Kyocera Android App vulnerability but iOS users should not be smug…

Android apps need careful management

We have an HP SoHo printer in the office, that the team use when they are here. The iPhone users use AirPrint the Android users use an approved app, as we have a BYOD policy in place for the all devices. This is especially important when it comes to Android apps as malicious apps are always popping up on the Google Play Store. For instance:

FakeCalls Android malware returns with new ways to hide on phones (bleepingcomputer.com)

And it is cheap and easy for a threat actor to create a malicious Android app:

You must have an Android cyber security policy – Smart Thinking Solutions

However legitimate software vendors do make mistakes and flaws slip into their code – hence we need patches. So if you use a Kyocera printer and the Android apps that goes with it then get patching:

Kyocera Android app with 1M installs can be abused to drop malware (bleepingcomputer.com)

iOS users should not be smug…

Microsoft and Citizen Lab have discovered that an Israeli company, QuaDream, produced commercial spyware that installed itself onto iOS devices using a malicious, invisible calendar invite.

iPhones hacked via invisible calendar invites to drop QuaDream spyware (bleepingcomputer.com)

That vulnerability has now been patched, but what others still exist?

Your takeaway from this is that you need a BYOD policy and you need to manage it and make your team aware how important it is, if they want the convenience of using their own deices.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading