Web Data Leak: Password
Threat Description and actions taken by Wandera
Threat Description and actions taken by Wandera
Wandera has/can detected a website that has sent the user’s password in an unencrypted (or easily decrypted) format, meaning that an attacker could steal this user’s credentials as they are transmitted to this site.
If this site is used for business purposes, company data could be at risk, as an attacker could login as this user and steal, manipulate, or otherwise access potentially sensitive information.
Typically, if login credentials are sent unencrypted, all other data sent between the device and server is unencrypted as well. This could result in the exposure of personal or corporate data – such as documents, photos, presentations, and identifying information – to an unauthorized third party.
This unencrypted data can be captured by an attacker through the following attack vectors:
Wandera Secure was designed for mobile and works seamlessly on iPhone, Android and Windows phones.
After installing the solution the app will protect and inform you directly if there are severe threats on your mobile device.
Additionally, you will receive an e-mail at the end of each month, with an overview of detected and remediated security threats during the month.
Wandera Secure gives you peace of mind!
Billions of daily mobile data inputs are collected through the multi-level architecture and analyzed in real time by a mobile intelligence engine powered by Wandera.
Beyond inspecting the content, it studies the apps making each request, and maintains a reputation for each app.
When you analyze more data, you intelligently prevent more threats.
Unique Domains Visited
High severity threats detected
Data seen (in GB)
Daily inputs from mobile devices
It’s in your (colleague’s) best interest to be able to use the smartphone / tablet to do business without worrying about anything else.
Flexinets now offers an Enterprise Mobile security solution for small and medium businesses as a managed service to make sure that you at least don’t have to worry about the security of your mobile devices.
Jailbreaks, Semi Jailbreaks, Outdated OS, Malicious Profiles, Vulnerabilities.
Personally Identifiable Information (PII) leaks from approved apps, Ad servers & APIs, Sideloading, Permissions.
Malicious sites & apps, Browser exploits, Phishing & Spam.
Man in the Middle Attacks, Rogue hotspots, Certificate spoof, WiFi phishing, Public cloud apps.
Managed for your convenience
When e.g. an email is sent to your account with a link to an invoice. As soon as you open the link, you will be sent to a website that can infect your smartphone with software e.g. “ransomware”. This software will lock your screen from further usage. The only way to access your phone again is paying the requested ransom to obtain the necessary code to unlock it (or restore your latest phone backup).
Our Mobile Security Solution protects you against exploits/malicious apps. As soon as you click the link, the access to this site is blocked so ransomware can not be downloaded on your phone. This happens because the link is analysed by our malware detector (which analyses 2 billion web request every day) which then defines the website behind the link as insecure and access is denied.
MAN IN THE MIDDLE ATTACK
Even if your email is encrypted, hackers can still compromise your privacy if you connect to a rogue hotspot (a hotspot masked as a free wifi hotspot for example at your local coffee shop.) that a hacker has set up. You think you are securely connected to your local café. In reality, it can be a mobile hotspot set up by hackers to exploit weaknesses in apps and possibly gain access to secure communication to read all your unencrypted communications as soon as you’re logged in. The hacker can with this information pretend he is you. And for example send an email in your name to your colleague eg. with a message that you for example need to transfer money or have to pay an attached invoice. The more information a hacker gets about you, the easier they can impersonate you and take advantage of the situation.
Our Mobile Security Solution can help identifying potentially malicious hotspots and protect you from situations like this. The service seamlessly scans and determine if a wifi hotspot is not secure and can block or warn about it to prevent your email from being misused.
We are buying more and more products and services online via our smartphones / tablets. When you do this, your credit card information is sent over the internet and in some cases this is done unencrypted (last year, this happened when flights were booked through the Easyjet app and a number of other airline apps). If this happens, the credit card information can be read and can be misused by hackers.
Our Mobile Security Solution protects you against these insecure apps through a combination of app reputation and scanning for unencrypted personal data like credit card numbers, passwords etc. If personal data is sent unencrypted or there are other security issues, you will be notified immediately via an in-app notification. You can then delete the app to be sure that your personal data is not misused.
Flexible Networks Nordic AB
Mäster Samuelsgatan 60, SE-111 21 Stockholm,
P.O. Box 3029, SE-720 03 Västerås, Sweden
Tel: +46 (0)8 5465 8420
Flexible Networks Nordic OY
Tekniikantie 14, 02150 Espoo,
Tel: +358 (0) 94 245 0327
Savsvinget 7, 2970 Hørsholm
Tel: +45 7014 539 9