Mobile
News & Commentary
Cellphones OK For EU Airlines
Thomas Claburn, Editor-at-LargeCommentary
European regulators allow voice calls throughout flights.
By Thomas Claburn Editor-at-Large, 9/29/2014
Comment7 comments  |  Read  |  Post a Comment
iOS In-App Browsing Poses Security Risk
Thomas Claburn, Editor-at-LargeCommentary
iOS developer warns that browser windows invoked within third-party apps allow information theft.
By Thomas Claburn Editor-at-Large, 9/26/2014
Comment1 Comment  |  Read  |  Post a Comment
Mobile-Only Employee Trend Could Break Security Models
Ericka Chickowski, Contributing Writer, Dark ReadingNews
One-third of employees exclusively use mobile devices for work, but security organizations still aren't shifting their risk management focus.
By Ericka Chickowski Contributing Writer, Dark Reading, 9/22/2014
Comment10 comments  |  Read  |  Post a Comment
Google Plans To Encrypt Android Data By Default
Thomas Claburn, Editor-at-LargeCommentary
After Apple CEO Tim Cook talks up iOS8 data security, Google says the next version of Android will shield data on devices more effectively.
By Thomas Claburn Editor-at-Large, 9/20/2014
Comment18 comments  |  Read  |  Post a Comment
Mobile Device Security Isn't All About Devices
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Roberto Medrano, executive vice president of SOA Software, explains why securing mobile applications and APIs is so essential.
By Sara Peters Senior Editor at Dark Reading, 9/19/2014
Comment2 comments  |  Read  |  Post a Comment
Apple CEO: We Don't Covet Your Data
Thomas Claburn, Editor-at-LargeCommentary
Apple CEO Tim Cook highlights the company's commitment to privacy in an open letter.
By Thomas Claburn Editor-at-Large, 9/18/2014
Comment13 comments  |  Read  |  Post a Comment
Facebook Explains iOS 8 App Privacy Changes
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Despite tweaks to a privacy setting in iOS 8, Facebook says it's not tracking you any more than it already has been.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/18/2014
Comment1 Comment  |  Read  |  Post a Comment
Facebook Developing App For Private Sharing
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook's in-development "Moments" app could make sharing with small groups easier. Here's what we know, plus tips to manage friend lists now.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/17/2014
Comment6 comments  |  Read  |  Post a Comment
Browser Vulnerability 'Privacy Disaster' For 3 Of 4 Android Users
Sara Peters, Senior Editor at Dark ReadingQuick Hits
An exploit of an unsupported Android browser bypasses the ever-important Same Origin Policy.
By Sara Peters Senior Editor at Dark Reading, 9/16/2014
Comment1 Comment  |  Read  |  Post a Comment
Mining WiFi Data: Retail Privacy Pitfalls
Doug Henschen, Executive Editor, InformationWeekCommentary
WiFi data mining starts with anonymous tracking, but it can lead to personal details in social profiles. Interop New York session explores opportunities and limits for retailers.
By Doug Henschen Executive Editor, InformationWeek, 9/15/2014
Comment13 comments  |  Read  |  Post a Comment
Apple Pay: A Necessary Push To Transform Consumer Payments
Lucas Zaichkowsky, Enterprise Defense Architect, AccessDataCommentary
Apple Pay is a strategic move that will rival PayPal and other contenders in the mobile wallet marketplace. The big question is whether consumers and businesses are ready to ditch the plastic.
By Lucas Zaichkowsky Enterprise Defense Architect, AccessData, 9/11/2014
Comment16 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Apple Pay Ups Payment Security But PoS Threats Remain
Sara Peters, Senior Editor at Dark ReadingNews
Apple's new contactless payment tech will not stop point-of-sale breaches like Home Depot and UPS, but it could make those breaches less valuable to attackers.
By Sara Peters Senior Editor at Dark Reading, 9/10/2014
Comment21 comments  |  Read  |  Post a Comment
Apple iCloud Hack's Other Victim: Cloud Trust
Charles Babcock, Editor At Large, InformationWeek Commentary
Our flash poll finds users feel more vulnerable about cloud security in general. No wonder: Apple's opening statement of indignation now sounds a little hollow.
By Charles Babcock Editor At Large, InformationWeek , 9/10/2014
Comment2 comments  |  Read  |  Post a Comment
Study: 15 Million Devices Infected With Mobile Malware
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Sixty percent of the infected devices run Android.
By Sara Peters Senior Editor at Dark Reading, 9/9/2014
Comment1 Comment  |  Read  |  Post a Comment
Blinders For Google Glass
Thomas Claburn, Editor-at-LargeCommentary
Cyborg Unplug promises to boot Google Glass and other surveillance devices from local networks.
By Thomas Claburn Editor-at-Large, 9/9/2014
Comment6 comments  |  Read  |  Post a Comment
Poll: Significant Insecurity About Internet of Things
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Fewer than one percent of more than 800 Dark Reading community members are ready for the fast approaching security onslaught of the IoT.
By Marilyn Cohodas Community Editor, Dark Reading, 9/5/2014
Comment3 comments  |  Read  |  Post a Comment
California Smartphone Kill-Switch Law: What It Means
Thomas Claburn, Editor-at-LargeCommentary
Do you understand the consequences of California's new smartphone anti-theft law? Our FAQ will clear up the confusion.
By Thomas Claburn Editor-at-Large, 8/29/2014
Comment34 comments  |  Read  |  Post a Comment
NIST Drafts Mobile App Security Guidelines
Richard W. Walker, Commentary
National Institute for Standards and Technology issues first draft of guidelines intended to help federal agencies balance benefits and risks of third-party mobile apps.
By Richard W. Walker , 8/28/2014
Comment5 comments  |  Read  |  Post a Comment
Location Tracking: 6 Social App Settings To Check
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Popular social apps, including Facebook, Google, Foursquare, and Twitter, may track your every move. Get the lowdown -- and instructions for turning off these options.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/26/2014
Comment37 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Security Insights
RIM's Biggest Network Disruption Over: Now What?
RIM's Biggest Network Disruption Over: Now What?
Service disruption becoming all too familiar outcome for BlackBerry users
Comment0 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6856
Published: 2014-10-02
The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6857
Published: 2014-10-02
The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6858
Published: 2014-10-02
The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6859
Published: 2014-10-02
The Daum Maps - Subway (aka net.daum.android.map) application 3.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6860
Published: 2014-10-02
The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.