SlideShare a Scribd company logo

The Four Horsemen of Mobile Security

S
Skycure

Watch the webinar recording: http://hubs.ly/y0XwTS0 In this RSA Conference webcast, security experts Adi Sharabani and Yair Amit describe the current threat landscape for mobile devices and discuss security strategies.

Technology
1 of 42
Download to read offline
Yair  Amit,  Co-­‐Founder  and  CTO,  Skycure   Adi  Sharabani,  Co-­‐Founder  and  CEO,  Skycure     The  Four  Horsemen  of   Mobile  Security  
©  2015  RSA  Conference.  All  rights  reserved.   The  Four  Horsemen  of   Mobile  Security   IntroducJons   The  Mobile  Threat  Landscape   Example  ANacks   Hacking  Demo  
©  2015  RSA  Conference.  All  rights  reserved.   Introduc)ons Adi  Sharabani CEO,  Co-­‐Founder Skycure Yair  Amit CTO,  Co-­‐Founder Skycure IDF  8200 30  Patents IDF  8200
©  2015  RSA  Conference.  All  rights  reserved.   4   1.5B   400M   10-­‐100X   3.1M   Smartphones   Tablets   Networks   Apps  
©  2015  RSA  Conference.  All  rights  reserved.   Old  Endpoint  Vs.  New  Endpoint ?   IPS   IDS   Firewall   DLP   Data  EncrypJon   Wireless  Security   ApplicaJon  Control   AV  
©  2015  RSA  Conference.  All  rights  reserved.   Modern  Mobile  ALacks
©  2015  RSA  Conference.  All  rights  reserved.   Physical  Security Loss   TheV   Unauthorized   Access  
©  2015  RSA  Conference.  All  rights  reserved.   Network  Security Wi-­‐Fi/   Cellular   Off-­‐the-­‐ shelf   hacking   gear   24x7   Exposure  
©  2015  RSA  Conference.  All  rights  reserved.   Network  Security 0%   23%   30%   35%   41%   0%   25%   30%   38%   43%   0%   10%   20%   30%   40%   50%   0   1  Month   2  Months   3  Months   4  Months   %  affected  devices   Affected  Devices  Over  Time   2014   2015   Source: Skycure Threat Intelligence
©  2015  RSA  Conference.  All  rights  reserved.   Malware  Security External   Android   Stores   Repackaged   Apps   New   infecJon   vectors    
©  2015  RSA  Conference.  All  rights  reserved.   Vulnerabili)es OS  &  App   Level   Patching   Challenges   Never   Ending   Story  
©  2015  RSA  Conference.  All  rights  reserved.   Known  iOS  Vulnerabili)es  (by  Year) 0   20   40   60   80   100   120   140   160   180   2007   2008   2009   2010   2011   2012   2013   2014   2015   Number  of  CVEs   Trajectory   Source: Skycure analysis based of CVEdetails.com
1.  Physical  ANacks  
©  2015  RSA  Conference.  All  rights  reserved.   The  Physical  Layer •  Threat  vector •  Lost  /  Stolen  /  Temp  Access •  Basic  physical  security  needs: •  Remote  wipe •  Locate  device •  Backup •  Local  storage •  Passcode  protec)on •  OS  responsibility •  MDM  solu)ons
2.  Network  ANacks   ImplementaJon  vs.  Design  Issues  
©  2015  RSA  Conference.  All  rights  reserved.   Implementa)on  Issues • Coding  piWalls • Ubiquitous • Usually  easy  to  fix  once  iden)fied
©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  GoToFail
©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  GoToFail static OSStatus
 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) { … if ((err = SSLHashSHA1.update(&hashCtx, &clientRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; err = sslRawVerify(ctx, ctx->peerPubKey, dataToSign, /* plaintext */ dataToSignLen, /* plaintext length */ signature, signatureLen); … fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); return err; }   Always  goto  “fail”,   even  if  err==0   Code  is  skipped   (even  though  err  ==  0)   FuncJon  returns  0  (i.e.  verified),  even  though   sslRawVerify  was  not  called   Source: Apple’s published source code
©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  Heartbleed
©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  Heartbleed
©  2015  RSA  Conference.  All  rights  reserved.   iOS  crashes “No  iOS  Zone”  exploited  again iPhone  crashes  again Device  restarts and  again and  again and  again Example  3:  “No  iOS  Zone”
©  2015  RSA  Conference.  All  rights  reserved.   Design-­‐Based  Vulnerabili)es • Logical  issue.  Harder  to  fix.  Usually  persist  longer • Two  types: •  General  “protocol”  vulnerabili)es •  Design  issues  affec)ng  mobile  OS • Mobile  -­‐  more  suscep)ble: •  Classical  security  solu)ons  are  inadequate •  Excessive  use  of  untrusted  networks
©  2015  RSA  Conference.  All  rights  reserved.   Example  I:  SSLstrip ALacker  removes  redirec)ons   and  links  to  HTTPS Vic)m  con)nues  to  interact  via  HTTP   instead  of  HTTPs Server  returns  a  redirec)on  to   HTTPS
©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  SSL  Decryp)on 92%  of  users  click  on  “ConJnue”   compromising  their  Exchange  idenJty    (username  and  password)   ConJnue   92%   Cancel   8%  
©  2015  RSA  Conference.  All  rights  reserved.   Example  3:  WiFiGate
©  2015  RSA  Conference.  All  rights  reserved.   Real)me  Threat  Intelligence 100K+  global  threats  iden)fied  in  2014 hLps://maps.skycure.com hLps://maps.skycure.com
3.  Malware  ANacks  
©  2015  RSA  Conference.  All  rights  reserved.   Evolu)on  of  Android  Malware Google  introduces  technologies  such   as  “Bouncer”  and  “Verify  Apps”   Google  Play  is   riddled  with   malware   3rd  party  stores   are  riddled  with   malware  2011   2015  
©  2015  RSA  Conference.  All  rights  reserved.   Malware  Scanners  Effec)veness More  InformaIon  at  RSA  ASIAPAC   (July  23rd,  2015)    
©  2015  RSA  Conference.  All  rights  reserved.   Malware  is  Not  Just  an  Android  Problem
Malicious  Profiles  
©  2015  RSA  Conference.  All  rights  reserved.   iOS  sandbox  approach   Source:  Apple’s  App  Sandbox  Design  Guide   App Characteristics Profile Characteristics iOS  Security  Model •  No  Store •  No  Screening •  No  Sandboxing •  One  Store •  Heavy  Screening •  App  Sandboxing
©  2015  RSA  Conference.  All  rights  reserved.   Par)cipa)on  Instruc)ons 1.  Open  your  Safari 2.  Tap  the  blue  buLon 3.  Click  on  ‘Install’ 4.  Click  on  ‘Install  Now’ 5.  Click  on  ‘Done’ Start  demo  by  opening  Safari  and  browsing  to: aLack.skycure.net
©  2015  RSA  Conference.  All  rights  reserved.   Removing  The  Infec)on 34   1.  Go  to  Senngs   2.  Click  on  General   3.  Click  on  Profiles   4.  Click  on  “Movies  for  Free”   5.  Click  on  Remove   Try  again  with  Skycure   installed  on  your  device.  
4.  VulnerabiliJes  
©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  Plain  HTTP  
©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  SwikKey  Vulnerability • 600  million  Android  (Samsung)  devices  vulnerable Pre-­‐installed   Keyboard   Unencrypted   Updates   MITM   System   Access  
©  2015  RSA  Conference.  All  rights  reserved.   Example  3:  HTTP  Request  Hijacking
©  2015  RSA  Conference.  All  rights  reserved.   -  (void)fetchArticles   {   NSURL *serverUrl = ! [NSURL URLWithString:@"http://journal.skycure.com"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   ! [request setValue:@"application/json” ! forHTTPHeaderField:@"Content-Type"];     self.connection = ! [[NSURLConnection alloc] initWithRequest:request delegate:self];   }     NSURL *serverUrl = ! [NSURL URLWithString:@"http://journal.skycure.com"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   NSURL *serverUrl =! [NSURL URLWithString:@"http://attacker.site/skycureJournal"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   @"http://journal.skycure.com"   @"http://attacker.site/skycureJournal"   HTTP  Request   Hijacking  
©  2015  RSA  Conference.  All  rights  reserved.   Vic)m  interacts  with  the   malicious  server A  while  later, vic)m  opens  the  app App  logic  has   changed! ALacker  returns  a  301   direc)ve  specifying  a   permanent  change  in  URI Vic)m  opens  the  app  in  an   untrusted  environment App  con)nues  to  connect  to   the  malicious  server! Malicious  server  can   return  actual  results   from  the  target  server
©  2015  RSA  Conference.  All  rights  reserved.   Summary • Mobile  security  threat  landscape •  Physical,  Network,  Malware,  Vulnerabili)es • Mobile  is  a  low  hanging  fruit  for  aLackers • Recommenda)ons •  Awareness •  Focus  on  visibility  as  a  baseline  to  security •  Security  solu)ons  for  personal  and  business  needs
©  2015  RSA  Conference.  All  rights  reserved.   Next  Steps contact@skycure.com   hLps://www.skycure.com   hLps://blog.skycure.com   @YairAmit,  @AdiSharabani,  @SkycureSecurity /Skycure

Recommended

Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Tools for Evaluating Mobile Threat Defense Solutions
Tools for Evaluating Mobile Threat Defense SolutionsTools for Evaluating Mobile Threat Defense Solutions
Tools for Evaluating Mobile Threat Defense SolutionsSkycure
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsSkycure
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
How Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesHow Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesSkycure
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 

Recommended

Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Tools for Evaluating Mobile Threat Defense Solutions
Tools for Evaluating Mobile Threat Defense SolutionsTools for Evaluating Mobile Threat Defense Solutions
Tools for Evaluating Mobile Threat Defense SolutionsSkycure
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsSkycure
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
How Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesHow Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesSkycure
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedCheck Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedMoti Sagey מוטי שגיא
 
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Skybox Security
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssAndrew Wong
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Kyle Lai
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroSkycure
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksSkycure
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 

More Related Content

What's hot

Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Skybox Security
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssAndrew Wong
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Kyle Lai
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroSkycure
 

What's hot (20)

Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- DetailedCheck Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- Detailed
 
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for Businesss
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpoints
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security Superhero
 

Similar to The Four Horsemen of Mobile Security

How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksSkycure
 
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ Swarm
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ SwarmRevolutionizing IoT Testing - A Sneak Peek of HiveMQ Swarm
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ SwarmHiveMQ
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSEric Smalling
 
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBECristian Garcia G.
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
Ssl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubSsl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubiplotnikov
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor FiorimTI Safe
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 
Security and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseSecurity and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseAmazon Web Services
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
 

Similar to The Four Horsemen of Mobile Security (20)

How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber Attacks
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ Swarm
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ SwarmRevolutionizing IoT Testing - A Sneak Peek of HiveMQ Swarm
Revolutionizing IoT Testing - A Sneak Peek of HiveMQ Swarm
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWS
 
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Ssl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubSsl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech club
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
 
2014 09-04-pj
2014 09-04-pj2014 09-04-pj
2014 09-04-pj
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
Security and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseSecurity and Advanced Automation in the Enterprise
Security and Advanced Automation in the Enterprise
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

The Four Horsemen of Mobile Security

  • 1. Yair  Amit,  Co-­‐Founder  and  CTO,  Skycure   Adi  Sharabani,  Co-­‐Founder  and  CEO,  Skycure     The  Four  Horsemen  of   Mobile  Security  
  • 2. ©  2015  RSA  Conference.  All  rights  reserved.   The  Four  Horsemen  of   Mobile  Security   IntroducJons   The  Mobile  Threat  Landscape   Example  ANacks   Hacking  Demo  
  • 3. ©  2015  RSA  Conference.  All  rights  reserved.   Introduc)ons Adi  Sharabani CEO,  Co-­‐Founder Skycure Yair  Amit CTO,  Co-­‐Founder Skycure IDF  8200 30  Patents IDF  8200
  • 4. ©  2015  RSA  Conference.  All  rights  reserved.   4   1.5B   400M   10-­‐100X   3.1M   Smartphones   Tablets   Networks   Apps  
  • 5. ©  2015  RSA  Conference.  All  rights  reserved.   Old  Endpoint  Vs.  New  Endpoint ?   IPS   IDS   Firewall   DLP   Data  EncrypJon   Wireless  Security   ApplicaJon  Control   AV  
  • 6. ©  2015  RSA  Conference.  All  rights  reserved.   Modern  Mobile  ALacks
  • 7. ©  2015  RSA  Conference.  All  rights  reserved.   Physical  Security Loss   TheV   Unauthorized   Access  
  • 8. ©  2015  RSA  Conference.  All  rights  reserved.   Network  Security Wi-­‐Fi/   Cellular   Off-­‐the-­‐ shelf   hacking   gear   24x7   Exposure  
  • 9. ©  2015  RSA  Conference.  All  rights  reserved.   Network  Security 0%   23%   30%   35%   41%   0%   25%   30%   38%   43%   0%   10%   20%   30%   40%   50%   0   1  Month   2  Months   3  Months   4  Months   %  affected  devices   Affected  Devices  Over  Time   2014   2015   Source: Skycure Threat Intelligence
  • 10. ©  2015  RSA  Conference.  All  rights  reserved.   Malware  Security External   Android   Stores   Repackaged   Apps   New   infecJon   vectors    
  • 11. ©  2015  RSA  Conference.  All  rights  reserved.   Vulnerabili)es OS  &  App   Level   Patching   Challenges   Never   Ending   Story  
  • 12. ©  2015  RSA  Conference.  All  rights  reserved.   Known  iOS  Vulnerabili)es  (by  Year) 0   20   40   60   80   100   120   140   160   180   2007   2008   2009   2010   2011   2012   2013   2014   2015   Number  of  CVEs   Trajectory   Source: Skycure analysis based of CVEdetails.com
  • 14. ©  2015  RSA  Conference.  All  rights  reserved.   The  Physical  Layer •  Threat  vector •  Lost  /  Stolen  /  Temp  Access •  Basic  physical  security  needs: •  Remote  wipe •  Locate  device •  Backup •  Local  storage •  Passcode  protec)on •  OS  responsibility •  MDM  solu)ons
  • 15. 2.  Network  ANacks   ImplementaJon  vs.  Design  Issues  
  • 16. ©  2015  RSA  Conference.  All  rights  reserved.   Implementa)on  Issues • Coding  piWalls • Ubiquitous • Usually  easy  to  fix  once  iden)fied
  • 17. ©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  GoToFail
  • 18. ©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  GoToFail static OSStatus
 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) { … if ((err = SSLHashSHA1.update(&hashCtx, &clientRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; err = sslRawVerify(ctx, ctx->peerPubKey, dataToSign, /* plaintext */ dataToSignLen, /* plaintext length */ signature, signatureLen); … fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); return err; }   Always  goto  “fail”,   even  if  err==0   Code  is  skipped   (even  though  err  ==  0)   FuncJon  returns  0  (i.e.  verified),  even  though   sslRawVerify  was  not  called   Source: Apple’s published source code
  • 19. ©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  Heartbleed
  • 20. ©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  Heartbleed
  • 21. ©  2015  RSA  Conference.  All  rights  reserved.   iOS  crashes “No  iOS  Zone”  exploited  again iPhone  crashes  again Device  restarts and  again and  again and  again Example  3:  “No  iOS  Zone”
  • 22. ©  2015  RSA  Conference.  All  rights  reserved.   Design-­‐Based  Vulnerabili)es • Logical  issue.  Harder  to  fix.  Usually  persist  longer • Two  types: •  General  “protocol”  vulnerabili)es •  Design  issues  affec)ng  mobile  OS • Mobile  -­‐  more  suscep)ble: •  Classical  security  solu)ons  are  inadequate •  Excessive  use  of  untrusted  networks
  • 23. ©  2015  RSA  Conference.  All  rights  reserved.   Example  I:  SSLstrip ALacker  removes  redirec)ons   and  links  to  HTTPS Vic)m  con)nues  to  interact  via  HTTP   instead  of  HTTPs Server  returns  a  redirec)on  to   HTTPS
  • 24. ©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  SSL  Decryp)on 92%  of  users  click  on  “ConJnue”   compromising  their  Exchange  idenJty    (username  and  password)   ConJnue   92%   Cancel   8%  
  • 25. ©  2015  RSA  Conference.  All  rights  reserved.   Example  3:  WiFiGate
  • 26. ©  2015  RSA  Conference.  All  rights  reserved.   Real)me  Threat  Intelligence 100K+  global  threats  iden)fied  in  2014 hLps://maps.skycure.com hLps://maps.skycure.com
  • 28. ©  2015  RSA  Conference.  All  rights  reserved.   Evolu)on  of  Android  Malware Google  introduces  technologies  such   as  “Bouncer”  and  “Verify  Apps”   Google  Play  is   riddled  with   malware   3rd  party  stores   are  riddled  with   malware  2011   2015  
  • 29. ©  2015  RSA  Conference.  All  rights  reserved.   Malware  Scanners  Effec)veness More  InformaIon  at  RSA  ASIAPAC   (July  23rd,  2015)    
  • 30. ©  2015  RSA  Conference.  All  rights  reserved.   Malware  is  Not  Just  an  Android  Problem
  • 32. ©  2015  RSA  Conference.  All  rights  reserved.   iOS  sandbox  approach   Source:  Apple’s  App  Sandbox  Design  Guide   App Characteristics Profile Characteristics iOS  Security  Model •  No  Store •  No  Screening •  No  Sandboxing •  One  Store •  Heavy  Screening •  App  Sandboxing
  • 33. ©  2015  RSA  Conference.  All  rights  reserved.   Par)cipa)on  Instruc)ons 1.  Open  your  Safari 2.  Tap  the  blue  buLon 3.  Click  on  ‘Install’ 4.  Click  on  ‘Install  Now’ 5.  Click  on  ‘Done’ Start  demo  by  opening  Safari  and  browsing  to: aLack.skycure.net
  • 34. ©  2015  RSA  Conference.  All  rights  reserved.   Removing  The  Infec)on 34   1.  Go  to  Senngs   2.  Click  on  General   3.  Click  on  Profiles   4.  Click  on  “Movies  for  Free”   5.  Click  on  Remove   Try  again  with  Skycure   installed  on  your  device.  
  • 36. ©  2015  RSA  Conference.  All  rights  reserved.   Example  1:  Plain  HTTP  
  • 37. ©  2015  RSA  Conference.  All  rights  reserved.   Example  2:  SwikKey  Vulnerability • 600  million  Android  (Samsung)  devices  vulnerable Pre-­‐installed   Keyboard   Unencrypted   Updates   MITM   System   Access  
  • 38. ©  2015  RSA  Conference.  All  rights  reserved.   Example  3:  HTTP  Request  Hijacking
  • 39. ©  2015  RSA  Conference.  All  rights  reserved.   -  (void)fetchArticles   {   NSURL *serverUrl = ! [NSURL URLWithString:@"http://journal.skycure.com"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   ! [request setValue:@"application/json” ! forHTTPHeaderField:@"Content-Type"];     self.connection = ! [[NSURLConnection alloc] initWithRequest:request delegate:self];   }     NSURL *serverUrl = ! [NSURL URLWithString:@"http://journal.skycure.com"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   NSURL *serverUrl =! [NSURL URLWithString:@"http://attacker.site/skycureJournal"];   ! NSMutableURLRequest *request =! [NSMutableURLRequest requestWithURL:serverUrl];   @"http://journal.skycure.com"   @"http://attacker.site/skycureJournal"   HTTP  Request   Hijacking  
  • 40. ©  2015  RSA  Conference.  All  rights  reserved.   Vic)m  interacts  with  the   malicious  server A  while  later, vic)m  opens  the  app App  logic  has   changed! ALacker  returns  a  301   direc)ve  specifying  a   permanent  change  in  URI Vic)m  opens  the  app  in  an   untrusted  environment App  con)nues  to  connect  to   the  malicious  server! Malicious  server  can   return  actual  results   from  the  target  server
  • 41. ©  2015  RSA  Conference.  All  rights  reserved.   Summary • Mobile  security  threat  landscape •  Physical,  Network,  Malware,  Vulnerabili)es • Mobile  is  a  low  hanging  fruit  for  aLackers • Recommenda)ons •  Awareness •  Focus  on  visibility  as  a  baseline  to  security •  Security  solu)ons  for  personal  and  business  needs
  • 42. ©  2015  RSA  Conference.  All  rights  reserved.   Next  Steps contact@skycure.com   hLps://www.skycure.com   hLps://blog.skycure.com   @YairAmit,  @AdiSharabani,  @SkycureSecurity /Skycure