Mobile

News & Commentary
App Exposes Wi-Fi Credentials for Thousands of Private Networks
Dark Reading Staff, Quick Hits
A database used by WiFi Finder was left open and unprotected on the Internet.
By Dark Reading Staff , 4/23/2019
Comment1 Comment  |  Read  |  Post a Comment
7 Tips for an Effective Employee Security Awareness Program
Jai Vijayan, Freelance writer
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
By Jai Vijayan Freelance writer, 4/17/2019
Comment1 Comment  |  Read  |  Post a Comment
Meet Scranos: New Rootkit-Based Malware Gains Confidence
Kelly Sheridan, Staff Editor, Dark ReadingNews
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2019
Comment1 Comment  |  Read  |  Post a Comment
New Android Malware Adds Persistence, Targets Australian Banking Customers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Malware campaign, which finds and exfiltrates a user's contact list and banking credentials, could potentially grow to global proportions.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/10/2019
Comment0 comments  |  Read  |  Post a Comment
Android Phones Now Double as Physical Security Keys
Kelly Sheridan, Staff Editor, Dark ReadingNews
Google debuted a series of security updates at Next 2019, giving users the option to use their phone as a second authentication factor.
By Kelly Sheridan Staff Editor, Dark Reading, 4/10/2019
Comment1 Comment  |  Read  |  Post a Comment
'MuddyWater' APT Spotted Attacking Android
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Cyber espionage attack group adds mobile malware to its toolset.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/10/2019
Comment1 Comment  |  Read  |  Post a Comment
Stop Mocking & Start Enabling Emerging Technologies
Rick Holland, Chief Information Security Officer and Vice President of  Strategy at Digital ShadowsCommentary
Mocking new technology isn't productive and can lead to career disadvantage.
By Rick Holland Chief Information Security Officer and Vice President of Strategy at Digital Shadows, 4/9/2019
Comment0 comments  |  Read  |  Post a Comment
8 Steps to More Effective Small Business Security
Curtis Franklin Jr., Senior Editor at Dark Reading
Small business face the same security challenges as large enterprises but with much smaller security teams. Here are 8 things to do to get the most from yours.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Phishing Campaign Targeting Verizon Mobile Users
Steve Zurier, Freelance WriterNews
Lookout Phishing AI, which discovered the attack, says it has been going on since late November.
By Steve Zurier Freelance Writer, 4/5/2019
Comment1 Comment  |  Read  |  Post a Comment
How iOS App Permissions Open Holes for Hackers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/4/2019
Comment0 comments  |  Read  |  Post a Comment
Major Mobile Financial Apps Harbor Built-in Vulnerabilities
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A wide variety of financial services companies' apps suffer from poor programing practices and unshielded data.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/2/2019
Comment1 Comment  |  Read  |  Post a Comment
Nuanced Approach Needed to Deal With Huawei 5G Security Concerns
Jai Vijayan, Freelance writerNews
Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.
By Jai Vijayan Freelance writer, 4/1/2019
Comment3 comments  |  Read  |  Post a Comment
In the Race Toward Mobile Banking, Don't Forget Risk Management
Sam Abadir, Vice President of Industry Solutions at LockpathCommentary
The rise of mobile banking and payment services has sparked widespread adoption, making a focus on risk essential.
By Sam Abadir Vice President of Industry Solutions at Lockpath, 4/1/2019
Comment2 comments  |  Read  |  Post a Comment
New Android Trojan Targets 100+ Banking Apps
Jai Vijayan, Freelance writerNews
'Gustuff' also designed to steal from cryptocurrency wallets, payment services, e-commerce apps.
By Jai Vijayan Freelance writer, 3/28/2019
Comment1 Comment  |  Read  |  Post a Comment
Stealing Corporate Funds Still Top Goal of Messaging Attacks
Robert Lemos, Technology Journalist/Data ResearcherNews
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
By Robert Lemos , 3/19/2019
Comment0 comments  |  Read  |  Post a Comment
GPS Spoof Hits Geneva Motor Show
Dark Reading Staff, Quick Hits
Incident leaves GPS units showing a location in England and a date 17 years in the future.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
'SimBad': Android Adware Hits 210 Apps with 150M Downloads
Dark Reading Staff, Quick Hits
Google has removed infected applications from the Google Play store after a form of adware potentially affected millions of users.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
5 Essentials for Securing and Managing Windows 10
Josh Mayfield, Director of Security Strategy at AbsoluteCommentary
It's possible to intelligently deploy and utilize Windows 10's many security enhancements while avoiding common and costly migration pitfalls.
By Josh Mayfield Director of Security Strategy at Absolute, 3/12/2019
Comment0 comments  |  Read  |  Post a Comment
Companies Having Trouble Translating Security to Mobile Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
As more enterprise work takes place on mobile devices, more companies are feeling insecure about the security of their mobile fleet, according to a new Verizon report.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/7/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by lisarboutte
Current Conversations Wooow its greeaat)
In reply to: Great
Post Your Own Reply
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11515
PUBLISHED: 2019-04-25
core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files.
CVE-2019-11511
PUBLISHED: 2019-04-25
Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API.
CVE-2019-11513
PUBLISHED: 2019-04-25
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action.
CVE-2019-11514
PUBLISHED: 2019-04-25
User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mishandles invalidation of user email tokens.
CVE-2019-11506
PUBLISHED: 2019-04-24
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to Expo...