Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Mobile
Page 1 / 2   >   >>
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Commentary  |  7/10/2020  | 
We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.
'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store
News  |  7/9/2020  | 
Authors of the malware, which signs up mobile users for premium services, are repeatedly finding ways to bypass app review checks.
More Malware Found Preinstalled on Government Smartphones
Quick Hits  |  7/8/2020  | 
Researchers report the American Network Solutions UL40 smartphone comes with compromised apps.
A Most Personal Threat: Implantable Devices in Secure Spaces
News  |  7/8/2020  | 
Do implantable medical devices pose a threat to secure communication facilities? A Virginia Tech researcher says they do, and the problem is growing.
Drone Path Often Reveals Operator's Location
News  |  7/7/2020  | 
The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.
Android Adware Tied to Undeletable Malware
Quick Hits  |  7/6/2020  | 
Adware on inexpensive Android smartphone can carry additional malware and be undeletable.
Building Security Strategies in Sub-Saharan Africa: Trends and Concerns
News  |  7/2/2020  | 
Security experts discuss the rise in cybercrime affecting sub-Saharan Africa and the necessary changes to improve security.
7 IoT Tips for Home Users
Slideshows  |  7/2/2020  | 
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
FCC Designates Huawei & ZTE as National Security Threats
News  |  6/30/2020  | 
Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
Apple Buys Fleetsmith
Quick Hits  |  6/24/2020  | 
The fleet management company becomes part of Apple in a deal announced today.
No Internet Access? Amid Protests, Here's How to Tell Whether the Government Is Behind it
News  |  6/24/2020  | 
Government-mandated Internet shutdowns occur far more regularly than you might expect.
Microsoft Previews Windows Defender ATP for Android
Quick Hits  |  6/23/2020  | 
In addition, the first release of Defender ATP for Linux is now generally available.
Twitter Says Business Users Were Vulnerable to Data Breach
Quick Hits  |  6/23/2020  | 
The now-patched vulnerability left business users' personal information in web browser caches for anyone to find.
Pandemic Accelerates Priceline's 'Coffee Shop' Remote-Access Strategy
News  |  6/22/2020  | 
The travel-booking giant had been slowly starting to transition away from VPN dependence. Then COVID-19 happened, and suddenly 700 third-party call-center workers were working from home.
Employees Say They're Working From Home Without Security Guidance
Quick Hits  |  6/22/2020  | 
Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.
FBI Says Sudden Increase in Mobile Banking Is Heightening Risks For Users
News  |  6/11/2020  | 
Mobile malware and fake apps purporting to be legitimate banking software are big risks, law enforcement agency says.
Protocol Vulnerability Threatens Mobile Networks
Quick Hits  |  6/11/2020  | 
A vuln in the GTP protocol could allow DoS, fraud, and data theft attacks against cellular networks from virtually anywhere.
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Quick Hits  |  6/10/2020  | 
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
Asset Management Mess? How to Get Organized
News  |  6/10/2020  | 
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
Mobile Phishing Attacks Increase Sharply
News  |  6/2/2020  | 
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
Apple Pays Researcher $100,000 for Critical Vulnerability
News  |  6/1/2020  | 
Apple has fixed a flaw in the "Sign in with Apple" feature that could have enabled attackers to break into user accounts for third-party services.
Abandoned Apps May Pose Security Risk to Mobile Devices
News  |  5/29/2020  | 
Mobile providers don't often update users when applications are not supported by developers, security firm says.
StrandHogg 2.0 Emerges as 'Evil Twin' to Android Threat
News  |  5/26/2020  | 
The vulnerability, which exists in almost every version of Android, is both more dangerous and harder to detect than its predecessor.
10 iOS Security Tips to Lock Down Your iPhone
Slideshows  |  5/22/2020  | 
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
Centralized Contact Tracing Raises Concerns Among Privacy-Conscious Citizens
News  |  5/21/2020  | 
The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Commentary  |  5/20/2020  | 
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
4 Challenges with Existing VPNs
Commentary  |  5/15/2020  | 
A VPN is a step in the right direction, but it's not the be-all and end-all when it comes to security and falls short in many ways.
More Tips for Staying Safe While Working from Home
Commentary  |  5/13/2020  | 
While some users are up to speed with the WFH protocol, it's worth adding a few more items to your security checklist.
Secure Contact Tracing Needs More Transparent Development
News  |  5/12/2020  | 
Experts worry that without proper planning, today's decisions about developing contact-tracing apps could have unforeseen consequences in the years to come.
6 Free Cybersecurity Training and Awareness Courses
Slideshows  |  5/12/2020  | 
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
Best Practices for Managing a Remote SOC
News  |  5/1/2020  | 
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
Quick Hits  |  5/1/2020  | 
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
Researchers Find Baby Banking Trojan, Watch It Grow
News  |  4/30/2020  | 
EventBot is an Android information stealer on its way to becoming a very capable piece of malware.
7 Fraud Predictions in the Wake of the Coronavirus
Commentary  |  4/29/2020  | 
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion
5-Year-Long Cyber Espionage Campaign Hid in Google Play
News  |  4/28/2020  | 
OceanLotus targeted Android devices in the so-called PhantomLance campaign.
Security Pros Reassigned to IT Tasks in Coronavirus Pandemic
Quick Hits  |  4/28/2020  | 
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
Health Prognosis on the Security of IoMT Devices? Not Good
News  |  4/25/2020  | 
As more so-called Internet of Medical Things devices go online, hospitals and medical facilities face significant challenges in securing them from attacks that could endanger patients' lives.
Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS
News  |  4/24/2020  | 
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.
Why Consumers, SMBs Are Likely to Fall for Coronavirus Scams
News  |  4/23/2020  | 
Data reveals both a lack of skepticism and a willingness to engage with emails crafted to seem like government communications.
The Evolving Threat of Credential Stuffing
Commentary  |  4/23/2020  | 
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks
News  |  4/22/2020  | 
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
Viral WhatsApp Scam Promises Free Streaming Services
Quick Hits  |  4/21/2020  | 
Cybercriminals capitalize on the popularity of media and entertainment to target consumers looking for at-home activities.
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
News  |  4/21/2020  | 
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
News  |  4/16/2020  | 
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.
Post Pandemic, Technologists Pose Secure Certification for Immunity
News  |  4/16/2020  | 
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
Man-in-the-Middle Attacks: A Growing but Preventable Mobile Threat
Commentary  |  4/15/2020  | 
Hackers are upping their game, especially as they target mobile devices.
TikTok Vulnerability Leaves Users Open to Fake News
Quick Hits  |  4/14/2020  | 
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
Apple Is Top Pick for Brand Phishing Attempts
Quick Hits  |  4/14/2020  | 
Ten percent of all brand phishing attempts in the first quarter of 2020 tried to deceive victims by imitating the Apple brand.
7 Ways COVID-19 Has Changed Our Online Lives
Slideshows  |  4/14/2020  | 
The pandemic has driven more of our personal and work lives online and for the bad guys, business is booming. Here's how you can protect yourself.
Researchers Fool Biometric Scanners with 3D-Printed Fingerprints
News  |  4/8/2020  | 
Tests on the fingerprint scanners of Apple, Microsoft, and Samsung devices reveal it's possible to bypass authentication with a cheap 3D printer.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...