Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Mobile
Page 1 / 2   >   >>
Building Security Strategies in Sub-Saharan Africa: Trends and Concerns
News  |  7/2/2020  | 
Security experts discuss the rise in cybercrime affecting sub-Saharan Africa and the necessary changes to improve security.
7 IoT Tips for Home Users
Slideshows  |  7/2/2020  | 
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
FCC Designates Huawei & ZTE as National Security Threats
News  |  6/30/2020  | 
Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
Apple Buys Fleetsmith
Quick Hits  |  6/24/2020  | 
The fleet management company becomes part of Apple in a deal announced today.
No Internet Access? Amid Protests, Here's How to Tell Whether the Government Is Behind it
News  |  6/24/2020  | 
Government-mandated Internet shutdowns occur far more regularly than you might expect.
Microsoft Previews Windows Defender ATP for Android
Quick Hits  |  6/23/2020  | 
In addition, the first release of Defender ATP for Linux is now generally available.
Twitter Says Business Users Were Vulnerable to Data Breach
Quick Hits  |  6/23/2020  | 
The now-patched vulnerability left business users' personal information in web browser caches for anyone to find.
Pandemic Accelerates Priceline's 'Coffee Shop' Remote-Access Strategy
News  |  6/22/2020  | 
The travel-booking giant had been slowly starting to transition away from VPN dependence. Then COVID-19 happened, and suddenly 700 third-party call-center workers were working from home.
Employees Say They're Working From Home Without Security Guidance
Quick Hits  |  6/22/2020  | 
Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.
FBI Says Sudden Increase in Mobile Banking Is Heightening Risks For Users
News  |  6/11/2020  | 
Mobile malware and fake apps purporting to be legitimate banking software are big risks, law enforcement agency says.
Protocol Vulnerability Threatens Mobile Networks
Quick Hits  |  6/11/2020  | 
A vuln in the GTP protocol could allow DoS, fraud, and data theft attacks against cellular networks from virtually anywhere.
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Quick Hits  |  6/10/2020  | 
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
Asset Management Mess? How to Get Organized
News  |  6/10/2020  | 
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
Mobile Phishing Attacks Increase Sharply
News  |  6/2/2020  | 
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
Apple Pays Researcher $100,000 for Critical Vulnerability
News  |  6/1/2020  | 
Apple has fixed a flaw in the "Sign in with Apple" feature that could have enabled attackers to break into user accounts for third-party services.
Abandoned Apps May Pose Security Risk to Mobile Devices
News  |  5/29/2020  | 
Mobile providers don't often update users when applications are not supported by developers, security firm says.
StrandHogg 2.0 Emerges as 'Evil Twin' to Android Threat
News  |  5/26/2020  | 
The vulnerability, which exists in almost every version of Android, is both more dangerous and harder to detect than its predecessor.
10 iOS Security Tips to Lock Down Your iPhone
Slideshows  |  5/22/2020  | 
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
Centralized Contact Tracing Raises Concerns Among Privacy-Conscious Citizens
News  |  5/21/2020  | 
The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Commentary  |  5/20/2020  | 
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
4 Challenges with Existing VPNs
Commentary  |  5/15/2020  | 
A VPN is a step in the right direction, but it's not the be-all and end-all when it comes to security and falls short in many ways.
More Tips for Staying Safe While Working from Home
Commentary  |  5/13/2020  | 
While some users are up to speed with the WFH protocol, it's worth adding a few more items to your security checklist.
Secure Contact Tracing Needs More Transparent Development
News  |  5/12/2020  | 
Experts worry that without proper planning, today's decisions about developing contact-tracing apps could have unforeseen consequences in the years to come.
6 Free Cybersecurity Training and Awareness Courses
Slideshows  |  5/12/2020  | 
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
Best Practices for Managing a Remote SOC
News  |  5/1/2020  | 
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
Quick Hits  |  5/1/2020  | 
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
Researchers Find Baby Banking Trojan, Watch It Grow
News  |  4/30/2020  | 
EventBot is an Android information stealer on its way to becoming a very capable piece of malware.
7 Fraud Predictions in the Wake of the Coronavirus
Commentary  |  4/29/2020  | 
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion
5-Year-Long Cyber Espionage Campaign Hid in Google Play
News  |  4/28/2020  | 
OceanLotus targeted Android devices in the so-called PhantomLance campaign.
Security Pros Reassigned to IT Tasks in Coronavirus Pandemic
Quick Hits  |  4/28/2020  | 
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
Health Prognosis on the Security of IoMT Devices? Not Good
News  |  4/25/2020  | 
As more so-called Internet of Medical Things devices go online, hospitals and medical facilities face significant challenges in securing them from attacks that could endanger patients' lives.
Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS
News  |  4/24/2020  | 
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.
Why Consumers, SMBs Are Likely to Fall for Coronavirus Scams
News  |  4/23/2020  | 
Data reveals both a lack of skepticism and a willingness to engage with emails crafted to seem like government communications.
The Evolving Threat of Credential Stuffing
Commentary  |  4/23/2020  | 
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks
News  |  4/22/2020  | 
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
Viral WhatsApp Scam Promises Free Streaming Services
Quick Hits  |  4/21/2020  | 
Cybercriminals capitalize on the popularity of media and entertainment to target consumers looking for at-home activities.
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
News  |  4/21/2020  | 
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
News  |  4/16/2020  | 
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.
Post Pandemic, Technologists Pose Secure Certification for Immunity
News  |  4/16/2020  | 
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
Man-in-the-Middle Attacks: A Growing but Preventable Mobile Threat
Commentary  |  4/15/2020  | 
Hackers are upping their game, especially as they target mobile devices.
TikTok Vulnerability Leaves Users Open to Fake News
Quick Hits  |  4/14/2020  | 
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
Apple Is Top Pick for Brand Phishing Attempts
Quick Hits  |  4/14/2020  | 
Ten percent of all brand phishing attempts in the first quarter of 2020 tried to deceive victims by imitating the Apple brand.
7 Ways COVID-19 Has Changed Our Online Lives
Slideshows  |  4/14/2020  | 
The pandemic has driven more of our personal and work lives online and for the bad guys, business is booming. Here's how you can protect yourself.
Researchers Fool Biometric Scanners with 3D-Printed Fingerprints
News  |  4/8/2020  | 
Tests on the fingerprint scanners of Apple, Microsoft, and Samsung devices reveal it's possible to bypass authentication with a cheap 3D printer.
'Unkillable' Android Malware App Continues to Infect Devices Worldwide
News  |  4/8/2020  | 
The xHelper Trojan has compromised over 55,000 devices so far, Kaspersky says.
Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits
News  |  4/7/2020  | 
Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.
Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
News  |  4/3/2020  | 
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.
A Day in The Life of a Pen Tester
News  |  4/2/2020  | 
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.
Does the 2020 Online Census Account for Security Risk?
News  |  3/31/2020  | 
Experts discuss the security issues surrounding a census conducted online and explain how COVID-19 could exacerbate the risk.
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Slideshows  |  3/31/2020  | 
These products and services could be of immediate help to infosec pros now protecting their organizations while working from home.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.