Expert Witness Directory Your Expert Witness


Last update06:47:54 AM GMT

Expert Witness : Technology

iOS/iTunes revelations mean the iPhone and iPad can be totally `pwned'

grant taylorCryptzone says iOS/iTunes revelations mean the iPhone and iPad can be totally `pwned'

Commenting on the fact that Apple's `walled garden' approach to app security on iPhones, iPads and other iOS-driven devices has been seriously compromised by a researcher, Cryptzone says that it expects to see real hacker subversions of the Apple smartphone and tablet computing platform in the near future.

According to Grant Taylor, vice president of the encryption, port control and compliance vendor, until now it was thought that Apple's iOS platform was relatively invulnerable to subversion by conventional malware, but the fact that the security of the iTunes vetting procedure can be side-stepped by sneaking in a darkware app - right under Apple's noses - shows what can be done.

"The revelation that iPhone and iPad malware can be created - and distributed on one of the largest and most trusted portable applications arena on the planet - will create what I call the Colditz effect. Colditz is a Renaissance castle in the town of the same name near Leipzig in Germany - it was used as a prisoner-of-war camp by the Germans in World War II, as it was thought impossible to escape from, on account of its high levels of security," he said.

Last Updated on Thursday, 10 November 2011 12:44


Varonis Joins the Netapp Alliance Partener Program


VARONISCollaboration will help enterprises worldwide gain control of unstructured data stored within NetApp unified storage systems and file shares

 Varonis Systems Inc., the leading provider of comprehensive data governance software, today announced that it has joined the NetApp Alliance Partner Program. The collaboration between Varonis and NetApp provides enterprises worldwide with an integrated data governance solution that enables users to gain visibility into and control of unstructured data stored within NetApp® unified storage systems and file shares.

Last Updated on Thursday, 10 November 2011 12:43


Apply Security Online to Protect Yourself Offline

Your Expert Witness Amit KleinAs part of this week’s ‘Get Safe Online’ campaign, Trusteer today issued a warning that fraudulent phone calls are increasing in popularity amongst the criminal community to commit ID theft and that everyone needs to be on their guard to avoid falling victim – on or offline.  One possible use for these bogus ‘bank’ calls is to utilise personal identification information stolen using malware to give fraudsters credibility as they collect the missing information required to ‘pull off’ their scams.

“The phenomenon of stealing data using one channel such as the web and using it in a different channel or context such as social engineering attacks is often overlooked”, said Amit Klein, CTO of Trusteer.  “Trusteer has found that data collected by Man in the Browser attacks can be used for other purposes than automated transaction fraud.  Defending against the new wave of hybrid attacks requires both technology to detect MitB malware and vigilance from the users of online services.”

Last Updated on Thursday, 28 June 2012 10:17


Online Social Networks – Launch pads for Malware

Your Expert Witness MalwareBy Aditya K Sood and Richard J Enbody - Regular contributors to the ISACA Journal.

With the advent of social networks, the online world has become a virtual society. Social networks serve as seamless communication channels, but at the same time they are ideal launch pads for malware infections. As a result there has been a tremendous increase in the dissemination of malware infections through social networks. The security and privacy mechanisms of social networks such as Twitter and Facebook have proven insufficient to prevent exploitation. As we know “To Err is Human,” and human errors lead to exploitation and manipulation whether the social network is online or offline.

Last Updated on Thursday, 28 June 2012 10:14


What the Pro’s Know: Exchange Management that’s 7x Faster

Your Expert Witness David Gibson VaronisBy David Gibson, Director of Technical Marketing and Strategic Sales at Varonis

There is an evolution occurring with Exchange -- a shift from manual administration processes to automated management for critical Exchange tasks. Administrators who have moved to automation for activities such as the identification of mailbox owners, public folder owners, and stale data, activity spike detection, message activity auditing, etc. are finding their Exchange access and data management workload reduced by up to 70%.

Last Updated on Thursday, 28 June 2012 10:16