Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in December 2017
Rapid Growth in Security Market Raises Question: How to Pick a Startup
News  |  12/28/2017  | 
VCs weigh in with their advice on how to select a startup with staying power when purchasing security solutions and services.
The Financial Impact of Cyber Threats
Commentary  |  12/27/2017  | 
Determining the financial impact of specific IT vulnerabilities is a good way to prioritize remediation and prevent attacks.
2017 Security Predictions through the Rear Window
Commentary  |  12/26/2017  | 
If you're going to forecast the future, go big.
Network Printer & Scanner Spoofing Campaign Targets Millions
Quick Hits  |  12/22/2017  | 
Cybercriminals distribute malicious email attachments purportedly coming from three common brands of network printer-scanner devices.
Facebook Helps Users Detect Phishing Emails
Quick Hits  |  12/21/2017  | 
A new Facebook tool shares recent security-related emails so users can verify whether messages are legitimate.
9 Banking Trojans & Trends Costing Businesses in 2017
Slideshows  |  12/20/2017  | 
New Trojans appeared, old ones resurfaced, and delivery methods evolved as cybercriminals set their sights on financial data.
Mobile Device Makers Increasingly Embrace Bug Bounty Programs
News  |  12/15/2017  | 
Samsung is the latest to join a small group of smartphone makers to cast their net wide on catching vulnerabilities in their devices.
BlueBorne Attack Highlights Flaws in Linux, IoT Security
News  |  12/14/2017  | 
Bluetooth vulnerabilities let attackers control devices running Linux or any OS derived from it, putting much of the Internet of Things at risk, including popular consumer products.
Google Play Offered Fewer Blacklisted Mobile Apps in Q3
News  |  12/13/2017  | 
Third-party AndroidAPKDescargar store carried the most blacklisted mobile apps.
8 Out of 10 Employees Use Unencrypted USB Devices
Quick Hits  |  12/12/2017  | 
Security policies for USB drivers are severely outdated or inadequate, a report finds.
Employees on Public WiFi Rarely Face Man-in-the-Middle Attacks
News  |  12/12/2017  | 
Employees' corporate mobile devices are connected to WiFi networks on average 74% of the time.
Android Ransomware Kits on the Rise in the Dark Web
News  |  12/7/2017  | 
More than 5,000 Android ransomware kit listings have been spotted so far this year, with the median price range hitting $200.
Man-in-the-Middle Flaw in Major Banking, VPN Apps Exposes Millions
News  |  12/7/2017  | 
New research from University of Birmingham emphasizes importance of securing high-risk mobile apps.
The Rising Dangers of Unsecured IoT Technology
Commentary  |  12/4/2017  | 
As government regulation looms, the security industry must take a leading role in determining whether the convenience of the Internet of Things is worth the risk and compromise of unsecured devices.
Tips for Writing Better Infosec Job Descriptions
News  |  12/4/2017  | 
Security leaders frustrated with their talent search may be searching for the wrong skills and qualifications.
Hacked IV Pumps and Digital Smart Pens Can Lead to Data Breaches
News  |  12/4/2017  | 
Researcher to reveal IoT medical device dangers at Black Hat Europe this week.
Sallie Mae CISO: 4 Technologies That Will Shape IT Security
News  |  12/1/2017  | 
'The world as we know it will vanish,' according to Jerry Archer.


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21238
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping bec...
CVE-2021-21239
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ...
CVE-2021-21253
PUBLISHED: 2021-01-21
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for attacker...
CVE-2020-4966
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
CVE-2020-4968
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.