Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
What's in a Botnet? Researchers Spy on Geost Operators
Kelly Sheridan, Staff Editor, Dark ReadingNews
The investigation of a major Android banking botnet yields insights about how cybercriminals structure and run an illicit business.
By Kelly Sheridan Staff Editor, Dark Reading, 12/4/2019
Comment0 comments  |  Read  |  Post a Comment
StrandHogg Vulnerability Affects All Versions of Android
Kelly Sheridan, Staff Editor, Dark ReadingNews
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.
By Kelly Sheridan Staff Editor, Dark Reading, 12/2/2019
Comment0 comments  |  Read  |  Post a Comment
New Free Emulator Challenges Apple's Control of iOS
Robert Lemos, Contributing WriterNews
An open-source tool gives researchers and jailbreakers a free option for researching vulnerabilities in the operating system and gives Apple a new headache.
By Robert Lemos Contributing Writer, 11/27/2019
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Hang Up on Voice Fraud
Steve Zurier, Contributing Writer
Criminals are coming at us from all direction, including our phones. Don't answer that next call without reading this tips first.
By Steve Zurier Contributing Writer, 11/27/2019
Comment6 comments  |  Read  |  Post a Comment
Tushu, Take Twoshu: Malicious SDK Reappears in Google Play
Kelly Sheridan, Staff Editor, Dark ReadingNews
Months after the Tushu SDK was found infecting Android apps on Google Play, its operators are back with new evasive techniques.
By Kelly Sheridan Staff Editor, Dark Reading, 11/25/2019
Comment0 comments  |  Read  |  Post a Comment
They See You When You're Shopping: Holiday Cybercrime Starts Early
Dark Reading Staff, Quick Hits
Researchers notice year-end phishing attacks starting in July and ramping up in September.
By Dark Reading Staff , 11/25/2019
Comment0 comments  |  Read  |  Post a Comment
Google Increases Top Android Hacking Prize to $1M
Dark Reading Staff, Quick Hits
Google expands its Android Security Rewards program and multiplies its top cash prize from $200,000 to $1 million.
By Dark Reading Staff , 11/21/2019
Comment0 comments  |  Read  |  Post a Comment
Employee Privacy in a Mobile Workplace
Michael J. Covington, Vice President of Product Strategy at WanderaCommentary
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
By Michael J. Covington Vice President of Product Strategy at Wandera, 11/20/2019
Comment0 comments  |  Read  |  Post a Comment
Vulnerability Could Give Criminals Camera Control on Millions of Android Smartphones
Dark Reading Staff, Quick Hits
Unauthorized activities could be triggered even if a phone is locked, its screen is turned off, or a person is in the middle of a call.
By Dark Reading Staff , 11/20/2019
Comment0 comments  |  Read  |  Post a Comment
Facebook Discloses WhatsApp MP4 Video Vulnerability
Dark Reading Staff, Quick Hits
A stack-based buffer overflow bug can be exploited by sending a specially crafted video file to a WhatsApp user.
By Dark Reading Staff , 11/18/2019
Comment0 comments  |  Read  |  Post a Comment
Google Announces App Defense Alliance
Dark Reading Staff, Quick Hits
The industry partnership will scan apps for malware before they're published on the Google Play Store.
By Dark Reading Staff , 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
Google Launches OpenTitan Project to Open Source Chip Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
OpenTitan is an open source collaboration among Google and technology companies to strengthen root-of-trust chip design.
By Kelly Sheridan Staff Editor, Dark Reading, 11/5/2019
Comment0 comments  |  Read  |  Post a Comment
US Lawmakers Fear Chinese-Owned TikTok Poses Security Risk
Dark Reading Staff, Quick Hits
The popular video app has more than 110 million downloads in the United States and could give China access to users' personal data, they say.
By Dark Reading Staff , 10/28/2019
Comment0 comments  |  Read  |  Post a Comment
40% of Security Pros Job Hunting as Satisfaction Drops
Kelly Sheridan, Staff Editor, Dark ReadingNews
Symptoms of job dissatisfaction creep into an industry already plagued with gaps in diversity and work-life balance.
By Kelly Sheridan Staff Editor, Dark Reading, 10/24/2019
Comment8 comments  |  Read  |  Post a Comment
Apple Boots 17 Trojan-Laden Apps From Mobile Store
Jai Vijayan, Contributing WriterNews
Malware was designed to carry out click-fraud, Wandera says.
By Jai Vijayan Contributing Writer, 10/24/2019
Comment0 comments  |  Read  |  Post a Comment
Mobile Users Targeted With Malware, Tracked by Advertisers
Robert Lemos, Contributing WriterNews
Cybercriminals continue to seed app stores with malicious apps, advanced attackers successfully compromise mobile devices, and advertisers continue to track users, new reports show.
By Robert Lemos Contributing Writer, 10/24/2019
Comment0 comments  |  Read  |  Post a Comment
8 Tips for More Secure Mobile Computing
Curtis Franklin Jr., Senior Editor at Dark Reading
Mobile devices are a huge part of enterprise IT. Here's what to advise their users to do to keep their devices and critical business data best protected.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/23/2019
Comment0 comments  |  Read  |  Post a Comment
FIDO-Based Authentication Arrives for Smartwatches
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Nok Nok App SDK for Smart Watch is designed to let businesses implement FIDO-based authentication on smartwatches.
By Kelly Sheridan Staff Editor, Dark Reading, 10/22/2019
Comment0 comments  |  Read  |  Post a Comment
Schadenfreude Is a Bad Look & Other Observations About Recent Disclosures
James Plouffe, Lead Architect at MobileIronCommentary
The debate about whether Android or iOS is the more inherently secure platform misses the larger issues that both platforms are valuable targets and security today is no guarantee of security tomorrow.
By James Plouffe Lead Architect at MobileIron, 10/16/2019
Comment0 comments  |  Read  |  Post a Comment
USB Drive Security Still Lags
Dark Reading Staff, Quick Hits
While USB drives are frequent pieces of business hardware, a new report says that one-third of US businesses have no policy governing their use.
By Dark Reading Staff , 10/9/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by janettjworkman
Current Conversations Thank you somuch
In reply to: Thank you somuch
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19589
PUBLISHED: 2019-12-05
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives.
CVE-2019-19597
PUBLISHED: 2019-12-05
D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
CVE-2019-19598
PUBLISHED: 2019-12-05
D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to t...
CVE-2019-19596
PUBLISHED: 2019-12-05
GitBook through 2.6.9 allows XSS via a local .md file.
CVE-2019-19590
PUBLISHED: 2019-12-05
In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote at...