Ransomware Leads Surge In 2014 Mobile Malware ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

impactnow,
User Rank: Strategist
1/21/2015 | 1:16:31 PM

User error and software issues

Do you think the current software is adequate to protect our phones or do you think its lack of using antispyware and virus software on phones that is causing the issue? While there will always be user error in responding to scams, if phones were preloaded with protective software we may evade some of these issues.

Reply | Post Message | Messages List | Start a Board

RyanSepe,
User Rank: Ninja
1/21/2015 | 9:01:30 AM

MDM and EMM

Has MDM implementations such as Mobile Iron at the enterprise level decreased or eradicated this threat? Or does anyone have experience to the effect of ransomware being present even with an MDM solution? Enterprise approved apps seem to be the security best practice when it comes to MDM.

Reply | Post Message | Messages List | Start a Board

RyanSepe,
User Rank: Ninja
1/21/2015 | 8:57:58 AM

Application Review

More of a reason as to why validation of these apps need to be approved by the OS owner (Apple, Android, etc). I know Apple does this to some degree (I am sure some apps slip through regardless) but Android seems to be an open market. For this reason I would posit that this type of attack would be more prevalent on android devices but I would like to see the raw data around it. Does anyone have data to contrast or strengthen my statement?

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Cybersecurity Outlook 2023 - December 13 Event

[FREE Virtual Event] The Identity Crisis

More Informa Tech Live Events

White Papers

How Machine Learning, AI & Deep Learning Improve Cybersecurity

State of Email Security

State of Ransomware Readiness: Facing the Reality Gap

How Hybrid Work Fuels Ransomware Attacks

Implementing Zero Trust In Your Enterprise: How to Get Started

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Developing and Testing an Effective Breach Response Plan

Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2022-46826
PUBLISHED: 2022-12-08

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.

CVE-2022-46827
PUBLISHED: 2022-12-08

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.

CVE-2022-46828
PUBLISHED: 2022-12-08

In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.

CVE-2022-46829
PUBLISHED: 2022-12-08

In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.

CVE-2022-46830
PUBLISHED: 2022-12-08

In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]