|By Business Wire||
|August 6, 2014 02:20 PM EDT||
Accuvant, the authoritative source for enterprise information security, today disclosed at Black Hat USA 2014 details of security vulnerabilities that are exposing mobile phone users to risk. Research scientists Mathew Solnik and Marc Blanchou, both members of the respected Accuvant LABS team, demonstrated the attacks in order to better educate the community on the seriousness of the risks. The vulnerabilities discovered by the pair impact Android, Blackberry and a small number of iOS-based devices, with risk varying by carrier and device make and model.
Mobile phone users should make sure their devices are up to date with the latest patches. If no recent patches have been issued for a device, users should contact their carriers to find out if they are impacted and if a fix is available or has already been implemented. Organizations should leverage their MDM platforms to ensure users adopt the latest version of software for their phones.
“Carriers embed control software into most mobile devices so that they can configure phones for their networks and push over-the-air firmware updates,” said Ryan Smith, Accuvant vice president and chief scientist. “Our researchers – Mathew Solnik and Marc Blanchou – found serious security vulnerabilities in the carrier control software used in a large number of cell phones across platforms and carriers.”
Accuvant has been working diligently to properly disclose its findings to service providers to mitigate the risk. The company that makes the software has issued a fix that solves the problem; baseband manufacturers have written code to implement the fix; and carriers are in the process of distributing the fix to existing phones.
“Security threats have become a daily issue for billions of technology users around the world, so it’s critical to find vulnerabilities of this nature and fix them before they can become a big public concern,” said Christina Richmond, program director, security services, IDC. “Having specialized experts with the capabilities to conduct this kind of security research and educate organizations and consumers on how to fix these issues is essential.”
Dependent upon device and carrier, when exploited the vulnerabilities in this control software may enable attackers to install malicious software; access data; add, delete and run applications; wipe a device; and remotely change the PIN for the screen lock, among other items.
Accuvant is a Black Hat 2014 Platinum Sponsor, and is exhibiting at booth #635.
Accuvant, a Blackstone (NYSE: BX) portfolio company, is the leading provider of information security services and solutions serving enterprise-class organizations across North America. The company offers a full suite of service capabilities to help businesses, governments and educational institutions define their security strategies, identify and remediate threats and risks, select and deploy the right technology, and achieve operational readiness to protect their organizations from malicious attack. Founded in 2002, Accuvant has been named to the Inc. 500|5000 list of fastest growing companies for the last seven consecutive years. The company is headquartered in Denver, Colo., with offices across the United States and Canada. Further information is available at www.accuvant.com.
Jan. 26, 2015 07:45 PM EST Reads: 2,484
Jan. 26, 2015 07:30 PM EST Reads: 1,515
Jan. 26, 2015 06:15 PM EST Reads: 3,853
Jan. 26, 2015 06:00 PM EST Reads: 1,506
Jan. 26, 2015 06:00 PM EST Reads: 3,069
Jan. 26, 2015 06:00 PM EST Reads: 1,671
Jan. 26, 2015 06:00 PM EST Reads: 2,806
Jan. 26, 2015 05:45 PM EST Reads: 3,113
Jan. 26, 2015 05:00 PM EST Reads: 2,524
Jan. 26, 2015 05:00 PM EST Reads: 7,609
Jan. 26, 2015 05:00 PM EST Reads: 1,532
Jan. 26, 2015 04:45 PM EST Reads: 683
Jan. 26, 2015 03:00 PM EST Reads: 1,316
Jan. 26, 2015 02:45 PM EST Reads: 2,244
Software AG and Wipro Ltd. have announced a joint solution platform for streaming analytics that provides real-time actionable intelligence for the Internet of Things (IoT) market. “The key to successfully addressing the IoT market is the ability to rapidly build and evolve apps that tap into, analyze and make smart decisions on fast, big data”, said John Bates, Global Head of Industry Solutions and CMO, Software AG. To address the huge market potential created by streaming analytics in conj...
Jan. 26, 2015 02:30 PM EST Reads: 597