Mobile
News & Commentary
Facebook Developing App For Private Sharing
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook's in-development "Moments" app could make sharing with small groups easier. Here's what we know, plus tips to manage friend lists now.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/17/2014
Comment3 comments  |  Read  |  Post a Comment
Browser Vulnerability 'Privacy Disaster' For 3 Of 4 Android Users
Sara Peters, Senior Editor at Dark ReadingQuick Hits
An exploit of an unsupported Android browser bypasses the ever-important Same Origin Policy.
By Sara Peters Senior Editor at Dark Reading, 9/16/2014
Comment1 Comment  |  Read  |  Post a Comment
Mining WiFi Data: Retail Privacy Pitfalls
Doug Henschen, Executive Editor, InformationWeekCommentary
WiFi data mining starts with anonymous tracking, but it can lead to personal details in social profiles. Interop New York session explores opportunities and limits for retailers.
By Doug Henschen Executive Editor, InformationWeek, 9/15/2014
Comment13 comments  |  Read  |  Post a Comment
Apple Pay: A Necessary Push To Transform Consumer Payments
Lucas Zaichkowsky, Enterprise Defense Architect, AccessDataCommentary
Apple Pay is a strategic move that will rival PayPal and other contenders in the mobile wallet marketplace. The big question is whether consumers and businesses are ready to ditch the plastic.
By Lucas Zaichkowsky Enterprise Defense Architect, AccessData, 9/11/2014
Comment16 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Apple Pay Ups Payment Security But PoS Threats Remain
Sara Peters, Senior Editor at Dark ReadingNews
Apple's new contactless payment tech will not stop point-of-sale breaches like Home Depot and UPS, but it could make those breaches less valuable to attackers.
By Sara Peters Senior Editor at Dark Reading, 9/10/2014
Comment21 comments  |  Read  |  Post a Comment
Apple iCloud Hack's Other Victim: Cloud Trust
Charles Babcock, Editor At Large, InformationWeek Commentary
Our flash poll finds users feel more vulnerable about cloud security in general. No wonder: Apple's opening statement of indignation now sounds a little hollow.
By Charles Babcock Editor At Large, InformationWeek , 9/10/2014
Comment2 comments  |  Read  |  Post a Comment
Study: 15 Million Devices Infected With Mobile Malware
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Sixty percent of the infected devices run Android.
By Sara Peters Senior Editor at Dark Reading, 9/9/2014
Comment0 comments  |  Read  |  Post a Comment
Blinders For Google Glass
Thomas Claburn, Editor-at-LargeCommentary
Cyborg Unplug promises to boot Google Glass and other surveillance devices from local networks.
By Thomas Claburn Editor-at-Large, 9/9/2014
Comment6 comments  |  Read  |  Post a Comment
Poll: Significant Insecurity About Internet of Things
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Fewer than one percent of more than 800 Dark Reading community members are ready for the fast approaching security onslaught of the IoT.
By Marilyn Cohodas Community Editor, Dark Reading, 9/5/2014
Comment3 comments  |  Read  |  Post a Comment
California Smartphone Kill-Switch Law: What It Means
Thomas Claburn, Editor-at-LargeCommentary
Do you understand the consequences of California's new smartphone anti-theft law? Our FAQ will clear up the confusion.
By Thomas Claburn Editor-at-Large, 8/29/2014
Comment33 comments  |  Read  |  Post a Comment
NIST Drafts Mobile App Security Guidelines
Richard W. Walker, Commentary
National Institute for Standards and Technology issues first draft of guidelines intended to help federal agencies balance benefits and risks of third-party mobile apps.
By Richard W. Walker , 8/28/2014
Comment5 comments  |  Read  |  Post a Comment
Location Tracking: 6 Social App Settings To Check
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Popular social apps, including Facebook, Google, Foursquare, and Twitter, may track your every move. Get the lowdown -- and instructions for turning off these options.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/26/2014
Comment37 comments  |  Read  |  Post a Comment
All In For The Coming World of 'Things'
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
By Don Bailey Founder & CEO, Lab Mouse Security, 8/25/2014
Comment6 comments  |  Read  |  Post a Comment
Android Flaw Might Also Affect iOS, Windows
Thomas Claburn, Editor-at-LargeCommentary
Sandboxing flaw let researchers hijack Gmail 92% of the time, and could also affect iOS and Windows.
By Thomas Claburn Editor-at-Large, 8/23/2014
Comment18 comments  |  Read  |  Post a Comment
US, German Researchers Build Android Security Framework
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The Android Security Modules (ASM) framework aims to streamline and spread security features, updates to Android devices.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/20/2014
Comment2 comments  |  Read  |  Post a Comment
4 Tips: Protect Government Data From Mobile Malware
Julie M. Anderson, Managing Director, Civitas GroupCommentary
Mobile malware continues to proliferate, particularly on Android devices. These four steps help counter the threat.
By Julie M. Anderson Managing Director, Civitas Group, 8/20/2014
Comment2 comments  |  Read  |  Post a Comment
Why John McAfee Is Paranoid About Mobile
Peter Zavlaris, Analyst, RiskIQCommentary
Mobile apps are posing expanding risks to both enterprises and their customers. But maybe being paranoid about mobile is actually healthy for security.
By Peter Zavlaris Analyst, RiskIQ, 8/19/2014
Comment13 comments  |  Read  |  Post a Comment
California Nears Smartphone Kill Switch
Eric Zeman, Commentary
Law would force phone makers to add remote kill switches; Apple, Google, and Microsoft have already agreed to implement them.
By Eric Zeman , 8/12/2014
Comment13 comments  |  Read  |  Post a Comment
Facebook Malware: Protect Your Profile
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Malicious "Color Change" app has resurfaced on Facebook, compromising thousands of profiles. Here's what to do if you're infected.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/8/2014
Comment12 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Security Insights
RIM's Biggest Network Disruption Over: Now What?
RIM's Biggest Network Disruption Over: Now What?
Service disruption becoming all too familiar outcome for BlackBerry users
Comment0 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1032
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inf...

CVE-2012-1417
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.

CVE-2012-1506
Published: 2014-09-17
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from th...

CVE-2012-1507
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index...

CVE-2012-2583
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

Best of the Web
Dark Reading Radio