Latest news with #Lookout
Business Wire
3 days ago
- Business
- Business Wire
Lookout Survey Reveals Critical Gaps in Security Leaders' Confidence and the Actual Vulnerability of Their Organizations
BOSTON--(BUSINESS WIRE)--A new global survey by Lookout, Inc., the leader in mobile endpoint security, today unveiled concerning insights into the state of mobile cybersecurity preparedness, revealing a significant gap between security leaders' confidence and the actual vulnerability of their organizations. The survey of more than 700 security leaders globally exposes a pervasive overconfidence in employees' ability to detect modern mobile-centric threats, leaving businesses significantly more exposed than they realize. The survey's most critical insights include: 58% of companies have experienced incidents due to executive impersonation scams via text or voice, highlighting the severe impact of sophisticated social engineering tactics. 77% of respondents have experienced one or more mobile phishing attacks in the past six months, underscoring the ubiquity of these threats. 51% admit to having inconsistent visibility of social engineering attempts, creating massive security blind spots. Despite these alarming statistics, the survey revealed pervasive overconfidence: 96% of leaders are confident their employees can spot a phishing attempt that comes via their mobile devices. Yet, over half reported incidents where employees fell victim to executive impersonation scams, leading to financial loss or sensitive data exposure. Furthermore, even with widespread security training efforts, "lack of training" remains the top reason cited for employees clicking suspicious links, suggesting current education may not be keeping pace with the rapidly evolving modern threat landscape. "Today's threat actors are increasingly sophisticated, and they understand that mobile endpoints have historically been an afterthought in many enterprise security strategies," said Jim Dolce, CEO of Lookout. "This survey clearly demonstrates that this oversight is creating a dangerous vulnerability. Attackers are aggressively targeting employees on their iOS and Android devices, using highly effective social engineering tactics delivered via SMS, voice, and messaging apps to compromise credentials and gain quiet access to enterprise data." These findings highlight core issues: A dangerous overconfidence gap: Organizations feel ready for threats but are demonstrably underprepared, leading to successful attacks. Inadequate visibility: Traditional security solutions often lack visibility into mobile-centric social engineering attempts, meaning many manipulative efforts go unnoticed until it's too late. Outdated training: Security awareness training isn't evolving fast enough to truly prepare employees for today's sophisticated, mobile-focused threats. To address these pressing challenges, Lookout emphasizes a multi-faceted approach to secure the "front line" – employees and their mobile devices. This includes: Implementing an AI-first social engineering and human risk solution: This provides baseline protection against today's Modern Kill Chain. Integrating Mobile Endpoint Detection and Response (EDR): Gaining strategic mobile security data points, such as vulnerable assets and web traffic analysis, by integrating EDR into existing SIEM, SOAR, EDR, or XDR solutions. Sophisticated and ongoing security awareness training: Training specifically designed for mobile-centric threats, including simulated phishing and social engineering exercises that reflect current malicious tactics, fostering a culture of vigilance and easy, judgment-free reporting. About the Survey The data presented in this report is sourced from the independent research company Censuswide, which conducted the survey in June 2025. More than 700 security leaders globally were polled across various industries. Censuswide is a member of the British Polling Council and abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. About Lookout Lookout, Inc. is a globally recognized cybersecurity leader delivering advanced protection for the most vulnerable element of any enterprise security strategy — human error and manipulation. Cloud-native by design, the Lookout platform offers rapid, scalable deployment and simplified security operations, defending the frontline of human-centric attacks—the mobile device. Attackers now target the human element more than ever, with mobile devices providing the most direct path to their victims. Using social engineering techniques that exploit basic human instincts like trust, curiosity, and urgency, they deceive users into revealing sensitive credentials, allowing them to slip past legacy security solutions. Lookout Endpoint Detection and Response (EDR) continuously monitors mobile endpoints for signs of human-centric attacks, as well as traditional malware, software vulnerabilities, and other anomalous activity. It uses advanced threat detection techniques, including artificial intelligence (AI) and behavioral analysis, to identify threats before they escalate across the enterprise. Learn more at and follow us on the Lookout Blog, LinkedIn, and X © 2025 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.
Time Out
30-05-2025
- Time Out
Four local trails have been named among Australia's best winter hikes
Who says you have to stay inside during winter in Melbourne? (To be fair though, we do love nursing a vino in a cosy wine bar or enjoying a Sunday roast at a pub with a fireplace.) Well, definitely not the outdoor experts at AllTrails – according to them, winter is actually a hugely popular time to get out in nature, with the hike-mapping app reporting its highest number of navigations during the colder months. So after analysing the data and crunching some numbers, they've rounded up the ten most popular winter hikes in Australia, and four trails around Victoria have made the cut. Guess it's time to lace up your boots, pop on some layers and face the frosty conditions. We reckon these scenic tracks are well worth it. Werribee Gorge Circuit Walk, Pentland Hills This 7.6-kilometre loop features a hiking trifecta: gorgeous views, rock scrambling and, for the brave, a post-hike swimming hole (if you can brave the chill in winter!). Our favourite photo spot is the Eastern Lookout at the gorge, which offers panoramic views of the park's coolest natural wonders. Yarra Bend Park Loop, Melbourne Just a short drive from Melbourne's CBD, this relaxed 9.2-kilometre track on the traditional lands of the Wurundjeri people weaves through the city's largest natural bushland park. Look out for rainbow lorikeets, red-rumped parrots, yellow-tailed black cockatoos and possums. Highlights include Dights Falls and Studley Park Boathouse – the oldest public boathouse on the Yarra River recently underwent a huge renovation, and is a beautiful spot to refuel. Mount Lofty Loop, Wonga Park This five-kilometre mountain climb has a lot going for it – there are plenty of uphills to get the blood pumping, but you'll be rewarded with stunning views of the Yarra Valley stretching all the way to the Dandenong Ranges. You may even spot some wildlife along the way. It was also named the third most popular trail in Australia for 2024, so you know this one is a certified winner no matter what the weather conditions. Lyrebird Walk, Neuman, Paddy and Coles Ridge Loop, Melbourne Hidden in the Dandenong Ranges, this 6.6-kilometre loop offers a chance to spot the trail's namesake bird. Locals recommend walking anticlockwise to make it a little less strenuous. With lush, green scenery and giant ferns to admire, it's a particularly pretty track – keen photographers may want to bring their cameras. These are Australia's top ten winter hikes, according to AllTrails: Grand Canyon Track, Blue Mountains, NSW Werribee Gorge Circuit Walk, Pentland Hills, VIC Yarra Bend Park Loop, Melbourne, VIC Whistlepipe Gully and Lesmurdie Falls, Perth, WA Spit Bridge to Manly Walk, Sydney, NSW Mount Lofty Loop, Wonga Park, VIC Enoggera Reservoir Circuit, Brisbane, QLD Pages Pinnacle, Numinbah Valley, QLD Lyrebird Walk, Neuman, Paddy and Coles Ridge Loop, Melbourne, VIC Bondi Beach to Coogee Beach Walk, Sydney, NSW
Time Out
27-05-2025
- Time Out
These are Australia's 10 most popular winter hikes, as rated by locals
The weather might be cooling down, but Australia's love for hiking is seriously heating up. According to AllTrails, winter is officially peak trekking season, with Aussies recording their highest number of navigations during the cooler months. So, where's everyone walking? The hike-mapping app has analysed the data and revealed the top ten most popular hikes in Australia this winter. See you on the tracks… 1. Grand Canyon Track, Blue Mountains, NSW Australia's most popular winter hike also claimed the crown as our nation's favourite hike of 2024. This 6.3-kilometre circuit takes hikers on a magical journey through the World Heritage-listed Blue Mountains National Park, passing gently cascading waterfalls, giant ferns and moss-covered rocky overhangs that look straight out of a fairy tale. 2. Werribee Gorge Circuit Walk, Pentland Hills, VIC This 7.6-kilometre loop features a hiking trifecta: gorgeous views, rock scrambling and, for the brave, a post-hike swimming hole. Our favourite photo spot is the Eastern Lookout at the gorge, which offers panoramic views of the park's coolest natural wonders. 3. Yarra Bend Park Loop, Melbourne, VIC Just a short drive from Melbourne's CBD, this relaxed 9.2-kilometre track on the traditional lands of the Wurundjeri people weaves through the city's largest natural bushland park. Look out for rainbow lorikeets, red-rumped parrots, yellow-tailed black cockatoos and possums. 4. Whistlepipe Gully and Lesmurdie Falls Loop, Perth, WA You'll need around two hours to conquer this mostly easygoing hiking route in Western Australia's popular Mundy Regional Park. The circuit combines Whistlepipe Gully and Lesmurdie Falls in a nice, approachable package to suit most fitness levels, and yes, dogs are welcome too. 5. Spit Bridge to Manly Walk, Sydney, NSW This gorgeous coastal trail hugs the northern edge of Sydney Harbour for ten beautiful kilometres. Though it's a popular summer hike (the route takes you to some of Sydney's most stunning harbour beaches), it's almost as popular in winter, with plenty of cafés to refuel in Manly. 6. Mount Lofty Loop, Wonga Park, VIC This five-kilometre mountain climb has a lot going for it – there are plenty of uphills to get the blood pumping, but you'll be rewarded with stunning views of the Yarra Valley stretching all the way to the Dandenong Ranges. 7. Enoggera Reservoir Circuit, Brisbane, QLD Just a 20-minute drive from Brisbane's CBD, this 10.9-kilometre lakeside loop is the most popular winter hike in Queensland. While it's quite hilly, the track is broken up into three sections for you to tackle at your own pace. 8. Pages Pinnacle, Numinbah Valley, QLD Winter is prime time to take on this six-kilometre out-and-back trail as you'll dodge the sweltering summer heat. While it's relatively steep, hikers will be rewarded with spectacular views overlooking Hinze Dam and the Gold Coast from the summit. 9. Lyrebird Walk, Neuman, Paddy and Coles Ridge Loop, Melbourne, VIC Hidden in the Dandenong Ranges, this 6.6-kilometre loop offers a chance to spot the trail's namesake bird. Locals recommend walking anticlockwise to make it a little less strenuous. 10. Bondi Beach to Coogee Beach Walk, Sydney, NSW Another Sydney classic is the six-kilometre Bondi to Coogee coastal walk, which is easily accessible from the CBD and takes in some of Sydney's most famous beaches. A winter swim is optional, but highly recommended.
Yahoo
20-05-2025
- Politics
- Yahoo
Immigrant student restrictions bill could cause Tennessee Republican conflict in 2026
A move to bring back a bill to bar immigrant children from attending Tennessee public schools could cause friction between House Republican Caucus Chair Jeremy Faison, left, and House Majority Leader William Lamberth, who sponsored the 2025 measure. (Photo: John Partipilo/Tennessee Lookout) Tennessee House Republican leadership could hit an impasse again in 2026 over a measure designed to restrict immigrant student enrollment in public schools. With the bill on the skids in mid-April at the end of the legislature's session, House Republican Leader William Lamberth asked the U.S. Department of Education whether $1.1 billion in federal funds would be jeopardized by his bill, which would enable school districts to check students' immigration status and charge tuition. Lamberth had not received a response as of May 19, and whether the House moves forward with the bill in January 'depends on the response we receive,' House Republican Caucus spokesperson Jennifer Easton said Monday in response to questions from the Lookout. The Senate version of the bill passed in this year's session despite public outcry. But if Lamberth continues to push the measure in 2026 as he said he would, he's likely to run into a conflict with Rep. Jeremy Faison, chairman of the Republican Caucus. That being said, I still strongly oppose the state passing a bill that puts children, who have zero decision making power, in the middle of a legal battle. – House Republican Caucus Chair Jeremy Faison Faison, of Cosby, told WBIR-TV's 'Inside Tennessee' he was a 'big fat no' on the legislation and challenged the strategy of trying to put the measure before the U.S. Supreme Court, the Tennessee Journal reported. Faison backed off his initial statement in which he called the bill a 'political stunt,' saying he shouldn't have questioned the motives of Lamberth, of Portland, and Sen. Bo Watson, of Hixson, who sponsored the bill. 'That being said, I still strongly oppose the state passing a bill that puts children, who have zero decision making power, in the middle of a legal battle,' Faison told the Lookout. The House version of the legislation would give school districts the option to check students to determine whether they have permanent legal documentation, differing from the Senate version, which would force districts to check students' immigration status and require tuition. Tennessee bill denying immigrant children right to an education dead for year Faison said Monday he supports President Donald Trump's efforts to secure the Southern border and wants to see Congress repair the nation's immigration laws so states don't have to debate policies dealing with federal issues. Yet, he said he never liked the bill dealing with immigrant students. Faison reportedly said on WBIR that Attorney General Jonathan Skrmetti told him the U.S. Supreme Court would never take up the immigrant student case, which was designed to overturn a 1982 decision that found all children should be allowed to enroll in public schools no matter their immigration status. Federal Title VI prohibits discrimination based on race, color or national origins in programs that receive federal funds, and violating the law could put the federal funds in danger, according to a state financial analysis. Those deal with the Every Student Succeeds Act — which measures student success —, the Individuals with Disabilities Act, the Carl Perkins Act — named for the late Kentucky Congressman Carl Perkins, it funds career and technical education — and school nutrition. SUBSCRIBE: GET THE MORNING HEADLINES DELIVERED TO YOUR INBOX
Forbes
13-05-2025
- Business
- Forbes
The Human Layer Is The New Attack Surface
An employee types on a keyboard, unaware that a convincing message they just received is part of a ... More sophisticated social engineering attack. Cybersecurity has long been defined by digital borders—network perimeters, firewalls, and hardened endpoints. But today, the most vulnerable surface in an organization isn't a server, application, or device. It's a person. As modern workflows expand across smartphones, messaging apps, and public clouds, the traditional perimeter has effectively disappeared. At the same time, attackers have shifted their strategies away from exploiting technical vulnerabilities and toward manipulating human behavior—weaponizing trust, urgency, and context. The new battleground isn't technical. It's psychological. And it's getting smarter. 'Threat actors tend to exploit the weakest link in the chain—and today, that's clearly the human element,' said Jim Dolce, CEO of Lookout. 'People have become the primary target in the evolving threat landscape.' Social engineering has always been an effective tactic, but the rise of generative AI has drastically raised the stakes. Threat actors now use AI to craft tailored spear phishing messages, simulate voice calls from executives, and even create deepfake videos—tricking employees into taking actions they'd otherwise question. Dolce pointed to recent high-profile breaches at major hospitality chains where attackers didn't break in through firewalls—they logged in using stolen credentials harvested through mobile phishing schemes. The impersonation of a trusted colleague, especially when delivered via a text message or phone call, can short-circuit a person's judgment. These attacks are often short, simple, and urgent—designed to create a sense of immediacy that overwhelms cautious thinking. And while enterprise defenses have long focused on protecting desktops and email gateways, mobile devices remain undersecured, underwatched, and overexposed. Unlike email, SMS and messaging apps don't offer clues about sender domains or metadata. Users are often left to make split-second decisions on whether to trust a message based on tone and timing alone. Modern cyberattacks increasingly target users via their mobile phones. That's where people read texts from unknown numbers, receive spoofed calls, and see urgent messages demanding action. The challenge is compounded by the fact that mobile devices blur the boundary between work and personal life, operating outside of enterprise security stacks while handling sensitive tasks and data. Attackers know this—and they're taking full advantage. "You can invest in training to help employees identify, prevent, and respond to cyber threats, but it's not enough to stop highly sophisticated or stealthy attacks," Dolce noted. "For example, an attacker using phone number spoofing—falsifying caller ID to appear as a trusted or familiar contact—is extremely difficult to train against." This isn't hypothetical. Threat actors can now clone a person's voice with seconds of publicly available audio. Tools already exist to generate synthetic video in real time. And with services capable of spoofing phone numbers or mimicking familiar writing styles, a message that sounds legitimate often is enough to prompt dangerous action—especially from a mobile device, mid-task, on the go. For years, the phrase 'the user is the weakest link' has been a cybersecurity cliché. It's also been a convenient scapegoat. But in a world where even seasoned professionals struggle to detect deepfakes or spoofed numbers, blaming the user is not just unfair—it's a strategic failure. People will make mistakes. They'll click links, follow instructions, and respond to messages that feel real. Designing security systems that assume perfection from the workforce is a losing game. Instead, security needs to adapt to human behavior, not punish it. This means rethinking everything from phishing simulations to endpoint controls. It means shifting from reactive detection to proactive defense. And it requires AI—not as a buzzword, but as a foundational component of human-centric protection. Security tools must now operate with context—understanding what's normal for each user, detecting anomalies in real time, and blocking deceptive messages before they reach a recipient. Protection must extend beyond managed devices and email filters to encompass mobile platforms, personal apps, and cloud-based collaboration tools. The shift toward human-layer attacks represents a significant business risk. When an employee is tricked into giving up credentials or transferring funds, the damage extends beyond IT. It impacts compliance, brand reputation, and trust. That's why human-centric security must be elevated to the level of enterprise risk management. CISOs and CIOs must collaborate with HR, legal, and executive leadership to embed security into organizational culture—while simultaneously deploying the right technology to defend employees in the moment. Real protection means giving users the benefit of the doubt—and the tools to make better decisions. This problem will only get worse. As AI technology becomes more accessible, cheaper, and faster, attackers will become more convincing, more scalable, and more automated. The good news? The same technologies that empower adversaries can also be used to defend against them—if we move quickly and think differently. The future of cybersecurity won't be built just on stronger walls. It will be built on smarter systems that understand people—how they think, how they behave, and how to protect them from exploitation. Because in today's threat landscape, trust is no longer a given. It's an attack vector.
