For all of their bells and whistles, smartphones present real privacy concerns -- some of which users aren't aware.
Rapid7, a Boston-based vulnerability management and penetration testing company, has acquired Seattle start-up Mobilisafe, which makes cloud-based mobile risk management technology.
The apps used on mobile devices connected to its network contained sensitive data, so a medical device manufacturer needed to ensure that access control and authorization policies were enforced.
This featured article is a sample of our "Mobile Spotlight" issue and discusses mobile apps in the enterprise and how employees downloading them is cause for concern for IT departments.
Bring-your-own-device is a hot topic and a growing trend that security professionals are going to have to face - like it or not.
Before flocking to a mobile policy in which employees are permitted to connect their smartphones and tablets to the corporate network, consider that the return on investment may not be all it is cracked up to be -- security being a big reason why.
Users of HTC-made Android devices are receiving software security updates to correct a vulnerability that could be exploited by a third-party to steal personal information.
A new mobile phone bug stems from an insecure program, called HTCLoggers.apk, which was recently added to some HTC Android devices.
Mobile botnets are nowhere near as big as PC zombie networks, but the threat is growing, according to a new report from Damballa.
Researchers have discovered a new variant of the insidious Zeus trojan designed to run on Google Android smartphones, but the threat is minimal in the United States.
Apple's iOS and Google's Android mobile platforms are more secure than traditional desktop operating systems though both are still vulnerable to many types of attacks, according to a new report.
Federal lawmakers last week proposed two separate bills that would regulate the collection and use of location data from smartphones and other mobile devices. The Location Privacy Protection Act of 2011, introduced Friday by Sens. Al Franken, D-Minn. and Richard Blumenthal, D-Conn., would require companies to obtain permission before collecting mobile users' location data and sharing it with third parties. The bill is similar to the Geolocation Privacy and Surveillance Act, introduced Wednesday to create guidelines for when and how geolocation information can be accessed and used by government agencies, commercial entities and private citizens. The bills were born out of controversial revelations in April that Apple was storing user's location data.
A survey of more than 1,500 individuals from 14 countries found that half of device users keep passwords, PIN codes or credit card details on their mobile devices.
Google on Wednesday began distributing a patch to address a security flaw in all but the latest versions of its Android mobile operating system.
Apple this week issued an update to address rampant concerns that its iPhone and iPad devices are collecting and storing information about users' locations.
Google and Apple are facing heat from U.S. and foreign lawmakers over the discovery that their smartphone and tablet devices are collecting and storing information about users' locations.
Google has released a new version of its Google Apps Device Policy mobile application to allow for increased security management of Android devices, versions 2.2 and later, according to a Thursday blog post. The updated app enables administrators to locate lost or stolen devices on a map, ring the phones and wipe the PIN and password. In addition, the app permits remote encryption of data on the device. The app, only available for Google Apps for Business or Google Apps for Education customers, is part of a move by Google to increase Android adoption within businesses.
Internet radio service Pandora has been served a federal grand jury subpoena related to an investigation into the security of its mobile applications, the company revealed this week in a filing with the U.S. Securities and Exchange Commission related to its planned initial public offering. Pandora said it was not the only target of the investigation and believed similar subpoenas were issued to many other smartphone app publishers. In addition to the subpoena, Pandora was recently named as a defendant in several class-action lawsuits alleging violations of computer fraud and privacy laws.
Apple on Wednesday issued security updates for its Safari 5 web browser and iOS mobile operating system to address dozens of vulnerabilities.
Google is now using a remote security tool to remove malicious applications from affected Android devices after a malware outbreak hit its official app store.
Until mobile malware becomes more pervasive, the current lot of smartphone security offerings can help users with other concerns.
In a sign of the times, the Federal Trade Commission has filed a complaint against an alleged text message spammer.
Most users are not aware of the risks in smartphones and the security industry is struggling to develop tools to defend these devices, a panel of experts said on Wednesday at RSA Conference in San Francisco.
#OpEgypt and #Jan25 lead in this cyberwarfare analysis on psychological operations using social media. The old-school mobile phone is now the instrument of real-time sitreps. Will cellular network technology be the next risk for state-sanctioned cyberwarfare? Part three of a series.
A Q&A with Privacy Commissioner Jennifer Stoddart covering social media, smartphones, educating the public and much more.
2011 promises to deliver a major influx of mobile application attacks, plus other sophisticated digital assaults, said Dave DeWalt, CEO of McAfee, during a keynote address Wednesday at SC Congress Canada in Toronto.
As Apple devices gain more traction in the office, IT administrators must follow best practices to ensure these endpoints can be trusted.
The insidious Zeus trojan is now being leveraged in mobile device attacks, particularly in Europe, to steal codes used to authenticate banking transactions.
Nonprofit financial service industry consortium BITS and the Financial Services Technology Consortium have scheduled a forum to address business, security and fraud risks facing the mobile financial services market. The forum, to take Oct. 14 and 15 in Arlington, Va., will provide a look at the threats, risks and mitigations of the mobile financial services environment. Senior level financial institution executives, information security, privacy protection and fraud prevention specialists are encouraged to attend. — AM
McAfee announced Tuesday that it has acquired Trust Digital, maker of enterprise mobility management and security software for large enterprises. The deal, terms of which were not disclosed, will allow McAfee to expand its endpoint portfolio to offer solutions to deploy, manage and secure smartphones running on platforms such as the iPhone, Android, Windows Mobile, Palm webOS and Symbian operating systems. In addition, Trust Digital's offerings will be integrated with the McAfee ePolicy Orchestrator console to offer centralized management and reporting of mobile devices. — DK
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Over 7M Minecraft mobile credentials exposed after Lifeboat data breach
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- FBI investigating attack against computer networks at U.S. law firms
- Pros examine Mossack Fonseca breach: WordPress plugin, Drupal likely suspects
- First Choice Credit Union files class-action suit against Wendy's over breach
- Top NFL prospect Tunsil free falls in draft after apparent hacker posts damaging video, texts
- Researchers spot Android Infostealer disguised as Chrome update
- Researchers spot mobile malware competition on the black market
- Judge ruled go ahead for claims of phone hacking against UK tabloid