Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Samsung has fixed a vulnerability (SVE-2015-5068) that allows an attacker to bypass the factory reset protection of Galaxy devices. If exploited, an attacker would be able to take over a stolen or found device within minutes. [Read More]
Google has released the June 2016 set of security updates for the Android operating system, meant to patch a total of 40 vulnerabilities in the platform. [Read More]
An improved version of the Marcher Android banking malware has added 9 UK banks to its target list [Read More]
New Android spyware, apparently targeting government security job seekers, has been detected in Saudi Arabia. [Read More]
Researchers find two serious vulnerabilities in LG smartphones, including one that can be exploited remotely to delete and modify SMS messages [Read More]
The authors of Android Trojans have adapted their attack models to target the permission-granting model that Google has introduced in Android 6.0 Marshmallow, security firm Symantec has discovered. [Read More]
SandJacking attack allows hackers to install malicious iOS apps on non-jailbroken devices. Vulnerability yet to be patched by Apple [Read More]
Texas has entered into an Assurance of Voluntary Compliance agreement with PayPal over alleged privacy and security violations by Venmo, a company acquired by PayPal in 2013. [Read More]
Google announced a new version of its Safe Browsing API and a focus on maximizing protection for both mobile and desktop users. [Read More]
A Critical Elevation of Privilege (EoP) vulnerability in the Qualcomm Secure Execution Environment (QSEE) affects around 60 percent of all Android devices around the world, despite being already fixed, researchers warn. [Read More]

FEATURES, INSIGHTS // Mobile Security

rss icon

Adam Ely's picture
In this day of BYOD devices and zero-trust operating environments, IT and security professionals gain nothing from trying to manage the unmanageable—which is just as well, because the device is no longer the endpoint that matters.
Simon Crosby's picture
While flexibility offers countless benefits for corporations and their employees, this new emphasis on mobility has also introduced a new set of risks, and this in turn re-ignites a focus on endpoint security.
Adam Ely's picture
Applying a zero trust model to mobile and the right security controls at the app level could align productivity and security. But the bottom line is that it’s no longer about the device; it’s about the applications.
David Holmes's picture
DDoS continues to wax and wane in unpredictable cycles, but the ecosystem has evolved to keep it out of the mobile space.
Adam Ely's picture
The mobile strategist will play a pivotal role in mobile integration, as they pave the way for the organizations to do so purposefully and securely.
David Holmes's picture
After the rounds of predictions for 2014, I had bet my colleague that if no mobile DDoS appeared this year, we’d stop talking about it. And it looks like we can.
Adam Ely's picture
While mobile security remains at the top of every CISO’s priority list this year, enterprises have quickly begun to realize that mobile device management (MDM) and enterprise mobility management (EMM) are not enough to keep data safe.
Adam Ely's picture
From what to support to how to ensure the security of mobile apps and data, enterprises are banging their heads against the wall to find a solution to secure mobile.
Adam Ely's picture
We can attempt to predict the future, but without proper security measures in place, data breaches are bound to happen. Unfortunately, it’s not a matter of if a breach will occur, but when.
Adam Ely's picture
When determining how risky an app is, we must consider intentional features within these permissions to determine whether or not they’re a risk to the enterprise.