Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in June 2014
How Microsoft Cracks The BYOD Code: 3 Tips
Commentary  |  6/30/2014  | 
Microsofts CISO shares best-practices for balancing employee autonomy and security in todays bring-your-own world.
3 Mobile Security Tips For SMBs
Commentary  |  6/27/2014  | 
Everyone in an organization has to work together to combat intrusions and data loss, but this is especially true for small businesses.
Cloud Security: Think Todays Reality, Not Yesterdays Policy
Commentary  |  6/25/2014  | 
SaaS, BYOD, and mobility are inseparable, yet time and time again companies attempt to compartmentalize the three when they make a move to the cloud. That's a big mistake.
PayPal Two-Factor Authentication Broken
News  |  6/25/2014  | 
Researchers discover a way to bypass the extra layer of security for mobile PayPal app accounts.
Governments Use 'Legal' Mobile Malware To Spy On Citizens
News  |  6/24/2014  | 
New research shows how C&C infrastructure and mobile Trojans are packaged by one firm offering worldwide governments the means to spy on everyday criminals and political targets.
Google Play Apps Expose Users To Attack
Quick Hits  |  6/19/2014  | 
Researchers discover thousands of Android app developers store secret keys in their apps.
Malicious Google Play Clone Steals Banking Credentials
News  |  6/18/2014  | 
Google, FireEye disrupt sneaky Android malware operation.
Data Security Decisions In A World Without TrueCrypt
Commentary  |  6/18/2014  | 
The last days of TrueCrypt left many unanswered questions. But one thing is certain: When encryption freeware ends its life abruptly, being a freeloader can get you into a load of trouble.
VDI Under The Security Microscope
News  |  6/13/2014  | 
Black Hat USA researchers explore security risks with virtual desktop infrastructure with BYOD.
If HTML5 Is The Future, What Happens To Access Control?
Commentary  |  6/5/2014  | 
The solution for multi-device deployment is HTML5. The challenge, for the enterprise, is deploying it correctly. Here are seven tools you will need.


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.