Microsoft Exchange Servers Spoofed To Manipulate Mobile Devices - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile

Microsoft Exchange Servers Spoofed To Manipulate Mobile Devices

Black Hat researcher demonstrates mobile man-in-the-middle proof-of-concept attack that allows for unauthorized remote wipes.

So much to-do has been generated around preventing unauthorized mobile devices from accessing sensitive corporate resources, but what happens when security researchers turn that model on its head? What happens when the theoretical attackers use unauthorized, spoofed servers to connect to mobile devices? This Thursday at Black Hat, an Australian researcher will demonstrate a proof-of-concept attack that employs just that type of attack, using a man-in-the-middle connection and Microsoft Exchange to conduct unauthorized remote wipes on mobile devices.

The genesis for the research, says Peter Hannay, a PhD student, researcher, and lecturer based at Edith Cowan University in Perth, Australia, came from the idea that mobile Exchange attacks don't necessarily need to compromise services in the organization if the endpoint devices themselves are unprotected and poorly configured. The initial proof-of-concept demonstrated by Hannay is a multi-stage attack.

Read the rest of this article on Dark Reading.

Distributed denial-of-service attacks can do serious damage. Get ready before you're hit. Also in the new, all-digital Save Your Assets issue of Dark Reading: Next-gen attackers aren't out to steal your money, and your old style of defense isn't going to stop them. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll