Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
USB Drive Security Still Lags
Dark Reading Staff, Quick Hits
While USB drives are frequent pieces of business hardware, a new report says that one-third of US businesses have no policy governing their use.
By Dark Reading Staff , 10/9/2019
Comment1 Comment  |  Read  |  Post a Comment
How the Software-Defined Perimeter Is Redefining Access Control
Gilad Steinberg, Founder & CTO at Odo SecurityCommentary
In a world where traditional network boundaries no longer exist, VPNs are showing their age.
By Gilad Steinberg Founder & CTO at Odo Security, 10/9/2019
Comment0 comments  |  Read  |  Post a Comment
FBI Investigates Mobile Voting Intrusion
Dark Reading Staff, Quick Hits
A group tried to access West Virginia's mobile voting app in 2018; now, the FBI is looking into what actually happened.
By Dark Reading Staff , 10/4/2019
Comment0 comments  |  Read  |  Post a Comment
Android 0-Day Seen Exploited in the Wild
Dark Reading Staff, Quick Hits
The local privilege escalation vulnerability affects Pixel, Samsung, Huawei, Xiaomi, and other devices.
By Dark Reading Staff , 10/4/2019
Comment0 comments  |  Read  |  Post a Comment
Stalkerware on the Rise Globally
Dark Reading Staff, Quick Hits
Stalkware is being installed on more and more victims' devices, and the trend is only accelerating, according to a new report.
By Dark Reading Staff , 10/2/2019
Comment1 Comment  |  Read  |  Post a Comment
Apple Patches Multiple Vulnerabilities Across Platforms
Dark Reading Staff, Quick Hits
Updates address two separate issues in Apple's desktop and mobile operating systems.
By Dark Reading Staff , 9/27/2019
Comment0 comments  |  Read  |  Post a Comment
7 Ways VPNs Can Turn from Ally to Threat
Curtis Franklin Jr., Senior Editor at Dark Reading
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/21/2019
Comment3 comments  |  Read  |  Post a Comment
Escaping Email: Unlocking Message Security for SMS, WhatsApp
Curtis Franklin Jr., Senior Editor at Dark Reading
Messaging is growing in importance as dislike for email increases. That means knowing how to protect critical data in the messaging era is a must for IT security.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/12/2019
Comment0 comments  |  Read  |  Post a Comment
Instagram Bug Put User Account Details, Phone Numbers at Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
The vulnerability, now patched, is the latest in a series of bad news for Facebook.
By Kelly Sheridan Staff Editor, Dark Reading, 9/12/2019
Comment0 comments  |  Read  |  Post a Comment
New Privacy Features in iOS 13 Let Users Limit Location Tracking
Jai Vijayan, Contributing WriterNews
Apple will introduce other features that allow more secure use of iPhones in workplace settings as well.
By Jai Vijayan Contributing Writer, 9/10/2019
Comment0 comments  |  Read  |  Post a Comment
5G Standard to Get New Security Specifications
Jai Vijayan, Contributing WriterNews
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.
By Jai Vijayan Contributing Writer, 9/4/2019
Comment0 comments  |  Read  |  Post a Comment
Android Phone Flaw Allows Attackers to Divert Email
Robert Lemos, Contributing WriterNews
Researchers find that a spoofing a service message from the phone carrier is simple and effective on some brands of Android smartphones.
By Robert Lemos Contributing Writer, 9/4/2019
Comment0 comments  |  Read  |  Post a Comment
Cartoon Contest: Bedtime Stories
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 9/4/2019
Comment11 comments  |  Read  |  Post a Comment
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Dark Reading Staff, Quick Hits
Twitter CEO Jack Dorsey's Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
By Dark Reading Staff , 8/30/2019
Comment2 comments  |  Read  |  Post a Comment
Google Announces New, Expanded Bounty Programs
Dark Reading Staff, Quick Hits
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
By Dark Reading Staff , 8/29/2019
Comment0 comments  |  Read  |  Post a Comment
TrickBot Comes to Cellular Carriers
Dark Reading Staff, Quick Hits
A new malicious campaign seeks cell account PINs from victims.
By Dark Reading Staff , 8/28/2019
Comment1 Comment  |  Read  |  Post a Comment
Malware Found in Android App with 100M Users
Dark Reading Staff, Quick Hits
CamScanner, a legitimate app used to scan and manage documents, was found executing payloads on Android devices.
By Dark Reading Staff , 8/28/2019
Comment7 comments  |  Read  |  Post a Comment
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Steve Zurier, Contributing Writer
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
By Steve Zurier Contributing Writer, 8/27/2019
Comment0 comments  |  Read  |  Post a Comment
Apple Releases Emergency Patch for iPhone Jailbreak Flaw
Dark Reading Staff, Quick Hits
iOS version 12.4.1 fixes the "use after free" vulnerability.
By Dark Reading Staff , 8/26/2019
Comment0 comments  |  Read  |  Post a Comment
More Than Half of Social Media Login Attempts Are Fraud
Kelly Sheridan, Staff Editor, Dark ReadingNews
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
By Kelly Sheridan Staff Editor, Dark Reading, 8/26/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by lboettger537
Current Conversations Don't let the (bed) bugs byte.
In reply to: Bugs
Post Your Own Reply
More Conversations
PR Newswire
For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Craig Harber, Chief Technology Officer at Fidelis Cybersecurity,  10/8/2019
A Realistic Threat Model for the Masses
Lysa Myers, Security Researcher, ESET,  10/9/2019
USB Drive Security Still Lags
Dark Reading Staff 10/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17593
PUBLISHED: 2019-10-14
JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an administrator.
CVE-2019-17594
PUBLISHED: 2019-10-14
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVE-2019-17595
PUBLISHED: 2019-10-14
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVE-2019-14823
PUBLISHED: 2019-10-14
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to...
CVE-2019-17592
PUBLISHED: 2019-10-14
The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The __isInt() function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option.