Mobile
News & Commentary
FBI Probes Bid To Hack Democratic Party Officials Phones, Sources Say
Dark Reading Staff, Quick Hits
Russia-backed criminals again likely to be behind this hacking which, if proven, could involve theft of sensitive data, say the sources.
By Dark Reading Staff , 9/28/2016
Comment0 comments  |  Read  |  Post a Comment
Mobile Fraud Changes Outlook for Multifactor Authentication
Stephen Maloney, Executive VP, Business Development & Strategy, AcuantCommentary
SMS one-time passcodes just won't cut it anymore. We need new approaches that people will actually use.
By Steve Maloney , 9/27/2016
Comment0 comments  |  Read  |  Post a Comment
Smartphone Infections Rise 96% In H1-2016: Malware Study
Dark Reading Staff, Quick Hits
Nokia report reveals April 2016 saw new all-time high in mobile infections with one out of every 120 smartphone affected.
By Dark Reading Staff , 9/20/2016
Comment0 comments  |  Read  |  Post a Comment
Scientist Clones Chip To Unlock iPhone, Proves FBI Wrong
Dark Reading Staff, Quick Hits
Dr. Sergei Skorobogatov of Cambridge University spent $100 on a process that may have cost FBI $1 million.
By Dark Reading Staff , 9/20/2016
Comment0 comments  |  Read  |  Post a Comment
San Bernardino iPhone Hack: Media Agencies Sue FBI For Vendor Details
Dark Reading Staff, Quick Hits
Associated Press and two others invoke Freedom of Information Act against the government seeking details of secret transaction.
By Dark Reading Staff , 9/19/2016
Comment0 comments  |  Read  |  Post a Comment
A Moving Target: Tackling Cloud Security As A Data Issue
Sheila B. Jordan, SVP & CIO, SymantecCommentary
Todays challenge is protecting critical information that an increasingly mobile workforce transfers every day between clouds, between cloud and mobile, and between cloud, mobile, and IoT.
By Sheila B. Jordan SVP & CIO, Symantec, 9/13/2016
Comment1 Comment  |  Read  |  Post a Comment
Multi-Factor IT Authentication Hampers Progress, Say 47% US Companies
Dark Reading Staff, Quick Hits
IS Decisions survey finds organizations are looking for alternate to multi-factor verification, which they believe takes up time and slows productivity.
By Dark Reading Staff , 9/9/2016
Comment3 comments  |  Read  |  Post a Comment
Another IoT-Dominated Botnet Rises With Almost 1M Infected Devices
Ericka Chickowski, Contributing Writer, Dark ReadingNews
BASHLITE malware fuels another DDoS botnet made up primarily of flaw-ridden internet of things devices
By Ericka Chickowski Contributing Writer, Dark Reading, 8/30/2016
Comment0 comments  |  Read  |  Post a Comment
Multiple Apple iOS Zero-Days Enabled Firm To Spy On Targeted iPhone Users For Years
Jai Vijayan, Freelance writerNews
Victims of lawful intercepts include human rights activists and journalist, researchers from Citizen Lab and Lookout say.
By Jai Vijayan Freelance writer, 8/26/2016
Comment0 comments  |  Read  |  Post a Comment
Apple Releases Patch For 'Trident,' A Trio Of iOS 0-Days
Dark Reading Staff, Quick Hits
Already rolled into the Pegasus spyware product and used to target social activists, the vulnerabilities are fixed in iOS 9.3.5.
By Dark Reading Staff , 8/25/2016
Comment1 Comment  |  Read  |  Post a Comment
The Secret Behind the NSA Breach: Network Infrastructure Is the Next Target
Yoni Allon, Research Team Leader, LightCyberCommentary
How the networking industry has fallen way behind in incorporating security measures to prevent exploits to ubiquitous routers, proxies, firewalls, and switches.
By Yoni Allon Research Team Leader, LightCyber, 8/25/2016
Comment0 comments  |  Read  |  Post a Comment
Newly Announced Chipset Vuln Affects 900 Million Android Devices
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Check Point Research Team details four vulnerabilities that can easily lead to full privilege escalation.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/8/2016
Comment0 comments  |  Read  |  Post a Comment
8 Alternatives to Selfie Authentication
Terry Sweeney, Contributing Editor
How to definitively prove your identity? A variety of anatomical parts and functions may soon be able to vouch for you.
By Terry Sweeney Contributing Editor, 8/4/2016
Comment1 Comment  |  Read  |  Post a Comment
Awareness Improving But Security Still Lags For SAP Implementations
Ericka Chickowski, Contributing Writer, Dark ReadingNews
SAP ecosystem a huge Achilles heel for enterprise system security, report says.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/2/2016
Comment0 comments  |  Read  |  Post a Comment
How To Stay Safe On The Black Hat Network: Dont Connect To It
Neil R. Wyler (Grifter), Threat Hunting and Incident Response Specialist, RSACommentary
Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and theres no better place to do it than Black Hat.
By Neil R. Wyler (Grifter) Threat Hunting and Incident Response Specialist, RSA, 7/28/2016
Comment11 comments  |  Read  |  Post a Comment
10 Hottest Talks at Black Hat USA 2016
Sean Martin, CISSP | President, imsmartin
The impressive roll call of speakers offers a prime opportunity to learn from the very best of the information security world.
By Sean Martin CISSP | President, imsmartin, 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
Crooks Hack Taiwan ATMs With 'Smartphone,' No Bank Card, Steal Millions
Dark Reading Staff, Quick Hits
Police say Russian suspects operate ATM machines without bank card, make off with $2.2 million.
By Dark Reading Staff , 7/18/2016
Comment1 Comment  |  Read  |  Post a Comment
HummingBad Malware Infects 85 Million Android Devices
Nathan Eddy, Freelance WriterNews
A group of Chinese hackers dubbed Yingmob is using a sophisticated malware campaign called HummingBad to access and sell the info stored on Android devices. The malware may have already infected 85 million devices.
By Nathan Eddy Freelance Writer, 7/9/2016
Comment9 comments  |  Read  |  Post a Comment
Ripping Away The Mobile Security Blanket
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Upcoming Black Hat USA talk will highlight vulns in Good Technology platform and discuss the dangers of overreliance on enterprise mobility security suites.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/7/2016
Comment1 Comment  |  Read  |  Post a Comment
UEFA Euro Fans At High Risk Of Online Threats, Study Shows
Dark Reading Staff, Quick Hits
A study by Allot and Kaspersky Lab during 2016 UEFA Euro matches shows significant spike in cybercriminal activities.
By Dark Reading Staff , 7/7/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Joe Stanganelli
Current Conversations "Relax.  I got it cheep."
In reply to: d
Post Your Own Reply
Posted by Joe Stanganelli
Current Conversations "What's this movie rated?"
In reply to: c
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If youre still focused on securing endpoints, youve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.