Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in July 2019
Apple Device Management Firm Jamf Acquires Digita Security
Quick Hits  |  7/31/2019  | 
Digita Security's Apple Mac endpoint protection solutions will join Jamf's MDM suite for iOS and MacOS.
8 Free Tools to Be Showcased at Black Hat and DEF CON
Slideshows  |  7/31/2019  | 
Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.
Apple iOS Flaw Could Give Attacker Access via iMessage
Quick Hits  |  7/30/2019  | 
Google Project Zero researchers found an iOS vulnerability that could let an attacker snoop on a victim's phone remotely.
CISOs Must Evolve to a Data-First Security Program
Commentary  |  7/30/2019  | 
Such a program will require effort and reprioritization, but it will let your company fight modern-day threats and protect your most important assets.
9 Things That Don't Worry You Today (But Should)
Slideshows  |  7/29/2019  | 
There are security concerns that go far beyond the usual suspects. Here are some that should be on your list of scary things.
Android Spyware Has Ties to Election Interference
News  |  7/25/2019  | 
Recently revealed surveillance-ware comes from a consultant with close ties to Russia's GRU who was sanctioned by the US for election-tampering.
Android Malware 'Triada' Most Active on Telco Networks
News  |  7/25/2019  | 
Google in May disclosed that several Android devices had been shipped pre-installed with the RAT.
CISA Warns Public About the Risks of 5G
Quick Hits  |  7/23/2019  | 
Vulnerabilities include everything from physical risks through the supply chain to business risks.
Europol Head Fears 5G Will Give Criminals an Edge
Quick Hits  |  7/19/2019  | 
Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.
Sprint Reveals Account Breach via Samsung Website
News  |  7/17/2019  | 
The last-June breach exposed data including names, phone numbers, and account numbers.
Security Snapshot: OS, Authentication, Browser & Cloud Trends
News  |  7/16/2019  | 
New research shows cloud apps are climbing, SMS authentication is falling, Chrome is the enterprise browser favorite, and Android leads outdated devices.
Flaws in Telegram & WhatsApp on Android Put Data at Risk
News  |  7/15/2019  | 
App settings combined with Android behavior can put data integrity at risk for WhatsApp and Telegram users.
Industry Insight: Checking Up on Healthcare Security
News  |  7/10/2019  | 
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.
Financial Firms Face Threats from Employee Mobile Devices
News  |  7/10/2019  | 
A new report says that phishing and man-in-the-middle attacks are major risks to financial institutions - via mobile devices in the hands of their employees.
Why You Need a Global View of IT Assets
Commentary  |  7/10/2019  | 
It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.
New 'WannaHydra' Malware a Triple Threat to Android
News  |  7/3/2019  | 
The latest variant of WannaLocker is a banking Trojan, spyware tool, and ransomware.


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21238
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping bec...
CVE-2021-21239
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ...
CVE-2021-21253
PUBLISHED: 2021-01-21
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for attacker...
CVE-2020-4966
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
CVE-2020-4968
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.