Mobile
News & Commentary
Android Malware On The Rise
Sara Peters, Senior Editor at Dark ReadingNews
By the end of 2015, researchers expect the number of new Android malware strains to hit 2 million.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment0 comments  |  Read  |  Post a Comment
Getting To Yes: Negotiating Technology Innovation & Security Risk
Tsion Gonen , Chief Strategy Office, Gemalto, Identity & Data ProtectionCommentary
As enterprises look for ways to leverage the cloud, mobility, Big Data, and social media for competitive advantage, CISOs can no longer give blanket refusals to IT experimentation.
By Tsion Gonen Chief Strategy Office, Gemalto, Identity & Data Protection, 6/30/2015
Comment0 comments  |  Read  |  Post a Comment
What Do You Mean My Security Tools Donít Work on APIs?!!
Jeff Williams, CTO, Aspect Security & Contrast SecurityCommentary
SAST and DAST scanners havenít advanced much in 15 years. But the bigger problem is that they were designed for web apps, not to test the security of an API.
By Jeff Williams CTO, Aspect Security & Contrast Security, 6/25/2015
Comment6 comments  |  Read  |  Post a Comment
iOS 9, Android M Place New Focus On Security, Privacy
Pablo Valerio, International Business & IT ConsultantCommentary
Google and Apple have publicly challenged calls from law enforcement agencies to weaken encryption on consumer devices. In turn, iOS 9 and Android M will sport a string of new security and privacy features for users.
By Pablo Valerio International Business & IT Consultant, 6/24/2015
Comment3 comments  |  Read  |  Post a Comment
FitBit, Acer Liquid Leap Fail In Security Fitness
Sara Peters, Senior Editor at Dark ReadingNews
Transmissions to the cloud are secured with these Internet of Things devices, but wristband-to-phone comms are open to eavesdropping.
By Sara Peters Senior Editor at Dark Reading, 6/22/2015
Comment2 comments  |  Read  |  Post a Comment
Samsung Update Fixes SwiftKey Security Flaw
Kelly Sheridan, Associate Editor, InformationWeekNews
Samsung will release a security policy update following reports of vulnerability in SwiftKey keyboard replacement software.
By Kelly Sheridan Associate Editor, InformationWeek, 6/20/2015
Comment2 comments  |  Read  |  Post a Comment
7 Top Security Quotes From London Technology Week
Sara Peters, Senior Editor at Dark Reading
Tech events across the city hit on IoT, smart cities, mobility and Legos.
By Sara Peters Senior Editor at Dark Reading, 6/19/2015
Comment9 comments  |  Read  |  Post a Comment
600M Samsung Smartphones Vulnerable To Hacking
Larry Loeb, Blogger, InformationweekCommentary
A report from a security firms finds that Samsung's smartphones are vulnerable to attacks thanks to replacement software in the SwiftKey keyboard. However, it's not really Samsung's fault.
By Larry Loeb Blogger, Informationweek, 6/17/2015
Comment13 comments  |  Read  |  Post a Comment
Millennials And Smartphone Apps: Your Security Nightmare
Kelly Sheridan, Associate Editor, InformationWeekNews
Millennials' overall relaxed attitude towards security could be leaving your corporate data vulnerable to hackers.
By Kelly Sheridan Associate Editor, InformationWeek, 6/12/2015
Comment7 comments  |  Read  |  Post a Comment
Apple Adds 6-Digit Passcodes And A Splash Of 2FA To iOS9
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Unknown devices must be confirmed with verification codes.
By Sara Peters Senior Editor at Dark Reading, 6/11/2015
Comment0 comments  |  Read  |  Post a Comment
iOS Mail App Vulnerable To Phishing Bug
Nathan Eddy, Freelance WriterNews
An unpatched bug in Apple's Mail app for iOS mobile devices could easily fool users into giving up their iCloud passwords to phishing hackers.
By Nathan Eddy Freelance Writer, 6/11/2015
Comment1 Comment  |  Read  |  Post a Comment
Firewalls Sustain Foundation of Sound Security
Jody Brazil, Founder and CEO of FireMonCommentary
Simply put, organizations that cannot maintain rigid firewall enforcement are more likely to be compromised.
By Jody Brazil Founder and CEO of FireMon, 6/10/2015
Comment1 Comment  |  Read  |  Post a Comment
Why the Firewall is Increasingly Irrelevant
Asaf Cidon, CEO & Co-founder, SookasaCommentary
It will take a dramatic reimagining of security to dedicate focus to the areas where company data actually resides. It starts with tearing down the firewall.
By Asaf Cidon CEO & Co-founder, Sookasa, 6/10/2015
Comment4 comments  |  Read  |  Post a Comment
Tim Cook: Customers, Not Companies, Should Control Their Data
Nathan Eddy, Freelance WriterNews
Apple CEO Tim Cook told a crowd that consumer data should be theirs to keep and not used to make businesses money. He targeted Google and Facebook without mentioning them.
By Nathan Eddy Freelance Writer, 6/3/2015
Comment9 comments  |  Read  |  Post a Comment
Google Play Ban Challenged By App Maker Disconnect
Thomas Claburn, Editor at Large, Enterprise MobilityNews
The dispute raises an important question for individuals and businesses: Who controls the software on mobile devices?
By Thomas Claburn Editor at Large, Enterprise Mobility, 6/3/2015
Comment0 comments  |  Read  |  Post a Comment
IoT Devices Hosted On Vulnerable Clouds In 'Bad Neighborhoods'
Sara Peters, Senior Editor at Dark ReadingNews
OpenDNS report finds that organizations may be more susceptible to Internet of Things devices than they realize.
By Sara Peters Senior Editor at Dark Reading, 6/2/2015
Comment1 Comment  |  Read  |  Post a Comment
3 Lessons From Heartland Breach The Second Time Around
Ericka Chickowski, Contributing Writer, Dark ReadingNews
While not even a drop in the bucket compared to its last breach, Heartland's exposure this week does offer some lessons to the security community.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/2/2015
Comment1 Comment  |  Read  |  Post a Comment
NSA Wanted To Hack Google App Store, Infect Android Phones
Eric Zeman, Commentary
The NSA and its Five Eyes allies researched a man-in-the-middle attack to infect Android smartphone users by hacking Google's App Store. It's the last revelation from Edward Snowden.
By Eric Zeman , 5/21/2015
Comment20 comments  |  Read  |  Post a Comment
Google, Apple Urge Obama To Protect Phone Data Privacy
Nathan Eddy, Freelance WriterNews
The letter, signed by Google, Apple, and a number of tech companies and security organizations, is urging Obama to halt legislation that would allow government to access personal data stored on mobile devices.
By Nathan Eddy Freelance Writer, 5/19/2015
Comment1 Comment  |  Read  |  Post a Comment
Deconstructing Mobile Fraud Risk
Subbu Sthanu, Director, Mobile Security & Application Security, IBMCommentary
Todayís enterprise security solutions donít do enough to manage BYOD risk, credit card theft and the reputational damage resulting from a major data breach.
By Subbu Sthanu Director, Mobile Security & Application Security, IBM, 5/5/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice post
Current Issue
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If youíre still focused on securing endpoints, youíve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1950
Published: 2015-07-01
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.

CVE-2015-1951
Published: 2015-07-01
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.

CVE-2015-1967
Published: 2015-07-01
MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the absence of the compatibility-mode option, which allows remote attackers to obtain sensitive information by sniffing the network for a session in which TLS is not used.

CVE-2014-9734
Published: 2015-06-30
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.

CVE-2014-9735
Published: 2015-06-30
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to (1) upload and execute arbitrary files via an update_plugin a...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report