Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Companies Blindly Believe They've Locked Down Users' Mobile Use
Newest First  |  Oldest First  |  Threaded View
carlm21
50%
50%
carlm21,
User Rank: Apprentice
4/9/2018 | 1:35:04 AM
Re: Pardon me but ......
good one
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/21/2017 | 7:51:19 AM
Re: Pardon me but ......
A very fair point. That said, the fundamental problem I see is that there is no holistic data-protection design going into this. "Locked down" should not be the way to think about this issue because in this context (the way I see it) we're not talking about locking data down so much as regulating its flow.

To be certain, cybersecurity, data privacy, and compliance all do fall within the grander bucket of "data stewardship," but they also need to be thought of separately. Trying to achieve compliance and privacy goals while wearing a security hat is inevitably going to lead to failure.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/19/2017 | 5:12:21 PM
"limited"
Perhaps I need to more carefully review the study itself in context, but it seems that "limited" is the key word here. It's entirely possible that it's not as easy or readily accessible for employees to access these data -- but that they can still do it. So, to be fair, every little bit helps, I would tend to think.
nathandwyer
50%
50%
nathandwyer,
User Rank: Apprentice
11/17/2017 | 1:34:29 AM
Re: Pardon me but ......
Yea...thats really a informative post. I'm new blogger it would be sure helpful information for me i always keep in mind Thanks for sharing.
keith1mathew
100%
0%
keith1mathew,
User Rank: Apprentice
11/15/2017 | 7:18:36 AM
Re: Pardon me but ......
Hello 

Interesting post. Thank you for providing the information. 

Thanks 
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
11/14/2017 | 2:26:19 PM
Pardon me but ......
Companies have not even locked down servers and networks.  How can they be so naive as to think that these devices are somehow SECURE???  


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
New Attack Campaigns Suggest Emotet Threat Is Far From Over
Jai Vijayan, Contributing Writer,  1/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3622
PUBLISHED: 2020-01-22
A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.
CVE-2020-5221
PUBLISHED: 2020-01-22
In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath(). This has been fixed in versio...
CVE-2019-19834
PUBLISHED: 2020-01-22
Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.
CVE-2019-19836
PUBLISHED: 2020-01-22
AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.
CVE-2019-19843
PUBLISHED: 2020-01-22
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.