The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.

It’s no secret that the world has become more dependent on mobile technology. We can now pay our bills, shop for groceries and share photos with family with the tap of a finger. But this also means that our personal data is now more exposed than ever. On the bright side, we are collectively becoming more conscious about data privacy. In 2020, TikTok kick started an unexpected global discussion about what data apps collect and how they are used.

I write a lot about how organizations can secure their workers as they start using tablets and smartphones more for work. The truth is, the legal professional has been ahead of that curve for years. Even before smartphones were introduced over a decade ago, lawyers, paralegals and legal staff were already using cellphones to stay on top of case work. Now, with smartphones and tablets, your law firm’s staff can do everything they used to do in an office from wherever they go.

Over the past decade, we’ve seen a massive shift towards relying on cloud technologies for everything we do, from watching TV shows and movies to sharing photos. Organizations have done the same. To increase efficiency and availability, they have moved their data and workloads to the cloud. But in a world of expanding threats, it has become necessary to implement additional layers of security for cloud data, applications and services to ensure privacy remains a top priority.

On December 17, CISA released an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, U.S. technology and accounting companies, and at least one hospital and one university. The cyberattack was executed by injecting malware into a software update from network management software company SolarWinds, which has over 18,000 customers.

Over the past decade, technology enthusiasts have dreamed about smartphones and tablets taking over various aspects of our lives. They have in many ways, but the shift has always been gradual. This all changed in 2020 when most of us were forced to stay home. From the way we work, go to school, interact with our healthcare providers, manage our finances, shop, and connect with friends and families – mobile is now at the center of our lives.

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan. The spyware, which we have named Goontact, targets users of illicit sites, typically offering escort services, and steals personal information from their mobile device. The types of sites used to distribute these malicious apps and the information exfiltrated suggests that the ultimate goal is extortion or blackmail.

As businesses try to create a contactless experience amid the coronavirus pandemic, many have turned to QR codes. We’re seeing a lot of restaurants using them to display their menus on smartphones and on receipts for a contactless pay option. Within popular apps like Snapchat and WhatsApp, QR codes are an integral part of the user experience. Users can use codes to sign into their account, exchange contact information and make money transfer.

2020 has been a challenging year. Organizations had to quickly figure out how to secure employees and mobile endpoints working outside their existing perimeter-based controls. To take a step back, 2020 isn’t an anomaly. This shift to mobile-first was happening well before the pandemic.

It goes without saying that mobility has become the key to productivity for any modern business. This is especially true for the highly competitive pharmaceutical industry. To be the first to bring a ground-breaking treatment or vaccine to market, pharmaceutical organizations need their employees to stay productive whether they’re working on your organization’s premises or not.