Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in November 2016
The Rise Of SecBizOps & Why It Matters
Commentary  |  11/30/2016  | 
By aligning security dollars and technology with core business requirements, infosec can become a business enabler, not a business impediment.
Cybersecurity User Training That Sticks: 3 Steps
Commentary  |  11/29/2016  | 
People are eager for common-sense advice that gives them control over their environment and helps them stay safe online.
Q&A: SonicWall CEO Talks Rise Of Ransomware, IoT
News  |  11/28/2016  | 
Bill Conner discusses security risks at top of mind as the newly appointed leader of SonicWall, a company becoming independent for the second time.
WindTalker Attack Finds New Vulnerabilities in Wi-Fi Networks
News  |  11/21/2016  | 
White hat researchers show how hackers read keystrokes to potentially compromise cellphone and tablet users on public Wi-Fi and home networks.
Millions Exposed In Data Breach At UK Telecom Three
Quick Hits  |  11/21/2016  | 
Three, a British ISP and telecom company, suffers major breach of its upgrade database, impacting two-thirds of its 9 million users.
China's Jinping Opens Tech Meet With Calls For 'Fair & Equitable' Internet
Quick Hits  |  11/18/2016  | 
The third Wuzhen World Internet Conference had a strong presence of US tech companies despite criticism of Chinas Internet laws.
Firmware Secretly Sent Text, Call Data On Android Users To China
News  |  11/15/2016  | 
Several Android models sold in the US likely impacted, says Kryptowire
More Than Half Of Android Devices Run Outdated Browsers
News  |  11/15/2016  | 
Researchers discovered 59% of Android devices run out-of-date Chrome browsers, increasing enterprise exposure to hackers.
Is Fingerprint Authentication Making The Password Problem Worse?
Commentary  |  11/8/2016  | 
Problems emerge when users switch to a new phone.
4G Cellular Networks At Risk Of DoS Attacks
News  |  11/7/2016  | 
Black Hat Europe researcher shows how hackers can conduct denial-of-service attacks on 4G cellular devices around the world.


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-23359
PUBLISHED: 2021-01-27
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check.
CVE-2020-23360
PUBLISHED: 2021-01-27
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php
CVE-2020-23361
PUBLISHED: 2021-01-27
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
CVE-2021-25311
PUBLISHED: 2021-01-27
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
CVE-2021-25312
PUBLISHED: 2021-01-27
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.