Name: How Hackers Bypass MFA… And How to Stop Them
Start: 2023-03-23T15:00:00Z
End: 2023-03-23T15:28:45.000Z
Location: BrightTALK
Rating: 5

As the only mobile security platform purpose-built for enterprise environments, Zimperium provides security solutions for mobile devices and applications, ensuring safe and secure access to critical data. Our patented, on-device, machine learning-based security provides visibility and protection against known threats and zero-day attacks, and our mobile application protection suite combines comprehensive in-app protection with centralized threat visibility. Here we share resources and information related to our mobile threat research, and best practices for securing mobile devices and mobile applications in the context of the modern threat landscape.

Mobile app developers are under pressure to do more with less and faster, making it more difficult than ever to build a secure mobile app. And hackers know this. Join Zimperium and DZone for a webinar to hear how hackers attack mobile apps. 

In this webinar, you will learn:
- The different attack vectors and methods for hacking mobile apps
- The most crucial security measures you should put in place to secure your mobile applications
- How to obtain comprehensive in-app protection and threat visibility
- Where to start on your mobile AppSec journey

How Malicious Actors Compromise Your Mobile App

All caught up on the latest benefits of app hardening and code obfuscation, but interested in learning more about the inner workings? Join a member of the Zimperium Sales Engineering team for a demo webinar where we will show the core aspects of zShield, our advanced app shielding and obfuscation solution. Register and learn about:
- Setup and deployment
- Alerts and monitoring risks
- Special highlight on implementing zShield in Android Apps

Demo Series: zShield | Plus a Deep Dive on Implementing zShield in Android Apps

The number of organizations banning applications due to surveillance and spyware concerns on employee devices continues to grow In 2020, the average smartphone user had 40 apps installed on their mobile phone. And Zimperium’s zLab Research team found last year (2022) that 23% of all Android samples and 24% of the iOS apps in the public record are malicious, meaning mobile apps represent a major attack surface.

Mobile threat defense (MTD) solutions protect mobile platforms by detecting threats to apps on the devices as well as operating systems and the networks they use. While MTD is a vital component of enterprise security that should be integrated into Zero Trust architecture, organizations also get significant benefits from the app vetting capabilities, especially in this era requiring specific app policy enforcement. In fact, according to the 2023 Gartner Market Guide for Mobile Threat Defense, “Security and risk management leaders looking for immediate, visible value to justify an MTD investment should use the app-vetting and device vulnerability management features. These two features enable them to demonstrate quickly how MTD reduces app risk and device risk.”

Join Zimperium and SANS for a webinar to discuss how to use mobile app vetting to protect your organization from security and privacy threats.

Managing Apps on BYO and Managed Devices: How to Enforce Policies

Interested in learning more about the day-to-day impact of Mobile Threat Defense on your overall security? Join a member of the Zimperium Sales Engineering team for a demo of the core aspects of Zimperium Mobile Threat Defense (MTD), formerly known as zIPS. Attend to learn about:
- Policy setup and enforcement
- Integrations with MDM / EMM, XDR, SIEM and SOAR solutions
- Alerts and managing risks
- Special highlight on zero-touch deployment

See a Demo of Zimperium MTD | Plus a Deeper Dive on Zero-Touch Deployment

The White House has given Federal agencies 30 days to remove a popular social media app from all government-issued devices and to prohibit future traffic to the app. This is in addition to the many State, Local, and Education groups that have already banned the app. MDMs and Network traffic tooling alone won’t meet the new requirements. A mobile threat defense (MTD) solution is necessary for mobile app vetting, which can prohibit and protect against specific mobile apps and filter traffic. 

Join our webinar to learn:
- How to quickly & fully meet the mobile app ban guidance for government devices
- Why this is only the beginning of understanding a particular “category of apps” (Spyware, Leaky, etc.)
- Where meeting this guidance crosses into other guidelines and programs, such as OMB 21-31, 22-01, 22-09, and BOD 23-01 and 22-01

How Government Organizations Can Quickly Enforce Mobile App Bans

On board with Mobile Threat Defense, but interested in seeing more on the day-to-day detail of how it will impact your mobile security? Join a member of the Zimperium Sales Engineering team for a demo of the core aspects of zIPS, our advanced mobile threat defense (MTD) solution. Attend to ask questions and learn about:
- Policy setup and enforcement
- Integrations with MDM / EMM, XDR, SIEM and SOAR solutions
- Alerts and managing risks
- Special highlight on anti-phishing capabilities

See a Demo of Zimperium MTD | Plus a Deeper Dive on Anti-Phishing Capabilities

Hackers work 24 hours a day to find new ways to uncover mobile app secrets and private user data. To defend against their constant and sophisticated attacks, mobile app developers must implement security throughout the entire app development lifecycle.

But between fixing the privacy, security and compliance risks in the development process and enabling protection of your mobile apps from the many different threat vectors while in use, it’s often hard to know where to start.

Join Zimperium and a Senior Security Analyst from Riscure, an independent security laboratory, to learn about mobile app attacker techniques and capabilities, including:
- The top mobile app attack vectors and attacker capabilities
- How to prioritize and approach your mobile application security objectives 
- Overall best practices for securing the entire mobile application development lifecycle

Top Risks to Address in your Mobile Application Security Journey

Mobile is the unsecured dream frontier for malicious actors targeting critical data and IT systems here in Australia.

No matter the device, OS or ownership, the mobile attack surface is increasingly under attack. From spear phishing attacks successfully targeting critical services to feature-rich mobile malware infecting mobile devices to advanced spyware, the threat vector against IT infrastructure in Australia continues to get larger with each mobile endpoint connected.

Join Zimperium for a detailed overview of the mobile threats targeting Australia right now:
- An analysis of the mobile threats in Australia
- A map view of where threats occur most
- Best practices to protect your organisation’s mobile devices from threats and attacks

Mobile Threat Patterns Across Australia | 2022 Q4 Analysis

According to recently published ESG research, “the top 3 reasons security operations are more difficult today than they were two years ago:
- The threat landscape is growing and changing rapidly
- The attack surface has grown
- The attack surface is continuously changing and evolving”

Security operations teams demand massive scale to collect, process, analyze, and act upon vast amounts of data. Threat detection and response across enterprise organizations commands a wider aperture than legacy security solutions. In order to modernize security operations centers and keep up with the volume of security alerts, large organizations need to ensure they aren’t ignoring a wide swath of the modern enterprise endpoints. 

Join Zimperium and SentinelOne to learn why efforts to optimize an EDR strategy without incorporating a Mobile Threat Defense solution paints an incomplete picture and leaves an enterprise vulnerable to modern day mobile threats.

Better Together: Why EDR Without MTD Leaves You Vulnerable to Attack

No importa el sistema operativo o la propiedad del dispositivo, la superficie de ataque a un dispositivo móvil está bajo ataque cada vez más. Desde ataques de phishing dirigidos con éxito a servicios críticos, hasta malware móvil que infecta dispositivos móviles con software espía avanzado, el vector de amenazas contra las infraestructuras de TI continúa creciendo con cada terminal móvil conectado.

Únase a nuestro webinar para obtener una descripción detallada de las amenazas móviles ocurriendo en España en este momento:
- Un análisis de las amenazas móviles en España
- Un mapa de dónde ocurren más amenazas
- Mejores prácticas para proteger los dispositivos móviles de su organización de amenazas y ataques

Patrones de las amenazas y ataques a dispositivos móviles en España

For years, financial services organizations have been leveraging mobile both internally and externally, and the increased usage has brought an ever-expanding set of security threats that need to be addressed. Mobile apps accessed by customers and mobile devices accessed by employees (both corporate owned and employee owned) need to be able to detect known and unknown threats across the threat vectors – Device, Network, Application, and Phishing.

Join Zimperium for a webinar about the unique mobile security challenges facing banks in APAC. In this webinar, we’ll discuss:
- The top threats that can undermine financial services’ mobile initiatives
- Ways hackers are targeting and exposing your apps
- How you can protect your organization and customers

Mobile Threat Chains: Patterns of Attack Against APAC Banks

The monetized world of cybercrime is not a new concept, and until recently the highly technical malware did not reach into the mobile world. But like everything else, that has changed. Cybercriminals see the widely adopted frontier of mobile as a valuable target for increasingly advanced malware and services, and for the right price, are ready to sell to anyone.

Advanced mobile malware, like spyware, is no longer a product just for nation states and deep-pocketed criminals as it sits on the open markets available for purchase with a simple credit card, cryptocurrency, or even donations. The threat to enterprises, their data and employees, has increased significantly due to this market evolution, and spyware is the main course.

Join representatives of Zimperium’s zLab Advanced Threat Research team as they reveal the growing marketspace for spyware, how enterprises can stay aware of new and emerging threats, and a demo of commercially available mobile spyware in action.

Spyware for Sale: The Growing Threat to Mobile Security

Mobile Geräte & Applikationen sind ein ungesichertes Paradies für Hacker, die es hier in Deutschland auf vertrauliche Daten & kritische IT-Systeme abgesehen haben.

Unabhängig vom Betriebssystem oder Eigentümer des Gerätes steigt die Häufigkeit der Angriffe auf Geräte & Applikationen rasant. Von Spear-Phishing-Angriffen, die erfolgreich auf kritische Dienste abzielen, über funktionsreiche mobile Malware die Mobilgeräte infiziert, bis hin zu fortschrittlicher Spyware wird die Angriffsfläche für IT-Infrastrukturen in Deutschland mit jedem angeschlossenen mobilen Endpunkt immer größer.

Wir laden Sie herzlich zu unserer Online-Veranstaltung “Mobile Bedrohungsmuster in Deutschland” am 13. Dezember um 11 Uhr ein, in der wir uns konkret auf die folgenden Themen fokussieren werden:
- Eine Analyse der mobilen Bedrohungen in Deutschland
- Eine Kartenansicht der Orte, an denen Bedrohungen am häufigsten auftreten
- Best Practices zum Schutz der mobilen Geräte & Applikationen Ihres Unternehmens vor Bedrohungen und Angriffen

Mobile Bedrohungsmuster in Deutschland | 2022 Q3 Analyse

Mobile is the unsecured dream frontier for malicious actors targeting critical data and federal/state systems here in Australia.

No matter the device OS or ownership, the mobile attack surface is increasingly under attack. From spear phishing attacks successfully targeting critical services to feature-rich mobile malware infecting mobile devices to advanced spyware, the threat vector against federal & state systems in Australia continues to get larger with each mobile endpoint connected. 

Join Zimperium for a special webinar for federal & state agencies where we specifically talk about the mobile threats targeting Australia right now:
- An analysis of the mobile threats in Australia
- A map view of where threats occur most
- Best practices to protect your organisation’s mobile devices from threats and attacks

Mobile Threat Patterns Across Australia | 2022 Q3 Analysis

Mobila enheter är ett öppet mål för aktörer som riktar in sig på kritisk data och infrastruktur i Sverige.

Oavsett enhetens OS eller ägande, privat eller företag, är den mobila enheten allt mer utsatt. Allt ifrån riktade phishing-attacker till skadlig kod som utnyttjar sårbarheter för att komma åt personlig och företagsägd data. Hot-vektorn blir större för varje mobil enhet som är uppkopplad. 

Lyssna på Zimperium för en överblick över de vanligaste hoten som riktas mot Sverige just nu:
- Analys över mobila hot i Sverige
- Kartvy över var och vilka hot som är vanligast
- Hur skyddar man sig?

Hotmönster över mobila enheter i Sverige 2022

Mobile is the unsecured dream frontier for malicious actors targeting critical data and IT systems here in the UK.

No matter the device OS or ownership, the mobile attack surface is increasingly under attack. From spear phishing attacks successfully targeting critical services to feature-rich mobile malware infecting mobile devices to advanced spyware, the threat vector against IT infrastructures in the UK continues to get larger with each mobile endpoint connected. 

Join Zimperium for a detailed overview of the mobile threats targeting the UK right now:
- An analysis of the mobile threats in the UK
- A map view of where threats occur most
- Best practices to protect your organisation’s mobile devices from threats and attacks

Mobile Threat Patterns Across the UK | 2022 Q3 Analysis

MPoC is the newest PCI standard and expected to be finalized by the end of 2022. The purpose of MPoC is to provide a modular, objective-based security standard that will support various types of payment acceptance solutions and consumer verification methods on commercial off-the-shelf (COTS) devices. The goal is to create a flexible mobile standard and program for payment solution development, allowing for both PIN entry and contactless payments through the COTS-native interfaces. 

In anticipation of the final MPoC standard, we’re hosting a webinar where we’ll discuss:
-The evolution of mobile payments and SoftPOS
-How hackers steal credentials, PII, and money by attacking mobile payments
-What steps your organization needs to take to secure your mobile payments and prepare for MPoC

The Essential Steps to Prepare for MPoC

Multi-factor authentication (MFA) is a key component to achieving Zero Trust, as it adds a secondary line of protection before allowing access to networks, applications, or databases. However, malicious actors have found ways to bypass this control through sophisticated SMS-based attacks, device compromises, malware and even network attacks.

Join Zimperium and RSA for a discussion on how advanced mobile threat defense (MTD) solutions, either standalone or integrated into MFA apps directly, can enhance Zero Trust controls and protect MFA implementations by providing critical mobile device risk attestation.

During the webinar we’ll cover:
- How hackers can bypass traditional MFA solutions, including lessons learned from the Cloudflare, Uber, and Twilio attacks
- How MTD provides critical mobile device risk attestation
- How RSA has enabled its MFA app to be self-defending by embedding MTD technology

How Hackers Bypass MFA… And How to Stop Them

Mobile Security

Mobile Security Risks

Multi-Factor Authentication

Endpoint Security

Zero Day Threats

Cyber Security

Information Security

Information Risk

Cyber Attacks

IT Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

How Hackers Bypass MFA… And How to Stop Them

Presented by

About this talk

More from this channel