This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Microsoft Exchange Servers Spoofed To Manipulate Mobile Devices
Black Hat researcher demonstrates mobile man-in-the-middle proof-of-concept attack that allows for unauthorized remote wipes.
So much to-do has been generated around preventing unauthorized mobile devices from accessing sensitive corporate resources, but what happens when security researchers turn that model on its head? What happens when the theoretical attackers use unauthorized, spoofed servers to connect to mobile devices? This Thursday at Black Hat, an Australian researcher will demonstrate a proof-of-concept attack that employs just that type of attack, using a man-in-the-middle connection and Microsoft Exchange to conduct unauthorized remote wipes on mobile devices.
The genesis for the research, says Peter Hannay, a PhD student, researcher, and lecturer based at Edith Cowan University in Perth, Australia, came from the idea that mobile Exchange attacks don't necessarily need to compromise services in the organization if the endpoint devices themselves are unprotected and poorly configured. The initial proof-of-concept demonstrated by Hannay is a multi-stage attack.
Distributed denial-of-service attacks can do serious damage. Get ready before you're hit. Also in the new, all-digital Save Your Assets issue of Dark Reading: Next-gen attackers aren't out to steal your money, and your old style of defense isn't going to stop them. (Free registration required.)
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
The State of IT & Cybersecurity Operations 2020Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!