A REPORT FROM A FIRM CALLED Zimperium has found that mobile vulnerabilities have had a rocket up them this year have already surpassed the total of flaws uncovered throughout the whole of 2016.
This is based on its own networks and systems and customer experience, but it could be viewed as a snapshot of the whole landscape. Zimperium definitely thinks so.
"The report contains high-level statistics aggregated from Zimperium customers around the world. Each enterprise customer operates its own mobile threat defence environment and independently manages compliance and remediation policies based on corporate procedures and preferences," explains the firm.
"Every environment contains detailed forensics on each threat and attack, enabling security teams to perform detailed analysis on which device was attacked, where it was attacked (if configured) and what processes were running on the device at the time of the attack."
The big news is the big uptick in mobile malware of course, but there are some other things here too, like for example the fact that one in five iOS users is running out of date software, and that enterprise customers are using VPNs to circumvent whatever protection their employers may have laid out for them.
"Cyber criminals are more likely to take the path of least resistance and enterprise data is most vulnerable via mobile devices since most of time spent is away from secure networks, on public Wi-Fi and on apps that IT and security do not control or administer," explains the firm in its report.
"Since 2016 there have been over 600 common vulnerabilities and exposures (CVEs) registered for Android and 300 for iOS . So far in 2017, there are more CVEs registered for Android and iOS than in all of 2016. The increase indicates the Android and iOS mobile operating systems are still maturing."
We have had some doozies of CVEs this year, including Hummingwhale, which made itself very well known on Android devices earlier this year. µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe