#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter
CrowdSec

MDM Solution | Breaking Cybersecurity News | The Hacker News

iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known
Jul 25, 2018
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago , has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article , earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM) service to hijack and spy on a few targeted iPhone users in India. Operating since August 2015, the attackers have been found abusing MDM service to remotely install malicious versions of legitimate apps, including Telegram, WhatsApp, and PrayTime, onto targeted iPhones. These modified apps have been designed to secretly spy on iOS users, and steal their real-time location, SMS, contacts, photos and private messages from third-party chatting applications. During their ongoing investigation, Talos researchers identified a new MDM infrastructure and several malicious binaries – designed

Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users

Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users
Jul 13, 2018
Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely. Exploiting Apple MDM Service to Remotely Control Devices To enroll an iOS device into the MDM requires a user to manually install enterprise development certificate, which enterprises obtained through the Apple Developer Enterprise Program. Companies can deliver MDM configuration file through email or a webpage for over-the-air enrollment service using Apple Configurator. Once a user installs it, the service allows the company administrators to remotely control the device, install/remove apps, in

external linkWing Security Launches Free SaaS Discovery Tool to Tackle Shadow IT Risks

SaaS
websitewww.wing.securitySaaS Security / Attack Surface
Wing Security finds and ranks all SaaS applications completely for free, removing unnecessary risk.
Cybersecurity Resources