Header Ads

Breaking News

Securing the modern mobile OS

The idea for this blog post came to me during a discussion around some recent research performed by Cisco’s Talos threat research group.

The post “Advanced Mobile Malware Campaign in India uses Malicious MDM” authored by Warren Mercer, Paul Rascagneres and Andrew Williams and the follow-up post containing additional research found in Part 2.

In this beautiful piece of research, these guys identified and analyzed an attacker with malicious intent, that used a modified open source Mobile Device Manager (MDM) to control multiple mobile devices; and to install modified versions of well-known apps like WhatsApp and Telegram in order to gain access to what would otherwise be private data.

”What would you say you [an MDM] do[es] here?”

You’re welcome for the Office Space reference 🙂 

Mobile Device Management (MDM), also sometimes referred to as Enterprise Mobility Management (EMM), is a more than just tooling. It is the technique of managing endpoints from a central location, and it is a critical aspect of a secure endpoint strategy.

A long, long time ago, Microsoft created something called group policies which are capable of controlling every aspect of a computer running Windows. You could lock down everything about that endpoint from what is displayed on the desktop and start menu, to the ability to prevent users from right clicking. The level of control is amazing.

Source Link

No comments