var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

7x彩票网appThis site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
Israel's Entire Voter Registry Exposed in Massive Incident
Dark Reading Staff, Quick Hits
Personal details of nearly 6.5 million Israelis were out in the open after the entire registry was uploaded to an notably insecure app.
By Dark Reading Staff , 2/10/2020
Comment0 comments  |  Read  |  Post a Comment
From 1s & 0s to Wobbly Lines: The Radio Frequency (RF) Security Starter Guide
Curtis Franklin Jr., Senior Editor at Dark Reading
Although radio frequency energy (RF) communications are increasingly essential to modern wireless networking and IoT, the security of RF is notoriously lax.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/7/2020
Comment0 comments  |  Read  |  Post a Comment
7x彩票网app Tops Imitated Brands as Attackers Target Tech
Dark Reading Staff, Quick Hits
Brand impersonators favor 7x彩票网app, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.
By Dark Reading Staff , 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
7x彩票网app Suspends Fake Accounts Abusing Feature that Matches Phone Numbers and Users
Dark Reading Staff, Quick Hits
The company believes state-sponsored actors may also be involved.
By Dark Reading Staff , 2/4/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers Find 24 'Dangerous' Android Apps with 382M Installs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps.
By Kelly Sheridan Staff Editor, Dark Reading, 2/3/2020
Comment1 Comment  |  Read  |  Post a Comment
Android Malware for Mobile Ad Fraud Spiked Sharply in 2019
Jai Vijayan, Contributing WriterNews
Some 93% of all mobile transactions across 20 countries were blocked as fraudulent, Upstream says.
By Jai Vijayan Contributing Writer, 1/30/2020
Comment1 Comment  |  Read  |  Post a Comment
How to Secure Your IoT Ecosystem in the Age of 5G
Theresa Lanowitz, Head of Evangelism, AT&T CybersecurityCommentary
For businesses planning to adopt 5G, the sheer number of IoT devices creates a much larger attack surface.
By Theresa Lanowitz Head of Evangelism, AT&T Cybersecurity, 1/30/2020
Comment0 comments  |  Read  |  Post a Comment
Inside the Check Point Research Team's Investigation Process
Kelly Sheridan, Staff Editor, Dark ReadingNews
The team sheds light on how their organization works and what they're watching in the threat landscape.
By Kelly Sheridan Staff Editor, Dark Reading, 1/29/2020
Comment0 comments  |  Read  |  Post a Comment
Startup Privafy Raises $22M with New Approach to Network Security
Dark Reading Staff, Quick Hits
The company today disclosed an approach to data security designed to protect against modern threats at a lower cost than complex network tools.
By Dark Reading Staff , 1/22/2020
Comment0 comments  |  Read  |  Post a Comment
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 1/17/2020
Comment3 comments  |  Read  |  Post a Comment
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double OctopusCommentary
AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed.
By Raz Rafaeli CEO and Co-Founder at Secret Double Octopus, 1/16/2020
Comment3 comments  |  Read  |  Post a Comment
Google Lets iPhone Users Turn Device into Security Key
Kelly Sheridan, Staff Editor, Dark ReadingNews
The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts.
By Kelly Sheridan Staff Editor, Dark Reading, 1/15/2020
Comment1 Comment  |  Read  |  Post a Comment
Chinese Malware Found Preinstalled on US Government-Funded Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.
By Kelly Sheridan Staff Editor, Dark Reading, 1/9/2020
Comment0 comments  |  Read  |  Post a Comment
TikTok Bugs Put Users' Videos, Personal Data At Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data.
By Kelly Sheridan Staff Editor, Dark Reading, 1/8/2020
Comment1 Comment  |  Read  |  Post a Comment
As Hackers Target Mobile Payment Apps, Here's How to Keep Them at Bay
Carlos Asuncion, Solutions Engineer Manager at Shape SecurityCommentary
A little vigilance helps retailers reduce and prevent three of the most common kinds of mobile app fraud
By Carlos Asuncion Solutions Engineer Manager at Shape Security, 12/27/2019
Comment1 Comment  |  Read  |  Post a Comment
IoT Security: How Far We've Come, How Far We Have to Go
Kelly Sheridan, Staff Editor, Dark ReadingNews
As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.
By Kelly Sheridan Staff Editor, Dark Reading, 12/24/2019
Comment11 comments  |  Read  |  Post a Comment
Android App Analysis Uncovers Seasonal 7x彩票网appping Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers scanned 4,200 Android apps and found many exhibit malicious behavior or have a dangerous level of permissions.
By Kelly Sheridan Staff Editor, Dark Reading, 12/12/2019
Comment0 comments  |  Read  |  Post a Comment
Younger Generations Drive Bulk of 2FA Adoption
Kelly Sheridan, Staff Editor, Dark ReadingNews
Use of two-factor authentication has nearly doubled in the past two years , pointing to a new wave of acceptance.
By Kelly Sheridan Staff Editor, Dark Reading, 12/11/2019
Comment0 comments  |  Read  |  Post a Comment
What's in a Botnet? Researchers Spy on Geost Operators
Kelly Sheridan, Staff Editor, Dark ReadingNews
The investigation of a major Android banking botnet yields insights about how cybercriminals structure and run an illicit business.
By Kelly Sheridan Staff Editor, Dark Reading, 12/4/2019
Comment1 Comment  |  Read  |  Post a Comment
StrandHogg Vulnerability Affects All Versions of Android
Kelly Sheridan, Staff Editor, Dark ReadingNews
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.
By Kelly Sheridan Staff Editor, Dark Reading, 12/2/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
5 Measures to Harden Election Technology
Ari Singer, CTO at TrustPhi,  2/7/2020
Researchers Reveal How Smart Lightbulbs Can Be Hacked to Attack
Jai Vijayan, Contributing Writer,  2/6/2020
Keeping a Strong Security Metrics Framework Strong
Joshua 7x彩票网appfarb, Independent Consultant,  2/11/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The secure cloud access project budget got cut.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-02-13
explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances.

PUBLISHED: 2020-02-13
A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for 7x彩票网appPASSWORD when handling a POST request to the /MTFWU endpoint.

PUBLISHED: 2020-02-13
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).

PUBLISHED: 2020-02-13
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.

PUBLISHED: 2020-02-13
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardco...
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app