Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Mobile
Page 1 / 2   >   >>
Google Increases Top Android Hacking Prize to $1M
Quick Hits  |  11/21/2019  | 
Google expands its Android Security Rewards program and multiplies its top cash prize from $200,000 to $1 million.
Employee Privacy in a Mobile Workplace
Commentary  |  11/20/2019  | 
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
Vulnerability Could Give Criminals Camera Control on Millions of Android Smartphones
Quick Hits  |  11/20/2019  | 
Unauthorized activities could be triggered even if a phone is locked, its screen is turned off, or a person is in the middle of a call.
Facebook Discloses WhatsApp MP4 Video Vulnerability
Quick Hits  |  11/18/2019  | 
A stack-based buffer overflow bug can be exploited by sending a specially crafted video file to a WhatsApp user.
Google Announces App Defense Alliance
Quick Hits  |  11/6/2019  | 
The industry partnership will scan apps for malware before they're published on the Google Play Store.
Google Launches OpenTitan Project to Open Source Chip Security
News  |  11/5/2019  | 
OpenTitan is an open source collaboration among Google and technology companies to strengthen root-of-trust chip design.
US Lawmakers Fear Chinese-Owned TikTok Poses Security Risk
Quick Hits  |  10/28/2019  | 
The popular video app has more than 110 million downloads in the United States and could give China access to users' personal data, they say.
40% of Security Pros Job Hunting as Satisfaction Drops
News  |  10/24/2019  | 
Symptoms of job dissatisfaction creep into an industry already plagued with gaps in diversity and work-life balance.
Apple Boots 17 Trojan-Laden Apps From Mobile Store
News  |  10/24/2019  | 
Malware was designed to carry out click-fraud, Wandera says.
Mobile Users Targeted With Malware, Tracked by Advertisers
News  |  10/24/2019  | 
Cybercriminals continue to seed app stores with malicious apps, advanced attackers successfully compromise mobile devices, and advertisers continue to track users, new reports show.
8 Tips for More Secure Mobile Computing
Slideshows  |  10/23/2019  | 
Mobile devices are a huge part of enterprise IT. Here's what to advise their users to do to keep their devices and critical business data best protected.
FIDO-Based Authentication Arrives for Smartwatches
News  |  10/22/2019  | 
The Nok Nok App SDK for Smart Watch is designed to let businesses implement FIDO-based authentication on smartwatches.
Schadenfreude Is a Bad Look & Other Observations About Recent Disclosures
Commentary  |  10/16/2019  | 
The debate about whether Android or iOS is the more inherently secure platform misses the larger issues that both platforms are valuable targets and security today is no guarantee of security tomorrow.
USB Drive Security Still Lags
Quick Hits  |  10/9/2019  | 
While USB drives are frequent pieces of business hardware, a new report says that one-third of US businesses have no policy governing their use.
How the Software-Defined Perimeter Is Redefining Access Control
Commentary  |  10/9/2019  | 
In a world where traditional network boundaries no longer exist, VPNs are showing their age.
FBI Investigates Mobile Voting Intrusion
Quick Hits  |  10/4/2019  | 
A group tried to access West Virginia's mobile voting app in 2018; now, the FBI is looking into what actually happened.
Android 0-Day Seen Exploited in the Wild
Quick Hits  |  10/4/2019  | 
The local privilege escalation vulnerability affects Pixel, Samsung, Huawei, Xiaomi, and other devices.
Stalkerware on the Rise Globally
Quick Hits  |  10/2/2019  | 
Stalkware is being installed on more and more victims' devices, and the trend is only accelerating, according to a new report.
Apple Patches Multiple Vulnerabilities Across Platforms
Quick Hits  |  9/27/2019  | 
Updates address two separate issues in Apple's desktop and mobile operating systems.
7 Ways VPNs Can Turn from Ally to Threat
Slideshows  |  9/21/2019  | 
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.
Instagram Bug Put User Account Details, Phone Numbers at Risk
News  |  9/12/2019  | 
The vulnerability, now patched, is the latest in a series of bad news for Facebook.
New Privacy Features in iOS 13 Let Users Limit Location Tracking
News  |  9/10/2019  | 
Apple will introduce other features that allow more secure use of iPhones in workplace settings as well.
5G Standard to Get New Security Specifications
News  |  9/4/2019  | 
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.
Android Phone Flaw Allows Attackers to Divert Email
News  |  9/4/2019  | 
Researchers find that a spoofing a service message from the phone carrier is simple and effective on some brands of Android smartphones.
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Quick Hits  |  8/30/2019  | 
Twitter CEO Jack Dorsey's Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
Google Announces New, Expanded Bounty Programs
Quick Hits  |  8/29/2019  | 
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
TrickBot Comes to Cellular Carriers
Quick Hits  |  8/28/2019  | 
A new malicious campaign seeks cell account PINs from victims.
Malware Found in Android App with 100M Users
Quick Hits  |  8/28/2019  | 
CamScanner, a legitimate app used to scan and manage documents, was found executing payloads on Android devices.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Slideshows  |  8/27/2019  | 
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
Apple Releases Emergency Patch for iPhone Jailbreak Flaw
Quick Hits  |  8/26/2019  | 
iOS version 12.4.1 fixes the "use after free" vulnerability.
More Than Half of Social Media Login Attempts Are Fraud
News  |  8/26/2019  | 
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
SafeGuard Cyber Adds Security, Compliance Capabilities for WeChat
Quick Hits  |  8/22/2019  | 
A lack of visibility into the app could expose business users to compliance risks and security threats, the company says.
'Box Shield' Brings New Security Controls
News  |  8/21/2019  | 
New controls and threat detection capabilities built into Box aim to prevent accidental data leakage and misuse.
Apple Misstep Leaves iPhones Open to Jailbreak
News  |  8/20/2019  | 
Newest version of iOS contains a critical bug that the company had previously already patched.
Apple's New Bounty Program Has Huge Incentives, Big Risks
News  |  8/13/2019  | 
Industry observers applaud the program's ability to find exploits but fear unintended consequences.
More Focus on Security as Payment Technologies Proliferate
News  |  8/12/2019  | 
Banks and merchants are expanding their payment offerings but continue to be wary of the potential fraud risk.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Researchers Show Vulnerabilities in Facial Recognition
News  |  8/7/2019  | 
The algorithms that check for a user's 'liveness' have blind spots that can lead to vulnerabilities.
Fighting Back Against Mobile Fraudsters
Commentary  |  8/5/2019  | 
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
47% of Android Anti-Malware Apps Are Flawed
News  |  8/1/2019  | 
Protection failures come at a time when malicious Android software is becoming more of a problem.
Demystifying New FIDO Standards & Innovations
Commentary  |  8/1/2019  | 
Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.
Apple Device Management Firm Jamf Acquires Digita Security
Quick Hits  |  7/31/2019  | 
Digita Security's Apple Mac endpoint protection solutions will join Jamf's MDM suite for iOS and MacOS.
8 Free Tools to Be Showcased at Black Hat and DEF CON
Slideshows  |  7/31/2019  | 
Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.
Apple iOS Flaw Could Give Attacker Access via iMessage
Quick Hits  |  7/30/2019  | 
Google Project Zero researchers found an iOS vulnerability that could let an attacker snoop on a victim's phone remotely.
CISOs Must Evolve to a Data-First Security Program
Commentary  |  7/30/2019  | 
Such a program will require effort and reprioritization, but it will let your company fight modern-day threats and protect your most important assets.
9 Things That Don't Worry You Today (But Should)
Slideshows  |  7/29/2019  | 
There are security concerns that go far beyond the usual suspects. Here are some that should be on your list of scary things.
Android Spyware Has Ties to Election Interference
News  |  7/25/2019  | 
Recently revealed surveillance-ware comes from a consultant with close ties to Russia's GRU who was sanctioned by the US for election-tampering.
Android Malware 'Triada' Most Active on Telco Networks
News  |  7/25/2019  | 
Google in May disclosed that several Android devices had been shipped pre-installed with the RAT.
CISA Warns Public About the Risks of 5G
Quick Hits  |  7/23/2019  | 
Vulnerabilities include everything from physical risks through the supply chain to business risks.
Europol Head Fears 5G Will Give Criminals an Edge
Quick Hits  |  7/19/2019  | 
Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.
Page 1 / 2   >   >>


I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2079
PUBLISHED: 2019-11-22
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
CVE-2019-11325
PUBLISHED: 2019-11-21
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
CVE-2019-18887
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
CVE-2019-18888
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. T...
CVE-2019-18889
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.