Comments
Threats from Mobile Ransomware & Banking Malware Are Growing
Newest First  |  Oldest First  |  Threaded View
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2018 | 7:00:08 PM
Two-factor
to stay under the radar, steal more than just credit card data, and bypass security mechanisms It is better to use two factor authentication and never click a link in the email to access to your bank.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2018 | 6:58:24 PM
Banking
With banking increasingly becoming an integral part of mobile device usage, attackers have begun building more-sophisticated capabilities into their mobile banking malware. This is critical to pay attention I think. When I hits bank apps it will hurt a lot of people.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2018 | 6:56:23 PM
SLocker
The most pervasive mobile ransomware in 2017 was SLocker Surprisingly I have not heard this, maybe because I am not an Android user.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2018 | 6:53:58 PM
Android
In keeping with past trends, a vast majority of the threats affected Android devices and those downloading mobile applications from unofficial third-party stores. This is one of the disadvantages of closed system. iOS has it right in a way that onky approved things could be run
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2018 | 6:51:04 PM
Ransomware
Ransomware, banking malware, and other threats aimed at smartphones increased sharply in volume last year and will pose a growing threat to organizations and individuals in 2018 and beyond I thinks this is because most of us respond a ransomware attack.


Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1061
PUBLISHED: 2018-06-19
python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1073
PUBLISHED: 2018-06-19
The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.
CVE-2018-12557
PUBLISHED: 2018-06-19
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could ...
CVE-2018-12559
PUBLISHED: 2018-06-19
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing directory traversal sequ...
CVE-2018-12560
PUBLISHED: 2018-06-19
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.