Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in April 2017
10 Cybercrime Myths that Could Cost You Millions
Commentary  |  4/29/2017  | 
Dont let a cybersecurity fantasy stop you from building the effective countermeasures you need to protect your organization from attack.
HHS Hits CardioNet with $2.5M HIPAA Settlement Fee
Quick Hits  |  4/26/2017  | 
The US Department of Health and Human Services slapped the mobile cardiac monitoring service with fee after breach of customer health data.
Microsoft App Aims to Delete the Password
News  |  4/26/2017  | 
Microsoft has officially launched its Authenticator app designed to simplify and secure user logins, raising questions about the future of password-free authentication.
Call Center Fraud Spiked 113% in 2016
News  |  4/26/2017  | 
Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.
Hyundai Blue Link Vulnerability Allows Remote Start of Cars
Quick Hits  |  4/25/2017  | 
Car maker Hyundai patched a vulnerability in its Blue Link software, which could potentially allow attackers to remotely unlock a vehicle and start it.
1 Out of 5 Companies Have Suffered Mobile Device Breach
Quick Hits  |  4/14/2017  | 
A survey on security solutions for mobile devices finds 24% don't even know if they have been breached.
Securing your Privacy on Android
Partner Perspectives  |  4/12/2017  | 
If you work at a company that allows you to use your mobile device to login to email, access company data, or connect to company Wi-Fi, youre more of a security risk than you think.
When Hacks Are about Image instead of Money
Commentary  |  4/11/2017  | 
If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Pegasus For Android Spyware Just As Lethal As iOS Version
News  |  4/6/2017  | 
Researchers from Lookout, Google describe it as highly sophisticated tool for targeted surveillance purposes.
McAfee's Back as an Independent Security Firm
News  |  4/4/2017  | 
Security firm is no longer part of Intel Corp.
Cybercriminals Seized Control of Brazilian Bank for 5 Hours
News  |  4/4/2017  | 
Sophisticated heist compromised major bank's entire DNS infrastructure.


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.