Researchers at the Lookout Threat Lab have discovered a new Android surveillance tool which we attribute with moderate confidence to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). Named BouldSpy for the “BoulderApplication” class which configures the tool’s command and control (C2), we have been tracking the spyware since March 2020.

Remote work is no longer a trend — in 2022, remote workers represented 30% of the overall workforce. Cloud services and mobile devices have made the work environment more flexible, and organizations have implemented bring-your-own-device (BYOD) policies to enable employees who are working from anywhere to get more done.

Stolen employee login credentials are one of the most effective ways for bad actors to infiltrate your organization’s infrastructure. Once they have the login information of one of your accounts in hand, it becomes much easier for them to bypass security measures and gain access to your sensitive data. So how do attackers get those login credentials? The answer in many cases is mobile phishing.

A company’s brand is more than just its logo and color palette. It’s a signal to the world about their vision and commitment. This is why I’m super excited that Lookout is debuting a reimagined identity and position centered around freedom of control. ‍ Lookout started its journey in 2007 trailblazing the concept of mobile security.

When it comes to the way we work, change is now the status quo — and it often happens so quickly that security teams have a tough time keeping up. Organizations that try to keep using their perimeter-based security solutions are hindering their workers’ ability to collaborate while also losing a handle on their data.

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel. Victims are being targeted by phishing emails that appear to be from Singapore Post or Singtel. In these emails, users were sent messages informing them of fake billing issues or outstanding payments with links to fraudulent websites that asked for their personal information.

Over the winter holidays, Southwest Airlines, one of the U.S.’ largest and most reputable airlines was forced to cancel around 45% of its scheduled flights. It’s difficult to pinpoint the exact reason for this meltdown, but in my opinion this is likely due to outdated infrastructure and IT systems. Other airlines also had to deal with bad weather and holiday traffic, but were not faced with the same level of disruption.

Whether it’s splitting the bill after a night out on the town or sending money for your niece’s graduation, more Americans are relying on peer-to-peer payment services like Cash App than ever before. It’s a quick and seamless way to make financial transactions trusted by millions of users. Cash App makes it easy to receive and send money and is renowned for its convenience. But while Cash App transactions are generally safe, users could still be susceptible to Cash App scams.

When talking about big influences on cybersecurity, we tend to think about sweeping trends like digital transformation and the hybrid work revolution. And that makes sense. Cloud adoption, for example, has created complex corporate infrastructures. This is forcing the security industry to rethink how they protect data.

The central issue behind the latest headline-grabbing security breach – an incident that directly impacted several major US government agencies – highlights pervasive issues related to many organizations’ use of the popular Office 365 and Azure Microsoft cloud platforms.