Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Mobile posted in September 2016
EMV: The Anniversary Of One Deadline, The Eve of Another
News  |  9/29/2016  | 
How merchants and criminals responded since the EMV liability shift for point-of-sale devices one year ago. And what changes can we expect after the liability shift for ATMs, which is just days away?
FBI Probes Bid To Hack Democratic Party Officials Phones, Sources Say
Quick Hits  |  9/28/2016  | 
Russia-backed criminals again likely to be behind this hacking which, if proven, could involve theft of sensitive data, say the sources.
Mobile Fraud Changes Outlook for Multifactor Authentication
Commentary  |  9/27/2016  | 
SMS one-time passcodes just won't cut it anymore. We need new approaches that people will actually use.
Smartphone Infections Rise 96% In H1-2016: Malware Study
Quick Hits  |  9/20/2016  | 
Nokia report reveals April 2016 saw new all-time high in mobile infections with one out of every 120 smartphone affected.
Scientist Clones Chip To Unlock iPhone, Proves FBI Wrong
Quick Hits  |  9/20/2016  | 
Dr. Sergei Skorobogatov of Cambridge University spent $100 on a process that may have cost FBI $1 million.
San Bernardino iPhone Hack: Media Agencies Sue FBI For Vendor Details
Quick Hits  |  9/19/2016  | 
Associated Press and two others invoke Freedom of Information Act against the government seeking details of secret transaction.
A Moving Target: Tackling Cloud Security As A Data Issue
Commentary  |  9/13/2016  | 
Todays challenge is protecting critical information that an increasingly mobile workforce transfers every day between clouds, between cloud and mobile, and between cloud, mobile, and IoT.
Multi-Factor IT Authentication Hampers Progress, Say 47% US Companies
Quick Hits  |  9/9/2016  | 
IS Decisions survey finds organizations are looking for alternate to multi-factor verification, which they believe takes up time and slows productivity.


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.