Mobile attacks can target the device,
network or data center in many ways. viaForensics specializes in proactive
forensic security, and we can help keep you ahead of the threats.

Go To Mobile Security »

Point 01 – The Device

BROWSER

  • Phishing
  • Framing
  • Clickjacking
  • Man-in-the-Mobile
  • Buffer Overflow
  • Data caching

Point 01 – The Device

PHONE / SMS

  • Baseband attacks
  • SMiShing

Point 01 – The Device

APPS

  • Sensitive data storage
  • No Encryption/Weak Encryption
  • Improper SSL validation
  • Config manipulation
  • Dynamic runtime injection
  • Unintended permissions
  • Escalated privileges
  • Access to device & user info

Point 01 – The Device

MALWARE

Point 01 – The Device

SYSTEM

  • No Passcode/Weak Passcode
  • iOS Jailbreaking
  • Android Rooting
  • OS Data Caching
  • Passwords & Data Accessible
  • Carrier-loaded Software
  • No Encryption / Weak Encryption
  • User-initiated Code
  • Zero-day Exploits

Point 02 – The Network

NETWORK

  • Wi-Fi (no encryption/weak encryption)
  • Rogue Access Point
  • Packet Sniffing
  • Man-in-the-Middle (MITM)
  • Session Hijacking
  • DNS Poisoning
  • SSLStrip
  • Fake SSL Certificate

Point 03 – The Data Center

WEB SERVER

  • Platform vulnerabilities
  • Server misconfiguration
  • Cross-site scripting (XSS)
  • Cross-site request forgery (XSRF)
  • Weak input validation
  • Brute force attacks

Point 03 – The Data Center

DATABASE

  • SQL Injection
  • Privilege escalation
  • Data dumping
  • OS command execution