16-108: Update Rollup 15 for Exchange Server 2010 Service Pack 3: September 13, 2016
  • 3184711 MS16-108: Update Rollup 21 for Exchange Server 2007 Service Pack 3: September 13, 2016

Security Bulletin: iOS “Pegasus” Malware and iOS 9.3.5 Security Update

On Aug. 25, 2016,  Apple announced updates to address security vulnerabilities in iOS version 9.3.4 and earlier. The affected components include the iOS kernel and WebKit.

The vulnerabilities can result in jailbreak, remote code execution, and memory corruption.  Security researchers at Lookout, Inc. have identified a high risk malware application, called “Pegasus”, that uses the vulnerabilities to compromise user devices.

MobileIron recommends that users update to iOS version 9.3.5 or later to obtain the necessary security patches. The security researchers have confirmed that the iOS patches prevent the vulnerabilities from being exploited.

Three vulnerabilities were patched in iOS 9.3.5.  The vulnerabilities are referred to collectively as “Trident”.  The reported CVE identifiers include:

  • CVE-2016-4655: An application may be able to disclose kernel memory.
  • CVE-2016-4656: An application may be able to execute arbitrary code with kernel privileges.
  • CVE-2016-4657: Visiting a maliciously crafted website may lead to arbitrary code execution.

Detection of Pegasus Jailbreak:

According to the security researchers at Lookout, EMM vendors cannot currently detect the Pegasus jailbreak. At this time, the only known method to detect Pegasus is to use products from Lookout.

Source: http://blaud.com/blog/pegasus-malware-ios-9-3-5-security-update_lookout_mobileiron

Translate »