Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
Google Plans to Automatically Enable Two-Factor Authentication
Dark Reading Staff, Quick Hits
The company plans to automatically enroll users in two-step verification if their accounts are properly configured.
By Dark Reading Staff , 5/6/2021
Comment0 comments  |  Read  |  Post a Comment
Black Hat Asia Speakers Share Secrets About Sandboxes, Smart Doors, and Security
Dark Reading Staff,
Find video interviews with some of the coolest Black Hat Asia experts right here, as part of the Dark Reading News Desk this week.
By Dark Reading Staff , 5/6/2021
Comment0 comments  |  Read  |  Post a Comment
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
By Steve Zurier Contributing Writer, 4/30/2021
Comment1 Comment  |  Read  |  Post a Comment
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.
By Kelly Sheridan Staff Editor, Dark Reading, 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Greetings, Earthlings
John Klossner, CartoonistCommentary
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 4/22/2021
Comment17 comments  |  Read  |  Post a Comment
Dark Reading to Upgrade Site Design, Performance
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Improvements will make site content easier to navigate, faster, and more functional.
By Tim Wilson, Editor in Chief, Dark Reading , 4/13/2021
Comment1 Comment  |  Read  |  Post a Comment
Unofficial Android App Store APKPure Infected With Malware
Dark Reading Staff, Quick Hits
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.
By Dark Reading Staff , 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
8 Security & Privacy Apps to Share With Family and Friends
Kelly Sheridan, Staff Editor, Dark Reading
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Something Seems Afoul
John Klossner, CartoonistCommentary
And the winner of Dark Readings's March cartoon caption contest is ...
By John Klossner Cartoonist, 4/7/2021
Comment0 comments  |  Read  |  Post a Comment
7 Security Strategies as Employees Return to the Office
Steve Zurier, Contributing Writer
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
By Steve Zurier Contributing Writer, 4/1/2021
Comment0 comments  |  Read  |  Post a Comment
Apple Patches iOS Zero-Day
Dark Reading Staff, Quick Hits
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.
By Dark Reading Staff , 3/26/2021
Comment0 comments  |  Read  |  Post a Comment
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
Dark Reading Staff, Quick Hits
A decision on the order, which contains several recommendations, is still forthcoming.
By Dark Reading Staff , 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
Nearly Half of Popular Android Apps Built With High-Risk Components
Robert Lemos, Contributing WriterNews
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.
By Robert Lemos Contributing Writer, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
Disgruntled IT Contractor Sentenced in Retaliatory Office 365 Attack
Dark Reading Staff, Quick Hits
Former contractor deleted 1,200 user accounts in revenge.
By Dark Reading Staff , 3/23/2021
Comment0 comments  |  Read  |  Post a Comment
Facebook Expands Security Key Support to iOS & Android
Kelly Sheridan, Staff Editor, Dark ReadingNews
Facebook's announcement arrives the same week Twitter enabled support for multiple security keys on user accounts.
By Kelly Sheridan Staff Editor, Dark Reading, 3/18/2021
Comment0 comments  |  Read  |  Post a Comment
New CopperStealer Malware Hijacks Social Media Accounts
Dark Reading Staff, Quick Hits
Proofpoint researchers say it steals logins and spreads more malware.
By Dark Reading Staff , 3/18/2021
Comment0 comments  |  Read  |  Post a Comment
Lookout Acquires SASE Cloud Provider CipherCloud
Dark Reading Staff, Quick Hits
Deal signals a focus on the cloud for mobile security firm.
By Dark Reading Staff , 3/15/2021
Comment0 comments  |  Read  |  Post a Comment
Malware Operator Employs New Trick to Upload Its Dropper into Google Play
Jai Vijayan, Contributing WriterNews
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps.
By Jai Vijayan Contributing Writer, 3/10/2021
Comment0 comments  |  Read  |  Post a Comment
Call Recorder iPhone App Flaw Uncovered
Dark Reading Staff, Quick Hits
Researcher finds thousands of recorded calls easily accessible to others.
By Dark Reading Staff , 3/10/2021
Comment0 comments  |  Read  |  Post a Comment
COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns
Grant Goodes, Chief Scientist, GuardsquareCommentary
The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.
By Grant Goodes Chief Scientist, Guardsquare, 3/9/2021
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32077
PUBLISHED: 2021-05-06
Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number (SSN) values via a brute-force attack on a (sometimes hidden) search field, because the last four SSN digits are part of the supported combination of search se...
CVE-2020-23263
PUBLISHED: 2021-05-06
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
CVE-2020-23264
PUBLISHED: 2021-05-06
Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.
CVE-2021-27941
PUBLISHED: 2021-05-06
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the...
CVE-2021-29203
PUBLISHED: 2021-05-06
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gai...