News & Commentary
Latest Content tagged with Mobile
|
Mobile Exploit Fingerprints Devices with Sensor Calibration Data
Data from routines intended to calibrate motion sensors can identify individual iOS and Android devices in a newly released exploit.
Google to Replace Titan Security Keys Affected by Bluetooth Bug
A misconfiguration in Bluetooth Titan Security Keys' pairing protocols could compromise users under specific circumstances.
Introducing the Digital Transformation Architect
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
Commercial Spyware Uses WhatsApp Flaw to Infect Phones
A single flaw allowed attackers — thought to be linked to a government — to target human rights workers and install surveillance software by sending a phone request. The victims did not even have to answer.
Social Engineering Slams the C-Suite: Verizon DBIR
Criminals are also going after cloud-based email accounts, according to Verizon's '2019 Data Breach Investigations Report.'
Better Behavior, Better Biometrics?
Behavioral biometrics is a building block to be used in conjunction with other security measures, but it shows promise.
Security Top Concern as Mobile Providers Think 5G
The deployment of 5G networks will bring new use cases and revenue opportunities, mobile providers say, but security will be essential.
App Exposes Wi-Fi Credentials for Thousands of Private Networks
A database used by WiFi Finder was left open and unprotected on the Internet.
7 Tips for an Effective Employee Security Awareness Program
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
Meet Scranos: New Rootkit-Based Malware Gains Confidence
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
New Android Malware Adds Persistence, Targets Australian Banking Customers
Malware campaign, which finds and exfiltrates a user's contact list and banking credentials, could potentially grow to global proportions.
Android Phones Now Double as Physical Security Keys
Google debuted a series of security updates at Next 2019, giving users the option to use their phone as a second authentication factor.
'MuddyWater' APT Spotted Attacking Android
Cyber espionage attack group adds mobile malware to its toolset.
Stop Mocking & Start Enabling Emerging Technologies
Mocking new technology isn't productive and can lead to career disadvantage.
8 Steps to More Effective Small Business Security
Small business face the same security challenges as large enterprises but with much smaller security teams. Here are 8 things to do to get the most from yours.
Phishing Campaign Targeting Verizon Mobile Users
Lookout Phishing AI, which discovered the attack, says it has been going on since late November.
How iOS App Permissions Open Holes for Hackers
The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research.
Major Mobile Financial Apps Harbor Built-in Vulnerabilities
A wide variety of financial services companies' apps suffer from poor programing practices and unshielded data.
Nuanced Approach Needed to Deal With Huawei 5G Security Concerns
Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.
In the Race Toward Mobile Banking, Don't Forget Risk Management
The rise of mobile banking and payment services has sparked widespread adoption, making a focus on risk essential.
New Android Trojan Targets 100+ Banking Apps
'Gustuff' also designed to steal from cryptocurrency wallets, payment services, e-commerce apps.
Stealing Corporate Funds Still Top Goal of Messaging Attacks
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
GPS Spoof Hits Geneva Motor Show
Incident leaves GPS units showing a location in England and a date 17 years in the future.
'SimBad': Android Adware Hits 210 Apps with 150M Downloads
Google has removed infected applications from the Google Play store after a form of adware potentially affected millions of users.
The Case for Transparency in End-User License Agreements
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
5 Essentials for Securing and Managing Windows 10
It's possible to intelligently deploy and utilize Windows 10's many security enhancements while avoiding common and costly migration pitfalls.
Companies Having Trouble Translating Security to Mobile Devices
As more enterprise work takes place on mobile devices, more companies are feeling insecure about the security of their mobile fleet, according to a new Verizon report.
CrowdStrike Debuts Mobile Threat Detection System at RSA Conference
Falcon for Mobile offers detection and response capabilities for mobile platforms.
Whose Line Is It? When Voice Phishing Attacks Get Sneaky
Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.
New Arm Certification Aims to Secure IoT Devices
A three-tier certification regimen shows adherence to the Platform Security Architecture.
Lessons From the War on Malicious Mobile Apps
Despite the openness of the Android platform, Google has managed to keep its Play store mainly free of malware and malicious apps. Outside of the marketplace is a different matter.
6 Tips for Getting the Most from Your VPN
VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.
70% of Consumers Want Biometrics in the Workplace
Speed, simplicity, and security underscore their desire, a new study shows.
New Encryption Mode Brings Sincerity and Discretion to Low-Cost Android Devices
Adantium, developed by Google, brings communication encryption to bear on storage security.
A Dog's Life: Dark Reading Caption Contest Winners
What do a telephony protocol, butt-sniffing, and multifactor authentication have in common? A John Klossner cartoon! And the winners are ...
Apple Patches Group FaceTime Flaw
Teenaged Fortnite player gets credit for finding the bug.
Attacks on Automotive Systems Feared Likely
Yet few engineers feel empowered to do anything about them, a survey shows.
The 5 Stages of CISO Success, Past & Future
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
How Cybercriminals Clean Their Dirty Money
By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
The network no longer provides an air gap against external threats, but access devices can take up the slack.
US Judge: Police Can't Force Biometric Authentication
Law enforcement cannot order individuals to unlock devices using facial or fingerprint scans, a California judge says.
SCOTUS Says Suit Over Fiat-Chrysler Hack Can Move Forward
A class-action suit over a 2015 attack demonstration against a Jeep Cherokee can move forward, US Supreme Court rules.
Security Concerns Limit Remote Work Opportunities
When companies limit the remote work options that they know will benefit the organization, security concerns are often to blame.
Android Malware Hits Victims in 196 Countries
Malware disguised as games and utilities struck more than 100,000 victims before being taken out of Google Play.
'PowerSnitch' Hacks Androids via Power Banks
Researcher demonstrates how attackers could steal data from smartphones while they're charging.
Apple Issues Security Fixes Across Mac, iOS
Software updates for Mac and iOS bring patches to Safari, iCloud, iTunes on Windows, and tvOS.
BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance
BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
More Than 50% of Free Mobile VPN Apps Have Chinese Ties
In addition, most have "unacceptable" privacy policies and "non-existent user support."
Understanding Evil Twin AP Attacks and How to Prevent Them
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.
Guilty Plea Made in Massive International Cell Phone Fraud Case
A former West Palm Beach resident is the fifth defendant to plead guilty in a case involving thousands of victims.
|
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Well, if you hadn't made us skip the Lockpicking Village at DEF CON this year, MAYBE this wouldn't be an issue!"
Latest Comment: "Well, if you hadn't made us skip the Lockpicking Village at DEF CON this year, MAYBE this wouldn't be an issue!"
Current Issue
Building and Managing an IT Security Operations ProgramAs cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-7068
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
From DHS/US-CERT's National Vulnerability Database CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This