Mobile

News & Commentary
7 Tips for an Effective Employee Security Awareness Program
Jai Vijayan, Freelance writer
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
By Jai Vijayan Freelance writer, 4/17/2019
Comment1 Comment  |  Read  |  Post a Comment
Meet Scranos: New Rootkit-Based Malware Gains Confidence
Kelly Sheridan, Staff Editor, Dark ReadingNews
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2019
Comment1 Comment  |  Read  |  Post a Comment
New Android Malware Adds Persistence, Targets Australian Banking Customers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Malware campaign, which finds and exfiltrates a user's contact list and banking credentials, could potentially grow to global proportions.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/10/2019
Comment0 comments  |  Read  |  Post a Comment
Android Phones Now Double as Physical Security Keys
Kelly Sheridan, Staff Editor, Dark ReadingNews
Google debuted a series of security updates at Next 2019, giving users the option to use their phone as a second authentication factor.
By Kelly Sheridan Staff Editor, Dark Reading, 4/10/2019
Comment1 Comment  |  Read  |  Post a Comment
'MuddyWater' APT Spotted Attacking Android
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Cyber espionage attack group adds mobile malware to its toolset.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/10/2019
Comment1 Comment  |  Read  |  Post a Comment
Stop Mocking & Start Enabling Emerging Technologies
Rick Holland, Chief Information Security Officer and Vice President of  Strategy at Digital ShadowsCommentary
Mocking new technology isn't productive and can lead to career disadvantage.
By Rick Holland Chief Information Security Officer and Vice President of Strategy at Digital Shadows, 4/9/2019
Comment0 comments  |  Read  |  Post a Comment
8 Steps to More Effective Small Business Security
Curtis Franklin Jr., Senior Editor at Dark Reading
Small business face the same security challenges as large enterprises but with much smaller security teams. Here are 8 things to do to get the most from yours.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Phishing Campaign Targeting Verizon Mobile Users
Steve Zurier, Freelance WriterNews
Lookout Phishing AI, which discovered the attack, says it has been going on since late November.
By Steve Zurier Freelance Writer, 4/5/2019
Comment1 Comment  |  Read  |  Post a Comment
How iOS App Permissions Open Holes for Hackers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/4/2019
Comment0 comments  |  Read  |  Post a Comment
Major Mobile Financial Apps Harbor Built-in Vulnerabilities
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A wide variety of financial services companies' apps suffer from poor programing practices and unshielded data.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/2/2019
Comment1 Comment  |  Read  |  Post a Comment
Nuanced Approach Needed to Deal With Huawei 5G Security Concerns
Jai Vijayan, Freelance writerNews
Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.
By Jai Vijayan Freelance writer, 4/1/2019
Comment3 comments  |  Read  |  Post a Comment
In the Race Toward Mobile Banking, Don't Forget Risk Management
Sam Abadir, Vice President of Industry Solutions at LockpathCommentary
The rise of mobile banking and payment services has sparked widespread adoption, making a focus on risk essential.
By Sam Abadir Vice President of Industry Solutions at Lockpath, 4/1/2019
Comment2 comments  |  Read  |  Post a Comment
New Android Trojan Targets 100+ Banking Apps
Jai Vijayan, Freelance writerNews
'Gustuff' also designed to steal from cryptocurrency wallets, payment services, e-commerce apps.
By Jai Vijayan Freelance writer, 3/28/2019
Comment1 Comment  |  Read  |  Post a Comment
Stealing Corporate Funds Still Top Goal of Messaging Attacks
Robert Lemos, Technology Journalist/Data ResearcherNews
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
By Robert Lemos , 3/19/2019
Comment0 comments  |  Read  |  Post a Comment
GPS Spoof Hits Geneva Motor Show
Dark Reading Staff, Quick Hits
Incident leaves GPS units showing a location in England and a date 17 years in the future.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
'SimBad': Android Adware Hits 210 Apps with 150M Downloads
Dark Reading Staff, Quick Hits
Google has removed infected applications from the Google Play store after a form of adware potentially affected millions of users.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
5 Essentials for Securing and Managing Windows 10
Josh Mayfield, Director of Security Strategy at AbsoluteCommentary
It's possible to intelligently deploy and utilize Windows 10's many security enhancements while avoiding common and costly migration pitfalls.
By Josh Mayfield Director of Security Strategy at Absolute, 3/12/2019
Comment0 comments  |  Read  |  Post a Comment
Companies Having Trouble Translating Security to Mobile Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
As more enterprise work takes place on mobile devices, more companies are feeling insecure about the security of their mobile fleet, according to a new Verizon report.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/7/2019
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Debuts Mobile Threat Detection System at RSA Conference
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Falcon for Mobile offers detection and response capabilities for mobile platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/4/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by lisarboutte
Current Conversations Wooow its greeaat)
In reply to: Great
Post Your Own Reply
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7303
PUBLISHED: 2019-04-23
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 b...
CVE-2019-7304
PUBLISHED: 2019-04-23
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
CVE-2019-0223
PUBLISHED: 2019-04-23
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1...
CVE-2017-12619
PUBLISHED: 2019-04-23
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
CVE-2018-1317
PUBLISHED: 2019-04-23
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.