Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Mobile
Page 1 / 2   >   >>
Survey Seeks to Learn How 2020 Changed Security
Quick Hits  |  6/23/2021  | 
Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
Name That Toon: Sight Unseen
Commentary  |  6/14/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
News  |  6/11/2021  | 
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
Healthcare Device Security Firm COO Charged With Hacking Medical Center
Quick Hits  |  6/10/2021  | 
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medical Center.
New Security Event @Hack to Take Place in Saudi Arabia
Quick Hits  |  6/9/2021  | 
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
FBI Issued Encrypted Devices to Capture Criminals
Quick Hits  |  6/8/2021  | 
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.
Cartoon Caption Winner: Road Trip
Commentary  |  6/7/2021  | 
And the winner of Dark Reading's cartoon caption contest is ...
Most Mobile Apps Can Be Compromised in 15 Minutes or Less
Commentary  |  5/28/2021  | 
In the name of releasing apps quickly and delivering a smooth user experience, mobile app security is often given short shrift.
How Menlo Uses Isolation to Secure Mobile Devices in the Cloud
Commentary  |  5/27/2021  | 
SPONSORED: WATCH NOW -- Mobile devices like smartphones and tablets have emerged as popular targets for bad actors looking to break into to cloud-based networks, according to Poornima DeBolle, chief product officer for Menlo Security.
Orange: Your Leaky Security is Coming from Inside the House!
Commentary  |  5/26/2021  | 
SPONSORED: Your home WiFi router may be screaming fast, but it's also a major point of vulnerability in this work-from-home era, says Charl van der Walt, head of security research at Orange Cyberdefense. And while Zero Trust offers some relief, he offers up some how-to advice to ensure it's properly deployed.
Security Providers Describe New Solutions (& Growing Threats) at RSAC
Commentary  |  5/20/2021  | 
SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.
Google Chrome Makes It Easier to Update Compromised Passwords
Quick Hits  |  5/19/2021  | 
A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.
Name That Toon: Road Trip
Commentary  |  5/17/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks
News  |  5/14/2021  | 
Every Wi-Fi product is affected by at least one fragmentation and aggregation vulnerability, which could lead to a machine-in-the-middle attack, researcher says.
Researchers Unearth 167 Fake iOS & Android Trading Apps
Quick Hits  |  5/12/2021  | 
The apps are disguised as financial trading, banking, and cryptocurrency apps from well-known and trusted organizations.
Cartoon Caption Winner: Greetings, Earthlings
Commentary  |  5/11/2021  | 
And the winner of Dark Reading's April cartoon caption contest is ...
Most Organizations Feel More Vulnerable to Breaches Amid Pandemic
Quick Hits  |  5/7/2021  | 
More than half of business see the need for significant long-term changes to IT due to COVID-19, research finds.
Google Plans to Automatically Enable Two-Factor Authentication
Quick Hits  |  5/6/2021  | 
The company plans to automatically enroll users in two-step verification if their accounts are properly configured.
7 Modern-Day Cybersecurity Realities
Slideshows  |  4/30/2021  | 
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
FluBot Malware's Rapid Spread May Soon Hit US Phones
News  |  4/28/2021  | 
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.
Name That Toon: Greetings, Earthlings
Commentary  |  4/22/2021  | 
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
Unofficial Android App Store APKPure Infected With Malware
Quick Hits  |  4/9/2021  | 
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.
8 Security & Privacy Apps to Share With Family and Friends
Slideshows  |  4/9/2021  | 
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
Cartoon Caption Winner: Something Seems Afoul
Commentary  |  4/7/2021  | 
And the winner of Dark Readings's March cartoon caption contest is ...
7 Security Strategies as Employees Return to the Office
Slideshows  |  4/1/2021  | 
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
Apple Patches iOS Zero-Day
Quick Hits  |  3/26/2021  | 
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
Quick Hits  |  3/25/2021  | 
A decision on the order, which contains several recommendations, is still forthcoming.
Nearly Half of Popular Android Apps Built With High-Risk Components
News  |  3/25/2021  | 
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.
Disgruntled IT Contractor Sentenced in Retaliatory Office 365 Attack
Quick Hits  |  3/23/2021  | 
Former contractor deleted 1,200 user accounts in revenge.
Facebook Expands Security Key Support to iOS & Android
News  |  3/18/2021  | 
Facebook's announcement arrives the same week Twitter enabled support for multiple security keys on user accounts.
New CopperStealer Malware Hijacks Social Media Accounts
Quick Hits  |  3/18/2021  | 
Proofpoint researchers say it steals logins and spreads more malware.
Lookout Acquires SASE Cloud Provider CipherCloud
Quick Hits  |  3/15/2021  | 
Deal signals a focus on the cloud for mobile security firm.
Malware Operator Employs New Trick to Upload Its Dropper into Google Play
News  |  3/10/2021  | 
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps.
Call Recorder iPhone App Flaw Uncovered
Quick Hits  |  3/10/2021  | 
Researcher finds thousands of recorded calls easily accessible to others.
COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns
Commentary  |  3/9/2021  | 
The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.
Secure Laptops & the Enterprise of the Future
Commentary  |  3/4/2021  | 
The enterprise of the future will depend upon organizations' ability to extend the company firewall to everywhere people are working.
New Jailbreak Tool Works on Most iPhones
Quick Hits  |  3/1/2021  | 
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees
Commentary  |  2/15/2021  | 
Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.
How to Submit a Column to Dark Reading
Commentary  |  2/15/2021  | 
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
Android App Infects Millions of Devices With a Single Update
Quick Hits  |  2/8/2021  | 
The popular Barcode Scanner app, which as been available on Google Play for years, turned malicious with one software update.
Cartoon Caption Winner: Insider Threat
Commentary  |  2/8/2021  | 
And the winner of Dark Reading's January cartoon caption contest is ...
The Data-Centric Path to Zero Trust
Commentary  |  1/13/2021  | 
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
Mobile Endpoint Security: Still the Crack in the Enterprise's Cyber Armor
Commentary  |  12/30/2020  | 
A combination of best practices and best-in-class technology will help keep your enterprise from falling victim to ever-growing threats.
'Fingerprint-Jacking' Attack Technique Manipulates Android UI
News  |  12/10/2020  | 
Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.
Keeping Cyber Secure at Christmas
News  |  12/8/2020  | 
Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.
Researchers Discover New Obfuscation-As-a-Service Platform
News  |  12/3/2020  | 
Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.
Google Security Researcher Develops 'Zero-Click' Exploit for iOS Flaw
News  |  12/3/2020  | 
A new patched memory corruption vulnerability in Apple's AWDL protocol can be used to take over iOS devices that are in close proximity to an attacker.
Free Mobile App Measures Your Personal Cyber Risk
News  |  12/2/2020  | 
New app for Android and Apple iOS uses an algorithm co-developed with MIT to gauge security posture on an ongoing basis.
Ivanti Acquires MobileIron & Pulse Secure
Quick Hits  |  12/1/2020  | 
The company plans to use these acquisitions to strengthen and secure IT connections across remote devices and infrastructure.
Page 1 / 2   >   >>


Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.