Patch Your iPhones, Too!

Bring your own device (BYOD) is a challenge for most organizations. Even if you are doing a great job of applying security patches for your workstations and servers, hackers have more ways in. If you are like many, you have employee-owned smart phones connecting every day to check email (and more?). For BYOD, we just got a big reminder of how high the stakes can be. iOS is the…

Read More

Slowing Sidestepper

If you follow us on Twitter and LinkedIn, you already saw a few Tweets about SideStepper and a companion post on LinkedIn. SideStepper is an exploit that a pair of Check Point employees devised. It allows phishers to trick iPhone and iPad users (especially corporate users where IT uses MDM) into installing a bogus configuration profile (a .mobileconfig file) that enables a man-in-the-middle attack. From there, the bad guy…

Read More