Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in October 2020
New Wroba Campaign Is Latest Sign of Growing Mobile Threats
News  |  10/30/2020  | 
After years of mostly targeting users in Japan, Korea, and other countries in the region, operators of the Trojan expanded their campaign to the US this week.
Akamai Acquires Asavie
Quick Hits  |  10/27/2020  | 
Asavie's mobile, IoT, and security products and services will become part of the Akamai Security and Personalization Services product line.
7 Mobile Browsers Vulnerable to Address-Bar Spoofing
News  |  10/22/2020  | 
Flaws allow attackers to manipulate URLs users see on their mobile devices, Rapid7 says.
As Smartphones Become a Hot Target, Can Mobile EDR Help?
News  |  10/21/2020  | 
Lookout Security debuts a mobile endpoint detection and response offering that will integrate into its mobile security platform.
Microsoft Tops Q3 List of Most-Impersonated Brands
News  |  10/19/2020  | 
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.
A 7-Step Cybersecurity Plan for Healthcare Organizations
Slideshows  |  10/12/2020  | 
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
How to Pinpoint Rogue IoT Devices on Your Network
News  |  10/12/2020  | 
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.
Latest Version of MalLocker Android Ransomware Packs New Tricks
News  |  10/9/2020  | 
Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.
Cyberattacks Up, But Companies (Mostly) Succeed in Securing Remote Workforce
News  |  10/8/2020  | 
Despite fears that the burgeoning population of remote workers would lead to breaches, companies have held their own, a survey of threat analysts finds.
Google Brings Password Protection to iOS, Android in Chrome 86
Quick Hits  |  10/6/2020  | 
Chrome 86 will alert users when stored passwords are compromised, and block or warn of insecure downloads, among other security updates.
Malware for Ad Fraud Gets More Sophisticated
News  |  10/6/2020  | 
Facebook says SilentFade campaign disabled notifications that could have warned users that their accounts had been compromised.
Android Camera Bug Under the Microscope
News  |  10/5/2020  | 
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim's camera and take photos, record videos, and learn location.
Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink'
News  |  10/1/2020  | 
With twice as much malware now targeting Macs, IT pros need to scramble to adapt to a large, and likely permanent, work-from-home population, experts say.


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.