#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

mobile device management | Breaking Cybersecurity News | The Hacker News

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

Jul 26, 2022
FileWave's mobile device management (MDM) system has been found vulnerable to two critical security flaws that could be leveraged to carry out remote attacks and seize control of a fleet of devices connected to it. "The vulnerabilities are remotely exploitable and enable an attacker to bypass authentication mechanisms and gain full control over the MDM platform and its managed devices," Claroty security researcher Noam Moshe  said  in a Monday report. FileWave MDM is a cross-platform mobile device management solution that allows IT administrators to manage and monitor all of an organization's devices, including mobile phones, tablets, laptops, workstations, and smart TVs. The platform functions as a channel to push mandatory software and updates, change device settings, and even remotely wipe devices, all of which is delivered from a central server. The two issues identified by the operational technology firm relate to an authentication bypass (CVE-2022-34907) a
iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

Jul 25, 2018
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago , has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article , earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM) service to hijack and spy on a few targeted iPhone users in India. Operating since August 2015, the attackers have been found abusing MDM service to remotely install malicious versions of legitimate apps, including Telegram, WhatsApp, and PrayTime, onto targeted iPhones. These modified apps have been designed to secretly spy on iOS users, and steal their real-time location, SMS, contacts, photos and private messages from third-party chatting applications. During their ongoing investigation, Talos researchers identified a new MDM infrastructure and several malicious binaries – designed
cyber insurance

external linkEliminating SaaS Shadow IT is Now Available via a Free Self-Service Product

websitewww.wing.securitySaaS Security / Shadow IT
This new product provides IT and Security visibility into the risky SaaS apps employees are using.
Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users

Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users

Jul 13, 2018
Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely. Exploiting Apple MDM Service to Remotely Control Devices To enroll an iOS device into the MDM requires a user to manually install enterprise development certificate, which enterprises obtained through the Apple Developer Enterprise Program. Companies can deliver MDM configuration file through email or a webpage for over-the-air enrollment service using Apple Configurator. Once a user installs it, the service allows the company administrators to remotely control the device, install/remove apps, in
Lost Your Phone? Google Search 'Find My Phone' To Locate It

Lost Your Phone? Google Search 'Find My Phone' To Locate It

Apr 17, 2015
How many of you have an issue to forget your mobile phones? I guess, most of us. Sometimes in our homes, sometimes in our offices, sometimes in our cars and sometimes we even don't remember the exact place where we left our phones.  Now, Finding your phone is as simple as searching something on Google ... Instead of searching your phone everywhere, just ask Google where your phone is, and the search engine giant will answer you the exact place where you left your smartphone.  Sound's interesting! Google unveiled a new feature on Wednesday that lets you search for your Android smartphone or tablet using the search engine on your desktop computer. How does it work? Log-in to the same Google account on your desktop computer's browser that you use on your Android smartphone, but before that make sure you must have the latest version of the Google app installed on your smartphone. Now type " Find my phone " into Google's search engine, a
More Resources