Expert Comments

Mobileiron Vulnerability Used By State-backed Hackers To Break Into Networks – Experts Insight

Expert(s):
Expert(s):

Cyber criminals are actively exploiting the vulnerabilities in mobile device managment (MDM) solutions to successfully gain access to networks across government, healthcare and other industries as reported. An alert warning is issued by UK’s National Cyber Security Center (NCSC) to warn the users that multiple actors are exploiting MobileIron Vulnerability (CVW 2020-15505). MobileIron is a provider of MDM which allows system administrator to manage the company mobile devices from the central server.

Experts Comments

Dot Your Expert Comments
Tom Davison
November 26, 2020
EMEA Technical Director
Lookout

Mobile Device Management servers are by definition reachable from the public internet making them opportune targets.
The interesting story here is the assertion by cybersecurity agencies in the UK (NCSC) and the US (NSA) that nation-state APT groups are actively exploiting these vulnerabilities, five full months after patches were issued. Mobile Device Management servers are by definition reachable from the public internet making them opportune targets. Offering a gateway to potentially compromise every mobile device in the organisation, the attraction to attackers is clear. This highlights not just the.....Read More
The interesting story here is the assertion by cybersecurity agencies in the UK (NCSC) and the US (NSA) that nation-state APT groups are actively exploiting these vulnerabilities, five full months after patches were issued. Mobile Device Management servers are by definition reachable from the public internet making them opportune targets. Offering a gateway to potentially compromise every mobile device in the organisation, the attraction to attackers is clear. This highlights not just the importance of patching open vulnerabilities, but also the criticality of having a dedicated mobile security capability that is distinct from device management infrastructure.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

15 Schools Hit By Cyberattack In Nottinghamshire

Qualys Hit With Ransomware And Customer Invoices Leaked

Experts Reaction On PrismHR Hit By Ransomware Attack

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And...

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords