Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
New Jailbreak Tool Works on Most iPhones
Dark Reading Staff, Quick Hits
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees
Jason Meller, CEO & Founder, KolideCommentary
Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.
By Jason Meller CEO & Founder, Kolide, 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
How to Submit a Column to Dark Reading
Dark Reading Staff, Commentary
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
By Dark Reading Staff , 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
Android App Infects Millions of Devices With a Single Update
Dark Reading Staff, Quick Hits
The popular Barcode Scanner app, which as been available on Google Play for years, turned malicious with one software update.
By Dark Reading Staff , 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Insider Threat
John Klossner, CartoonistCommentary
And the winner of Dark Reading's January cartoon caption contest is ...
By John Klossner Cartoonist, 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security CompassCommentary
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
By Altaz Valani Director of Insights Research, Security Compass, 1/13/2021
Comment1 Comment  |  Read  |  Post a Comment
Mobile Endpoint Security: Still the Crack in the Enterprise's Cyber Armor
Joel Wallenstrom, CEO & President, WickrCommentary
A combination of best practices and best-in-class technology will help keep your enterprise from falling victim to ever-growing threats.
By Joel Wallenstrom CEO & President, Wickr, 12/30/2020
Comment0 comments  |  Read  |  Post a Comment
'Fingerprint-Jacking' Attack Technique Manipulates Android UI
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.
By Kelly Sheridan Staff Editor, Dark Reading, 12/10/2020
Comment0 comments  |  Read  |  Post a Comment
Keeping Cyber Secure at Christmas
IFSEC Global, StaffNews
Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.
By Sylvain Cortes, Security Evangelist and cybersecurity expert , 12/8/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers Discover New Obfuscation-As-a-Service Platform
Ericka Chickowski, Contributing WriterNews
Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.
By Ericka Chickowski Contributing Writer, 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Google Security Researcher Develops 'Zero-Click' Exploit for iOS Flaw
Jai Vijayan, Contributing WriterNews
A new patched memory corruption vulnerability in Apple's AWDL protocol can be used to take over iOS devices that are in close proximity to an attacker.
By Jai Vijayan Contributing Writer, 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Free Mobile App Measures Your Personal Cyber Risk
Steve Zurier, Contributing WriterNews
New app for Android and Apple iOS uses an algorithm co-developed with MIT to gauge security posture on an ongoing basis.
By Steve Zurier Contributing Writer, 12/2/2020
Comment0 comments  |  Read  |  Post a Comment
Ivanti Acquires MobileIron & Pulse Secure
Dark Reading Staff, Quick Hits
The company plans to use these acquisitions to strengthen and secure IT connections across remote devices and infrastructure.
By Dark Reading Staff , 12/1/2020
Comment0 comments  |  Read  |  Post a Comment
Baidu Apps Leaked Location Data, Machine Learning Reveals
Robert Lemos, Contributing WriterNews
Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, research finds.
By Robert Lemos Contributing Writer, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
Evidence-Based Trust Gets Black Hat Europe Spotlight
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
Facebook Messenger Flaw Enabled Spying on Android Callees
Dark Reading Staff, Quick Hits
A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.
By Dark Reading Staff , 11/20/2020
Comment0 comments  |  Read  |  Post a Comment
Go SMS Pro Messaging App Exposed Users' Private Media Files
Dark Reading Staff, Quick Hits
The popular Android app uses easily guessable Web addresses when users send private photos, videos, and voice messages.
By Dark Reading Staff , 11/19/2020
Comment0 comments  |  Read  |  Post a Comment
Online Shopping Surge Puts Focus on Consumer Security Habits
Robert Lemos, Contributing WriterNews
Companies will have to tread a fine line between delivering security and a frictionless shopping experience, security firms say.
By Robert Lemos Contributing Writer, 11/18/2020
Comment0 comments  |  Read  |  Post a Comment
DARPA and Academia Jumpstart 5G IoT Security Efforts
Paul Shomo, Cybersecurity AnalystCommentary
With 5G IoT devices projected to hit 49 million units by 2023, researchers launch programs to keep IoT from becoming a blackhole of exfiltration.
By Paul Shomo Cybersecurity Analyst, 11/12/2020
Comment0 comments  |  Read  |  Post a Comment
How Hackers Blend Attack Methods to Bypass MFA
Alan Bavosa, VP, Security Products, at AppdomeCommentary
Protecting mobile apps requires a multilayered approach with a mix of cybersecurity measures to counter various attacks at different layers.
By Alan Bavosa VP, Security Products, at Appdome, 11/10/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by raudrera
Current Conversations Flintstones haha
In reply to: answer
Post Your Own Reply
More Conversations
PR Newswire
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "The truth behind Stonehenge...."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21513
PUBLISHED: 2021-03-02
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin acces...
CVE-2021-21514
PUBLISHED: 2021-03-02
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request.
CVE-2020-25902
PUBLISHED: 2021-03-02
Blackboard Collaborate Ultra 20.02 is affected by a cross-site scripting (XSS) vulnerability. The XSS payload will execute on the class room, which leads to stealing cookies from users who join the class.
CVE-2020-1936
PUBLISHED: 2021-03-02
A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.
CVE-2021-27904
PUBLISHED: 2021-03-02
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors.