Mobile

News & Commentary
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher demonstrates how attackers could steal data from smartphones while they're charging.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/8/2018
Comment3 comments  |  Read  |  Post a Comment
Apple Issues Security Fixes Across Mac, iOS
Dark Reading Staff, Quick Hits
Software updates for Mac and iOS bring patches to Safari, iCloud, iTunes on Windows, and tvOS.
By Dark Reading Staff , 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance
Kelly Sheridan, Staff Editor, Dark ReadingNews
BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
More Than 50% of Free Mobile VPN Apps Have Chinese Ties
Dark Reading Staff, Quick Hits
In addition, most have "unacceptable" privacy policies and "non-existent user support."
By Dark Reading Staff , 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard TechnologiesCommentary
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.
By Ryan Orsi Director of Product Management for Wi-Fi at WatchGuard Technologies, 11/14/2018
Comment2 comments  |  Read  |  Post a Comment
Guilty Plea Made in Massive International Cell Phone Fraud Case
Dark Reading Staff, Quick Hits
A former West Palm Beach resident is the fifth defendant to plead guilty in a case involving thousands of victims.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Symantec Acquires Appthority And Javelin Networks
Dark Reading Staff, Quick Hits
Both buys bolster the cybersecurity company's endpoint security business.
By Dark Reading Staff , 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Apple Patches Multiple Major Security Flaws
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New security updates cross all Apple platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
AppSec Is Dead, but Software Security Is Alive & Well
Matt Rose, Global Director Application Security Strategy, at CheckmarxCommentary
Application security must be re-envisioned to support software security. It's time to shake up your processes.
By Matt Rose Global Director Application Security Strategy, at Checkmarx, 10/29/2018
Comment2 comments  |  Read  |  Post a Comment
Tackling Supply Chain Threats
Ang Cui, Founder & CEO, Red Balloon SecurityCommentary
Vendor-supplied malware is a threat that has been largely overlooked. That has to change.
By Ang Cui Founder & CEO, Red Balloon Security, 10/24/2018
Comment0 comments  |  Read  |  Post a Comment
The Browser Is the New Endpoint
Rajesh Ranganathan, Product Manager at ManageEngineCommentary
Given the role browsers play in accessing enterprise applications and information, it's time to rethink how we classify, manage, and secure them.
By Rajesh Ranganathan Product Manager at ManageEngine, 10/23/2018
Comment3 comments  |  Read  |  Post a Comment
Spies Among Us: Tracking, IoT & the Truly Inside Threat
Amit Sethi, Senior Principal Consultant at SynopsysCommentary
In today's ultra-connected world, it's important for users to understand how to safeguard security while browsing the web and using electronic devices.
By Amit Sethi Senior Principal Consultant at Synopsys, 10/16/2018
Comment0 comments  |  Read  |  Post a Comment
Not All Multifactor Authentication Is Created Equal
Alexandre Cagnoni, Director of Authentication at WatchGuard TechnologiesCommentary
Users should be aware of the strengths and weaknesses of the various MFA methods.
By Alexandre Cagnoni Director of Authentication at WatchGuard Technologies, 10/11/2018
Comment0 comments  |  Read  |  Post a Comment
An Intro to Intra, the Android App for DNS Encryption
Kelly Sheridan, Staff Editor, Dark ReadingNews
Alphabet's Jigsaw has released Intra, a free security app that aims to prevent government censorship.
By Kelly Sheridan Staff Editor, Dark Reading, 10/3/2018
Comment0 comments  |  Read  |  Post a Comment
California Enacts First-in-Nation IoT Security Law
Dark Reading Staff, Quick Hits
The new law requires some form of authentication for most connected devices.
By Dark Reading Staff , 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
Exclusive: Cisco, Duo Execs Share Plans for the Future
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cisco's Gee Rittenhouse and Duo's Dug Song offer ideas and goals for the merged companies as Duo folds under the Cisco umbrella.
By Kelly Sheridan Staff Editor, Dark Reading, 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Hacked, 50 Million Users Affected
Kelly Sheridan, Staff Editor, Dark ReadingNews
A vulnerability in Facebook's "View As" feature let attackers steal security tokens linked to 50 million accounts, the company confirms.
By Kelly Sheridan Staff Editor, Dark Reading, 9/28/2018
Comment2 comments  |  Read  |  Post a Comment
Security Flaw Found in Apple Mobile Device Enrollment Program
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Authentication weakness in Apple's DEP could open a window of opportunity for attackers.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/27/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptomining Malware Continues Rapid Growth: Report
Dark Reading Staff, Quick Hits
Cryptomining malware is the fastest-growing category of malicious software, according to a new report.
By Dark Reading Staff , 9/25/2018
Comment1 Comment  |  Read  |  Post a Comment
As Tech Drives the Business, So Do CISOs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
By Kelly Sheridan Staff Editor, Dark Reading, 9/19/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.