Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in February 2018
New Android Malware Family Highlights Evolving Mobile Threat Capabilities
News  |  2/28/2018  | 
RedDrop can steal data, record audio, and rack up SMS charges for victims, says Wandera.
Threats from Mobile Ransomware & Banking Malware Are Growing
News  |  2/26/2018  | 
The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.
10 Can't-Miss Talks at Black Hat Asia
Slideshows  |  2/23/2018  | 
With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
News  |  2/21/2018  | 
Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
Can Android for Work Redefine Enterprise Mobile Security?
Commentary  |  2/13/2018  | 
Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.
Google Paid $2.9M for Vulnerabilities in 2017
News  |  2/9/2018  | 
The Google Vulnerability Reward Program issued a total of 1,230 rewards in 2017. The single largest payout was $112,500.
Apple iOS iBoot Secure Bootloader Code Leaked Online
Quick Hits  |  2/8/2018  | 
Lawyers for Apple called for the source code to be removed from GitHub.
Identity Fraud Hits All-Time High in 2017
News  |  2/6/2018  | 
Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.
Mastering Security in the Zettabyte Era
Commentary  |  2/5/2018  | 
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
3 Ways Hackers Steal Your Company's Mobile Data
Commentary  |  2/2/2018  | 
The most effective data exfiltration prevention strategies are those that are as rigorous in vetting traffic entering the network as they are traffic leaving it.


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.