In today's increasingly mobile-driven world, securing our digital assets and protecting sensitive information is of paramount importance. To address this need, the National Institute of Standards and Technology (NIST) recently released the latest version of their publication, NIST 800-124 Rev. 2: Guidelines for Managing the Security of Mobile Devices in the Enterprise.

Mobile devices have become indispensable in our modern lives, enabling us to stay connected, access information, and conduct transactions on the go. However, the rise of mobile usage for accessing corporate information is attracting the increased attention of cybercriminals seeking to exploit vulnerabilities and gain unauthorized access to sensitive data.

In recent years, especially with hybrid work, almost everyone uses an iOS or Android device for work. In fact, in a recent survey, Lookout found that 92% of remote workers use their personal laptops or smartphones for work tasks, with 46% of them having saved files onto their devices. Now that employees expect to be productive from anywhere, organizations across all industries have become more relaxed with allowing the use of personal devices with bring-your-own-device (BYOD) programs.

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tool which we attribute with moderate confidence to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). Named BouldSpy for the “BoulderApplication” class which configures the tool’s command and control (C2), we have been tracking the spyware since March 2020.

Remote work is no longer a trend — in 2022, remote workers represented 30% of the overall workforce. Cloud services and mobile devices have made the work environment more flexible, and organizations have implemented bring-your-own-device (BYOD) policies to enable employees who are working from anywhere to get more done.

Stolen employee login credentials are one of the most effective ways for bad actors to infiltrate your organization’s infrastructure. Once they have the login information of one of your accounts in hand, it becomes much easier for them to bypass security measures and gain access to your sensitive data. So how do attackers get those login credentials? The answer in many cases is mobile phishing.

A company’s brand is more than just its logo and color palette. It’s a signal to the world about their vision and commitment. This is why I’m super excited that Lookout is debuting a reimagined identity and position centered around freedom of control. ‍ Lookout started its journey in 2007 trailblazing the concept of mobile security.

When it comes to the way we work, change is now the status quo — and it often happens so quickly that security teams have a tough time keeping up. Organizations that try to keep using their perimeter-based security solutions are hindering their workers’ ability to collaborate while also losing a handle on their data.

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel. Victims are being targeted by phishing emails that appear to be from Singapore Post or Singtel. In these emails, users were sent messages informing them of fake billing issues or outstanding payments with links to fraudulent websites that asked for their personal information.

Over the winter holidays, Southwest Airlines, one of the U.S.’ largest and most reputable airlines was forced to cancel around 45% of its scheduled flights. It’s difficult to pinpoint the exact reason for this meltdown, but in my opinion this is likely due to outdated infrastructure and IT systems. Other airlines also had to deal with bad weather and holiday traffic, but were not faced with the same level of disruption.