Mobile
News & Commentary
California Smartphone Kill-Switch Law: What It Means
Thomas Claburn, Editor-at-LargeCommentary
Do you understand the consequences of California's new smartphone anti-theft law? Our FAQ will clear up the confusion.
By Thomas Claburn Editor-at-Large, 8/29/2014
Comment6 comments  |  Read  |  Post a Comment
NIST Drafts Mobile App Security Guidelines
Richard W. Walker, Commentary
National Institute for Standards and Technology issues first draft of guidelines intended to help federal agencies balance benefits and risks of third-party mobile apps.
By Richard W. Walker , 8/28/2014
Comment2 comments  |  Read  |  Post a Comment
Location Tracking: 6 Social App Settings To Check
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Popular social apps, including Facebook, Google, Foursquare, and Twitter, may track your every move. Get the lowdown -- and instructions for turning off these options.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/26/2014
Comment21 comments  |  Read  |  Post a Comment
All In For The Coming World of 'Things'
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
By Don Bailey Founder & CEO, Lab Mouse Security, 8/25/2014
Comment6 comments  |  Read  |  Post a Comment
Android Flaw Might Also Affect iOS, Windows
Thomas Claburn, Editor-at-LargeCommentary
Sandboxing flaw let researchers hijack Gmail 92% of the time, and could also affect iOS and Windows.
By Thomas Claburn Editor-at-Large, 8/23/2014
Comment18 comments  |  Read  |  Post a Comment
US, German Researchers Build Android Security Framework
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The Android Security Modules (ASM) framework aims to streamline and spread security features, updates to Android devices.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/20/2014
Comment2 comments  |  Read  |  Post a Comment
4 Tips: Protect Government Data From Mobile Malware
Julie M. Anderson, Managing Director, Civitas GroupCommentary
Mobile malware continues to proliferate, particularly on Android devices. These four steps help counter the threat.
By Julie M. Anderson Managing Director, Civitas Group, 8/20/2014
Comment2 comments  |  Read  |  Post a Comment
Why John McAfee Is Paranoid About Mobile
Peter Zavlaris, Analyst, RiskIQCommentary
Mobile apps are posing expanding risks to both enterprises and their customers. But maybe being paranoid about mobile is actually healthy for security.
By Peter Zavlaris Analyst, RiskIQ, 8/19/2014
Comment11 comments  |  Read  |  Post a Comment
California Nears Smartphone Kill Switch
Eric Zeman, Commentary
Law would force phone makers to add remote kill switches; Apple, Google, and Microsoft have already agreed to implement them.
By Eric Zeman , 8/12/2014
Comment13 comments  |  Read  |  Post a Comment
Facebook Malware: Protect Your Profile
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Malicious "Color Change" app has resurfaced on Facebook, compromising thousands of profiles. Here's what to do if you're infected.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/8/2014
Comment12 comments  |  Read  |  Post a Comment
The Hyperconnected World Has Arrived
Michael Sutton, VP Security Research, ZscalerCommentary
Yes, the ever-expanding attack surface of the Internet of Things is overwhelming. But next-gen security leaders gathered at Black Hat are up to the challenge.
By Michael Sutton VP Security Research, Zscaler, 8/8/2014
Comment6 comments  |  Read  |  Post a Comment
Chinese Government Rejects Apple's iPad
Thomas Claburn, Editor-at-LargeCommentary
Ten Apple products have been removed from a list of products that can be bought with Chinese government funds.
By Thomas Claburn Editor-at-Large, 8/6/2014
Comment11 comments  |  Read  |  Post a Comment
A Peek Inside The Black Hat Show Network
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Black Hat USA's wireless network offers authenticated, secure access as well as 'open' access.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/5/2014
Comment0 comments  |  Read  |  Post a Comment
LIVE From Las Vegas: Dark Reading Radio at Black Hat
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
If you can't physically be at Black Hat USA 2014, Dark Reading offers a virtual alternative where you can engage with presenters and attendees about hot show topics and trends.
By Marilyn Cohodas Community Editor, Dark Reading, 8/1/2014
Comment2 comments  |  Read  |  Post a Comment
New Mobile Phone '0wnage' Threat Discovered
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Widespread major vulnerabilities discovered in client control software that affect nearly all smartphone platforms: Details to come at Black Hat USA next week.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/31/2014
Comment6 comments  |  Read  |  Post a Comment
Hilton Turns Smartphones Into Room Keys
Thomas Claburn, Editor-at-LargeCommentary
Hilton hotel chain plans to let smartphones unlock guest rooms starting next year.
By Thomas Claburn Editor-at-Large, 7/29/2014
Comment14 comments  |  Read  |  Post a Comment
Internet of Things: 4 Security Tips From The Military
Michael K. Daly, CTO, Cybersecurity & Special Missions, Raytheon Intelligence, Information & ServicesCommentary
The military has been connecting mobile command posts, unmanned vehicles, and wearable computers for decades. It’s time to take a page from their battle plan.
By Michael K. Daly CTO, Cybersecurity & Special Missions, Raytheon Intelligence, Information & Services, 7/25/2014
Comment13 comments  |  Read  |  Post a Comment
Apple Documents Undisclosed iOS Services
Thomas Claburn, Editor-at-LargeCommentary
Apple describes services as "diagnostic," but does not address criticism that backdoors undermine security and privacy.
By Thomas Claburn Editor-at-Large, 7/23/2014
Comment0 comments  |  Read  |  Post a Comment
Wearables In Healthcare: Privacy Rules Needed
Alison Diana, Senior EditorCommentary
Johns Hopkins patient privacy violation didn't involve Google Glass or wearables but indicates why the healthcare industry must head off trouble with wearables in clinical settings.
By Alison Diana Senior Editor, 7/23/2014
Comment4 comments  |  Read  |  Post a Comment
Infographic: With BYOD, Mobile Is The New Desktop
Adam Ely, COO, BlueboxCommentary
Security teams have no choice but to embrace the rapid proliferation of BYO devices, apps, and cloud services. To ignore it is to put your head in the sand.
By Adam Ely COO, Bluebox, 7/22/2014
Comment8 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Marilyn Cohodas
Current Conversations #authentication #luddite
In reply to: Better than TouchID?
Post Your Own Reply
More Conversations
Security Insights
RIM's Biggest Network Disruption Over: Now What?
RIM's Biggest Network Disruption Over: Now What?
Service disruption becoming all too familiar outcome for BlackBerry users
Comment0 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.