Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
Name That Toon: Sight Unseen
John Klossner, CartoonistCommentary
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 6/14/2021
Comment10 comments  |  Read  |  Post a Comment
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
Jai Vijayan, Contributing WriterNews
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
By Jai Vijayan Contributing Writer, 6/11/2021
Comment0 comments  |  Read  |  Post a Comment
Healthcare Device Security Firm COO Charged With Hacking Medical Center
Dark Reading Staff, Quick Hits
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medical Center.
By Dark Reading Staff , 6/10/2021
Comment0 comments  |  Read  |  Post a Comment
New Security Event @Hack to Take Place in Saudi Arabia
Dark Reading Staff, Quick Hits
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
By Dark Reading Staff , 6/9/2021
Comment0 comments  |  Read  |  Post a Comment
FBI Issued Encrypted Devices to Capture Criminals
Dark Reading Staff, Quick Hits
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.
By Dark Reading Staff , 6/8/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Road Trip
John Klossner, CartoonistCommentary
And the winner of Dark Reading's cartoon caption contest is ...
By John Klossner Cartoonist, 6/7/2021
Comment0 comments  |  Read  |  Post a Comment
Most Mobile Apps Can Be Compromised in 15 Minutes or Less
Alan Bavosa, VP, Security Products, at AppdomeCommentary
In the name of releasing apps quickly and delivering a smooth user experience, mobile app security is often given short shrift.
By Alan Bavosa VP, Security Products, at Appdome, 5/28/2021
Comment0 comments  |  Read  |  Post a Comment
How Menlo Uses Isolation to Secure Mobile Devices in the Cloud
Terry Sweeney, Contributing EditorCommentary
SPONSORED: WATCH NOW -- Mobile devices like smartphones and tablets have emerged as popular targets for bad actors looking to break into to cloud-based networks, according to Poornima DeBolle, chief product officer for Menlo Security.
By Terry Sweeney Contributing Editor, 5/27/2021
Comment0 comments  |  Read  |  Post a Comment
Orange: Your Leaky Security is Coming from Inside the House!
Terry Sweeney, Contributing EditorCommentary
SPONSORED: Your home WiFi router may be screaming fast, but it's also a major point of vulnerability in this work-from-home era, says Charl van der Walt, head of security research at Orange Cyberdefense. And while Zero Trust offers some relief, he offers up some how-to advice to ensure it's properly deployed.
By Terry Sweeney Contributing Editor, 5/26/2021
Comment0 comments  |  Read  |  Post a Comment
Security Providers Describe New Solutions (& Growing Threats) at RSAC
Terry Sweeney, Contributing EditorCommentary
SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.
By Terry Sweeney Contributing Editor, 5/20/2021
Comment1 Comment  |  Read  |  Post a Comment
Google Chrome Makes It Easier to Update Compromised Passwords
Dark Reading Staff, Quick Hits
A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.
By Dark Reading Staff , 5/19/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Road Trip
John Klossner, CartoonistCommentary
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 5/17/2021
Comment4 comments  |  Read  |  Post a Comment
Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks
Robert Lemos, Contributing WriterNews
Every Wi-Fi product is affected by at least one fragmentation and aggregation vulnerability, which could lead to a machine-in-the-middle attack, researcher says.
By Robert Lemos Contributing Writer, 5/14/2021
Comment0 comments  |  Read  |  Post a Comment
Researchers Unearth 167 Fake iOS & Android Trading Apps
Dark Reading Staff, Quick Hits
The apps are disguised as financial trading, banking, and cryptocurrency apps from well-known and trusted organizations.
By Dark Reading Staff , 5/12/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Greetings, Earthlings
John Klossner, CartoonistCommentary
And the winner of Dark Reading's April cartoon caption contest is ...
By John Klossner Cartoonist, 5/11/2021
Comment0 comments  |  Read  |  Post a Comment
Most Organizations Feel More Vulnerable to Breaches Amid Pandemic
Dark Reading Staff, Quick Hits
More than half of business see the need for significant long-term changes to IT due to COVID-19, research finds.
By Dark Reading Staff , 5/7/2021
Comment0 comments  |  Read  |  Post a Comment
Black Hat Asia Speakers Share Secrets About Sandboxes, Smart Doors, and Security
Dark Reading Staff,
Find video interviews with some of the coolest Black Hat Asia experts right here, as part of the Dark Reading News Desk this week.
By Dark Reading Staff , 5/7/2021
Comment0 comments  |  Read  |  Post a Comment
Google Plans to Automatically Enable Two-Factor Authentication
Dark Reading Staff, Quick Hits
The company plans to automatically enroll users in two-step verification if their accounts are properly configured.
By Dark Reading Staff , 5/6/2021
Comment0 comments  |  Read  |  Post a Comment
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
By Steve Zurier Contributing Writer, 4/30/2021
Comment3 comments  |  Read  |  Post a Comment
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.
By Kelly Sheridan Staff Editor, Dark Reading, 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34390
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function.
CVE-2021-34391
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel�s tz_handle_trusted_app_smc function where a lack of integer overflow checks on the req_off and param_ofs variables leads to memory corruption of critical kernel structures.
CVE-2021-34392
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
CVE-2021-34393
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
CVE-2021-34394
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with multiple occurrences of the same parameter. The deserialization of untrusted data might allow an attacker to exploit the deserializer to impact code execution.