Katrin Deres is a passionate blogger, and works in a marketing team at a mobile tracking company. For more information visit mSpy. Here is a guest post with some of my input covering how to protect mobile devices used by children and young adults.
Smartphones have revolutionized the way we live and are an important tool that most of us depend on daily. With that being said, a smartphone in the hands of a responsible adult is very different from allowing children access to them. Giving smart devices to children without considering its impact can spell big trouble for parents! Continue reading →
Cisco acquired Meraki, the leader in cloud controlled WiFI, routing and security late 2012. For those that haven’t heard of Meraki, the concept behind the technology is pretty cool. All device configuration and management is handled using a cloud / web accessible GUI. You can configure everything and ship equipment to where it needs to provide network access prior to first powering things on. Once you are ready, all you do is plug in the equipment and it works (IE all configuration is sent to the device via encrypted tunnel from the cloud) . It really is that simple.
My buddy who wrote the Kali Linux book with me released another short book on setting up XenMobile. I was one of the reviewers for this and believe it is a great guide for anybody looking to configure a new XenMobile environment. You can find the book HERE as well as Amazon, Barns & Noble or other online resellers.
Mobile Device Management or MDM has become a very popular topic following the smart phone and tablet market explosion (more on this found HERE). Everybody seems to own a range of mobiles devices making provisioning wireless and maintaining security a ongoing challenge. To address this demand, a handful of vendors have developed mobile device management solutions to provide these and other capabilities. Continue reading →
Here is a really cool post by the Chaos Computer Club found on Dr. Chaos’s blog (but they are not associated with each other) about bypassing Apple TouchID. For those watching the new iPhone releases, this is a major feature from the iPhone S. The original post can be found HERE
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white wood glue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
The terms Penetration Test, Vulnerability Assessment and Security Audit are often blended together when requested by clients or offered by security service providers. All three terms have security aspects however are very different regarding what purpose they serve as well as the expected deliverable. Continue reading →
A common saying is ” Amateurs Hack Systems, Professionals Hack People”. Social engineering is the art of manipulating people into performing actions or divulging confidential information. People fall for social engineering tricks based on their instinct to be helpful and trusting. The typical attacker never comes face-to-face with a victim using deception through email, social networks or over the phone. Continue reading →
How we communicate has become extremely easy in today’s digital society. Most mobile devices offer software that integrates with social networks, business applications and e-mail. People share anything from where they are eating to what they are about to eat in near real-time (personally I find it annoying). This convenience makes securing communication more difficult since most digital messages leave a digital fingerprint as well as usually transmitted over nonsecure sources. My team has demonstrated how hackers can steal data in transit using man-in-the-middle attacks with tools like the Pine Apple (more HERE), BeEF (more HERE), and compromising mobile devices to pull up old text messages and e-mails. Continue reading →