Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
Dark Reading to Upgrade Site Design, Performance
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Improvements will make site content easier to navigate, faster, and more functional.
By Tim Wilson, Editor in Chief, Dark Reading , 4/13/2021
Comment0 comments  |  Read  |  Post a Comment
Unofficial Android App Store APKPure Infected With Malware
Dark Reading Staff, Quick Hits
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.
By Dark Reading Staff , 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
8 Security & Privacy Apps to Share With Family and Friends
Kelly Sheridan, Staff Editor, Dark Reading
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Something Seems Afoul
John Klossner, CartoonistCommentary
And the winner of Dark Readings's March cartoon caption contest is ...
By John Klossner Cartoonist, 4/7/2021
Comment0 comments  |  Read  |  Post a Comment
7 Security Strategies as Employees Return to the Office
Steve Zurier, Contributing Writer
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
By Steve Zurier Contributing Writer, 4/1/2021
Comment0 comments  |  Read  |  Post a Comment
Apple Patches iOS Zero-Day
Dark Reading Staff, Quick Hits
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.
By Dark Reading Staff , 3/26/2021
Comment0 comments  |  Read  |  Post a Comment
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
Dark Reading Staff, Quick Hits
A decision on the order, which contains several recommendations, is still forthcoming.
By Dark Reading Staff , 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
Nearly Half of Popular Android Apps Built With High-Risk Components
Robert Lemos, Contributing WriterNews
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.
By Robert Lemos Contributing Writer, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
Disgruntled IT Contractor Sentenced in Retaliatory Office 365 Attack
Dark Reading Staff, Quick Hits
Former contractor deleted 1,200 user accounts in revenge.
By Dark Reading Staff , 3/23/2021
Comment0 comments  |  Read  |  Post a Comment
Facebook Expands Security Key Support to iOS & Android
Kelly Sheridan, Staff Editor, Dark ReadingNews
Facebook's announcement arrives the same week Twitter enabled support for multiple security keys on user accounts.
By Kelly Sheridan Staff Editor, Dark Reading, 3/18/2021
Comment0 comments  |  Read  |  Post a Comment
New CopperStealer Malware Hijacks Social Media Accounts
Dark Reading Staff, Quick Hits
Proofpoint researchers say it steals logins and spreads more malware.
By Dark Reading Staff , 3/18/2021
Comment0 comments  |  Read  |  Post a Comment
Lookout Acquires SASE Cloud Provider CipherCloud
Dark Reading Staff, Quick Hits
Deal signals a focus on the cloud for mobile security firm.
By Dark Reading Staff , 3/15/2021
Comment0 comments  |  Read  |  Post a Comment
Malware Operator Employs New Trick to Upload Its Dropper into Google Play
Jai Vijayan, Contributing WriterNews
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps.
By Jai Vijayan Contributing Writer, 3/10/2021
Comment0 comments  |  Read  |  Post a Comment
Call Recorder iPhone App Flaw Uncovered
Dark Reading Staff, Quick Hits
Researcher finds thousands of recorded calls easily accessible to others.
By Dark Reading Staff , 3/10/2021
Comment0 comments  |  Read  |  Post a Comment
COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns
Grant Goodes, Chief Scientist, GuardsquareCommentary
The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.
By Grant Goodes Chief Scientist, Guardsquare, 3/9/2021
Comment1 Comment  |  Read  |  Post a Comment
Secure Laptops & the Enterprise of the Future
Arun Subbarao, Vice President of Engineering, Lynx Software TechnologiesCommentary
The enterprise of the future will depend upon organizations' ability to extend the company firewall to everywhere people are working.
By Arun Subbarao Vice President of Engineering, Lynx Software Technologies, 3/4/2021
Comment0 comments  |  Read  |  Post a Comment
New Jailbreak Tool Works on Most iPhones
Dark Reading Staff, Quick Hits
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees
Jason Meller, CEO & Founder, KolideCommentary
Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.
By Jason Meller CEO & Founder, Kolide, 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
How to Submit a Column to Dark Reading
Dark Reading Staff, Commentary
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
By Dark Reading Staff , 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
Android App Infects Millions of Devices With a Single Update
Dark Reading Staff, Quick Hits
The popular Barcode Scanner app, which as been available on Google Play for years, turned malicious with one software update.
By Dark Reading Staff , 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3035
PUBLISHED: 2021-04-20
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
CVE-2021-3036
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to us...
CVE-2021-3037
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS conf...
CVE-2021-3038
PUBLISHED: 2021-04-20
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions...
CVE-2021-3506
PUBLISHED: 2021-04-19
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The hi...