SlideShare a Scribd company logo

Smartphone security issues

Aleksandra Gavrilovska
Aleksandra Gavrilovska
TechnologyBusiness
1 of 17
Download to read offline
Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
Losing your smartphone 2  
What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
Malicious software 4  
Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
7  
Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
Vulnerable wireless networks 10  
What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
PANIC 12  
What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
…because we develop mobile applications… 14  
OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
Thank you.   17  

Recommended

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)Hîmãlåy Làdhä
 

Recommended

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)Hîmãlåy Làdhä
 
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021MuhammadusmanRana10
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityQuick Heal Technologies Ltd.
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
Mobile app security
Mobile app securityMobile app security
Mobile app securitywhitecryption
 
Smartphone
SmartphoneSmartphone
SmartphoneNaval OPSEC
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Security awareness
Security awarenessSecurity awareness
Security awarenessJosh Chandler
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khanTajwar khan
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.HugoBarrionuevoSobri
 
Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security15215822
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMuthu Kumar
 
Communication
CommunicationCommunication
Communicationyamingd
 

More Related Content

What's hot

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khanTajwar khan
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 

What's hot (19)

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
Network basic security
Network basic securityNetwork basic security
Network basic security
 
Jeopardy
JeopardyJeopardy
Jeopardy
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
 
Mobile app security
Mobile app securityMobile app security
Mobile app security
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
 
Cyber security
Cyber securityCyber security
Cyber security
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
 

Viewers also liked

Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security15215822
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMuthu Kumar
 
Communication
CommunicationCommunication
Communicationyamingd
 
Dave Briggs - Engaging Change
Dave Briggs - Engaging ChangeDave Briggs - Engaging Change
Dave Briggs - Engaging ChangePaul McElvaney
 
Pobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiPobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiMaja Vujovic
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef frameworkmorgoth
 
Dispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadDispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadAgustin Benito Bethencourt
 
Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Sjef Kerkhofs
 
lezing Online netwerken
lezing Online netwerkenlezing Online netwerken
lezing Online netwerkenSjef Kerkhofs
 
Aag presentatie 3 februari
Aag presentatie 3 februariAag presentatie 3 februari
Aag presentatie 3 februariSjef Kerkhofs
 
产品思考
产品思考产品思考
产品思考yamingd
 
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...ivdacruz
 
Learning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesLearning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesPaul McElvaney
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Paul McElvaney
 

Viewers also liked (20)

Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
Communication
CommunicationCommunication
Communication
 
Dave Briggs - Engaging Change
Dave Briggs - Engaging ChangeDave Briggs - Engaging Change
Dave Briggs - Engaging Change
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
My Learning Pool
My Learning PoolMy Learning Pool
My Learning Pool
 
Scotweb Presentation
Scotweb PresentationScotweb Presentation
Scotweb Presentation
 
Nilga Feb 2009
Nilga Feb 2009Nilga Feb 2009
Nilga Feb 2009
 
Pobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiPobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpi
 
Lezing Xerox
Lezing XeroxLezing Xerox
Lezing Xerox
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef framework
 
Dispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadDispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una Comunidad
 
Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1
 
lezing Online netwerken
lezing Online netwerkenlezing Online netwerken
lezing Online netwerken
 
Aag presentatie 3 februari
Aag presentatie 3 februariAag presentatie 3 februari
Aag presentatie 3 februari
 
产品思考
产品思考产品思考
产品思考
 
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
 
Learning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesLearning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using images
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
 
Ana Virtual Worlds
Ana Virtual WorldsAna Virtual Worlds
Ana Virtual Worlds
 

Similar to Smartphone security issues

Mobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersMobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersAlberto Aguzzi
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkMartin Vigo
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidNikola Milosevic
 
Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaMoldova ICT Summit
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdfRavi Aggarwal
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecNowSecure
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Sina Manavi
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAvinash Birnale
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on androidRavishankar Kumar
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile DeviceTyler Shields
 
android Security
android Security android Security
android Security darkC0de
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By NirmalNIRMAL RAJ
 

Similar to Smartphone security issues (20)

Mobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersMobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net Developers
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov Endava
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSec
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
 
Android security
Android securityAndroid security
Android security
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile Device
 
android Security
android Security android Security
android Security
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

Smartphone security issues

  • 1. Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
  • 3. What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
  • 5. Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
  • 6. What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
  • 8. Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
  • 9. What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
  • 10. Vulnerable wireless networks 10  
  • 11. What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
  • 12. PANIC 12  
  • 13. What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
  • 14. …because we develop mobile applications… 14  
  • 15. OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
  • 16. OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
  • 17. Thank you.   17