SlideShare a Scribd company logo

iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation

Lacoon Mobile Security
Lacoon Mobile Security

A profile is an extremely sensitive optional configuration file which allows to re-define different system functionality parameters such as mobile carrier settings, Mobile Device Management (MDM) settings and networking settings. Through social engineering techniques such as email phishing or a fake URL, an attacker can convince a user to install a malicious profile and compromise the device settings to silently route network traffic from the device to a remote proxy over SSL using a self-signed certificate. The impact: Once the attacker has re-routed all traffic from the mobile device to their own server, they can begin to install other malicious apps and decrypt SSL communications.

Technology
1 of 9
Download to read offline
iOS Threats - Malicious Configuration Profiles Threat, Detection & Mitigation 1
A Little About Lacoon 2 Who We Are What We Do §  Develop new mobile security technologies that can detect and prevent mobile threats §  Partner with leading mobile operators and technology companies to provide comprehensive mobile security solutions §  Founded by mobile security experts from Military Intelligence and Telco Industries §  Supported by a Security Research Team focused on uncovering undiscovered threats to mobile apps and platforms §  Well-funded and backed by successful security industry veterans
3 iOS Configuration Profiles can be loaded on any iOS device with relative ease. Each configuration profile can include settings for managing the devices proxy, VPN, and certificates Introduction – iOS Malicious Configuration Profile Through social engineering like email phishing or web link an attacker can convince the user to install a malicious profile and compromise the device settings The attack can silently route network traffic from a device using the profile to a remote proxy over SSL using a self-signed certificate authority that appears valid to the end user Once the attacker re- routed all traffic from the mobile device to an attacker- controlled server, he can further install rogue apps, and decrypt SSL communications 1 2 3 4 1 2 3 4
4 How iOS Attacks 'Get in" Three Main Infection Vectors for iOS Attacks Physical Access Social Engineering Rogue WiFi HotSpots •  Malicious Profiles •  Fake Certificates •  Zero-Day Vulnerabilities 1 2 3
5 Malicious Profiles example LinkedIn Intro 1 User downloads app or accepts new functionality from one of their apps that requires an update to their device’s Profile. Example: LinkedIn Intro’s new Profile reroutes all email to the LinkedIn Servers. Example: LinkedIn Intro LinkedIn is now intercepting all emails and modifying their content (adding user info). This is known as a man- in-the-middle (MitM) attack! More Info 2 1 2
Holes in Existing Technologies 6 Capabilities needed to protect against MALICIOUS PROFILES Analyze Configuration Profiles Identify Suspicious Traffic Patterns Key: Cannot Protect Some Protection Can Protect✓
Certificate Validation Ability to check validity of certificates and accurately identify the source of the application Lacoon MobileFortress - iOS Threat Coverage Advanced Jailbreak Detection Ability to identify when a device has been jailbroken using continuous background service Configuration Profile Analysis Ability to identify changes to configuration profiles and understand when those changes make the device vulnerable (e.g. compromise secure containers) Malicious App Detection Ability to understand communications from the app, regardless of how it was installed on the device, to see what it’s doing (e.g. recognize traffic to and from unknown servers) Man-in-the-Middle Attack Mitigation Ability to trigger a VPN to isolate user when on a WiFi or other unsecured network
8 Lacoon iOS App checks for modified network settings every 10 min and sends configuration info to the Behavioral Risk Engine (BRE) How Lacoon MobileFortress Works – iOS Malicious Configuration Profiles The BRE analyzes the new network configuration and determines if it can compromised the device communication The appropriate Risk Score is automatically assigned to the device and triggers the active protection layers Active Protection prevents data exfiltration- by notifying the user on-the-device, activating network protection and via MDM/NAC integration Full visibility and control over the compromised settings are available on the Lacoon Dashboard. Whitelisting capabilities are available for known settings1 2 3 4 5 1 2 3 4 5 MobileFortress App Behavioral Risk Engine Risk Score Active Protection Dashboard
Contact details www.lacoon.com sales@lacoon.com

Recommended

MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)Lacoon Mobile Security
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
Mobile Apps and Security Attacks: An Introduction
Mobile Apps and Security Attacks: An IntroductionMobile Apps and Security Attacks: An Introduction
Mobile Apps and Security Attacks: An IntroductionNagarro
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device SecurityQuick Heal Technologies Ltd.
 
Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects HelpNetwork Simulation Tools
 

Recommended

MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)Lacoon Mobile Security
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
Mobile Apps and Security Attacks: An Introduction
Mobile Apps and Security Attacks: An IntroductionMobile Apps and Security Attacks: An Introduction
Mobile Apps and Security Attacks: An IntroductionNagarro
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device SecurityQuick Heal Technologies Ltd.
 
Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects HelpNetwork Simulation Tools
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessSymantec
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)AP DealFlow
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterBrian Gleeson
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Protect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat DefenseProtect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat DefenseAdi Saputra
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageLeMeniz Infotech
 
Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...EC-Council
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationKevin Thiele
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppAppknox
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Mobile security and drozer tool demo
Mobile security and drozer tool demoMobile security and drozer tool demo
Mobile security and drozer tool demoGowthamraj Palani
 
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E..."Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...Lacoon Mobile Security
 
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsBlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsLacoon Mobile Security
 

More Related Content

What's hot

Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessSymantec
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)AP DealFlow
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterBrian Gleeson
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Protect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat DefenseProtect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat DefenseAdi Saputra
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageLeMeniz Infotech
 
Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...EC-Council
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationKevin Thiele
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppAppknox
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Mobile security and drozer tool demo
Mobile security and drozer tool demoMobile security and drozer tool demo
Mobile security and drozer tool demoGowthamraj Palani
 

What's hot (20)

Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your business
 
Mobile security
Mobile securityMobile security
Mobile security
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile Perimeter
 
Mobile security
Mobile securityMobile security
Mobile security
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
Protect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat DefenseProtect your company from zero-day with ESET Dynamic Threat Defense
Protect your company from zero-day with ESET Dynamic Threat Defense
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are Asking
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakage
 
Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...Out Go The Lights: An enlightening discussion of IoT automation security By D...
Out Go The Lights: An enlightening discussion of IoT automation security By D...
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devices
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentation
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android App
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Mobile security and drozer tool demo
Mobile security and drozer tool demoMobile security and drozer tool demo
Mobile security and drozer tool demo
 

Viewers also liked

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E..."Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...Lacoon Mobile Security
 
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsBlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsLacoon Mobile Security
 
CNIT 121: 14 Investigating Applications
CNIT 121: 14 Investigating ApplicationsCNIT 121: 14 Investigating Applications
CNIT 121: 14 Investigating ApplicationsSam Bowne
 
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network EvidenceCNIT 121: 9 Network Evidence
CNIT 121: 9 Network EvidenceSam Bowne
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)Sam Bowne
 
CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)Sam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)Sam Bowne
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)Sam Bowne
 
Ch 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringCh 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringSam Bowne
 
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruption
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruptionCNIT 40: 5: Prevention, protection, and mitigation of DNS service disruption
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruptionSam Bowne
 
CNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise ServicesCNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise ServicesSam Bowne
 
Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Sam Bowne
 
CNIT 127 Ch 6: The Wild World of Windows
CNIT 127 Ch 6: The Wild World of WindowsCNIT 127 Ch 6: The Wild World of Windows
CNIT 127 Ch 6: The Wild World of WindowsSam Bowne
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsSam Bowne
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookSam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
CNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationCNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationSam Bowne
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
CNIT 121: 12 Investigating Windows Systems (Part 3)
CNIT 121: 12 Investigating Windows Systems (Part 3)CNIT 121: 12 Investigating Windows Systems (Part 3)
CNIT 121: 12 Investigating Windows Systems (Part 3)Sam Bowne
 
CNIT 40: 6: DNSSEC and beyond
CNIT 40: 6: DNSSEC and beyondCNIT 40: 6: DNSSEC and beyond
CNIT 40: 6: DNSSEC and beyondSam Bowne
 

Viewers also liked (20)

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E..."Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...
 
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsBlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
 
CNIT 121: 14 Investigating Applications
CNIT 121: 14 Investigating ApplicationsCNIT 121: 14 Investigating Applications
CNIT 121: 14 Investigating Applications
 
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network EvidenceCNIT 121: 9 Network Evidence
CNIT 121: 9 Network Evidence
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
 
CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
 
Ch 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringCh 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social Engineering
 
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruption
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruptionCNIT 40: 5: Prevention, protection, and mitigation of DNS service disruption
CNIT 40: 5: Prevention, protection, and mitigation of DNS service disruption
 
CNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise ServicesCNIT 121: 10 Enterprise Services
CNIT 121: 10 Enterprise Services
 
Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging
 
CNIT 127 Ch 6: The Wild World of Windows
CNIT 127 Ch 6: The Wild World of WindowsCNIT 127 Ch 6: The Wild World of Windows
CNIT 127 Ch 6: The Wild World of Windows
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access Controls
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management Handbook
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
 
CNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationCNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the Application
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
 
CNIT 121: 12 Investigating Windows Systems (Part 3)
CNIT 121: 12 Investigating Windows Systems (Part 3)CNIT 121: 12 Investigating Windows Systems (Part 3)
CNIT 121: 12 Investigating Windows Systems (Part 3)
 
CNIT 40: 6: DNSSEC and beyond
CNIT 40: 6: DNSSEC and beyondCNIT 40: 6: DNSSEC and beyond
CNIT 40: 6: DNSSEC and beyond
 

Similar to iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation

State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurityGary Sandoval
 
MUC -Summary - Lessons.docx
MUC -Summary - Lessons.docxMUC -Summary - Lessons.docx
MUC -Summary - Lessons.docxssuser4c58f5
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applicationsGTestClub
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Mobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdfMobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdfGMATechnologies1
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdfPavelVtek3
 
Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Lookout Mobile Endpoint Security Datasheet (US - v2.5)Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Lookout Mobile Endpoint Security Datasheet (US - v2.5)Arnold Bijlsma
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSPurna Bhat
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 

Similar to iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation (20)

Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOS
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurity
 
MUC -Summary - Lessons.docx
MUC -Summary - Lessons.docxMUC -Summary - Lessons.docx
MUC -Summary - Lessons.docx
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
 
Top 6 Android Security Best Practices for App Development
Top 6 Android Security Best Practices for App DevelopmentTop 6 Android Security Best Practices for App Development
Top 6 Android Security Best Practices for App Development
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Mobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdfMobile App Security Best Practices Protecting User Data.pdf
Mobile App Security Best Practices Protecting User Data.pdf
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdf
 
Mobile Apps Security Testing -1
Mobile Apps Security Testing -1Mobile Apps Security Testing -1
Mobile Apps Security Testing -1
 
Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Lookout Mobile Endpoint Security Datasheet (US - v2.5)Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Lookout Mobile Endpoint Security Datasheet (US - v2.5)
 
UNIT-3.docx
UNIT-3.docxUNIT-3.docx
UNIT-3.docx
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoS
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
 
Module 6.Security in Evolving Technology
Module 6.Security in Evolving TechnologyModule 6.Security in Evolving Technology
Module 6.Security in Evolving Technology
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 

More from Lacoon Mobile Security

Mobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackMobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackLacoon Mobile Security
 
Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsLacoon Mobile Security
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
How Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersHow Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersLacoon Mobile Security
 
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Lacoon Mobile Security
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)Lacoon Mobile Security
 

More from Lacoon Mobile Security (7)

Mobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackMobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under Attack
 
Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMs
 
An Overview of mRATs
An Overview of mRATsAn Overview of mRATs
An Overview of mRATs
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
 
How Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersHow Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure Containers
 
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
 

Recently uploaded

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Recently uploaded (20)

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation

  • 1. iOS Threats - Malicious Configuration Profiles Threat, Detection & Mitigation 1
  • 2. A Little About Lacoon 2 Who We Are What We Do §  Develop new mobile security technologies that can detect and prevent mobile threats §  Partner with leading mobile operators and technology companies to provide comprehensive mobile security solutions §  Founded by mobile security experts from Military Intelligence and Telco Industries §  Supported by a Security Research Team focused on uncovering undiscovered threats to mobile apps and platforms §  Well-funded and backed by successful security industry veterans
  • 3. 3 iOS Configuration Profiles can be loaded on any iOS device with relative ease. Each configuration profile can include settings for managing the devices proxy, VPN, and certificates Introduction – iOS Malicious Configuration Profile Through social engineering like email phishing or web link an attacker can convince the user to install a malicious profile and compromise the device settings The attack can silently route network traffic from a device using the profile to a remote proxy over SSL using a self-signed certificate authority that appears valid to the end user Once the attacker re- routed all traffic from the mobile device to an attacker- controlled server, he can further install rogue apps, and decrypt SSL communications 1 2 3 4 1 2 3 4
  • 4. 4 How iOS Attacks 'Get in" Three Main Infection Vectors for iOS Attacks Physical Access Social Engineering Rogue WiFi HotSpots •  Malicious Profiles •  Fake Certificates •  Zero-Day Vulnerabilities 1 2 3
  • 5. 5 Malicious Profiles example LinkedIn Intro 1 User downloads app or accepts new functionality from one of their apps that requires an update to their device’s Profile. Example: LinkedIn Intro’s new Profile reroutes all email to the LinkedIn Servers. Example: LinkedIn Intro LinkedIn is now intercepting all emails and modifying their content (adding user info). This is known as a man- in-the-middle (MitM) attack! More Info 2 1 2
  • 6. Holes in Existing Technologies 6 Capabilities needed to protect against MALICIOUS PROFILES Analyze Configuration Profiles Identify Suspicious Traffic Patterns Key: Cannot Protect Some Protection Can Protect✓
  • 7. Certificate Validation Ability to check validity of certificates and accurately identify the source of the application Lacoon MobileFortress - iOS Threat Coverage Advanced Jailbreak Detection Ability to identify when a device has been jailbroken using continuous background service Configuration Profile Analysis Ability to identify changes to configuration profiles and understand when those changes make the device vulnerable (e.g. compromise secure containers) Malicious App Detection Ability to understand communications from the app, regardless of how it was installed on the device, to see what it’s doing (e.g. recognize traffic to and from unknown servers) Man-in-the-Middle Attack Mitigation Ability to trigger a VPN to isolate user when on a WiFi or other unsecured network
  • 8. 8 Lacoon iOS App checks for modified network settings every 10 min and sends configuration info to the Behavioral Risk Engine (BRE) How Lacoon MobileFortress Works – iOS Malicious Configuration Profiles The BRE analyzes the new network configuration and determines if it can compromised the device communication The appropriate Risk Score is automatically assigned to the device and triggers the active protection layers Active Protection prevents data exfiltration- by notifying the user on-the-device, activating network protection and via MDM/NAC integration Full visibility and control over the compromised settings are available on the Lacoon Dashboard. Whitelisting capabilities are available for known settings1 2 3 4 5 1 2 3 4 5 MobileFortress App Behavioral Risk Engine Risk Score Active Protection Dashboard