Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google joins Apple and Microsoft in warning about zero-day flaws being exploited in the wild. This time the target is the popular Google Chrome browser. [Read More]
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
Google introduced Private Compute Services for Android, a new suite of services designed to improve privacy in the Android operating system. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The high severity vulnerability could be exploited by malicious actors on the local network to execute code remotely when the user attempts to send an HTTP request. [Read More]
The social media advertising giant has shared an updated payout guideline for vulnerability hunters to better understand its bounty decisions. [Read More]
Software vendor SolarWinds failed to enable ASLR, an anti-exploitation feature available since the launch of Windows Vista 15 years ago. The oversight that made it easy for attackers to launch targeted malware attacks in July this year. [Read More]
The application can be used to monitor someone’s phone use, online activity, and even physical movements, but exposes users to stalkers and abuse, the FTC argues. [Read More]
The Singapore government augments its existing bug bounty program and VDP to offer bounty rewards of up to $150,000 for exceptionally impactful vulnerabilities. [Read More]
The vulnerability could allow unauthenticated, remote attackers to execute arbitrary code or cause a denial of service condition. [Read More]

FEATURES, INSIGHTS // Mobile Security

rss icon

Preston Hogue's picture
Telecom service providers need protections for everything from their back-end networks to cell towers to billions of devices in users’ hands.
John Maddison's picture
There are three basic security components that every organization with an open BYOD strategy needs to be familiar with.
Laurence Pitt's picture
By paying just a bit more attention to the permissions you are allowing on your phone or computer, you could protect yourself from a much more significant headache down the road.
Alastair Paterson's picture
While less powerful than desktops and servers used for this purpose, more Android devices exist, and they are often less protected and, thus, more easily accessible.
Scott Simkin's picture
Users, networks and applications can – and should— exist everywhere, which puts new burdens on security teams to protect them in the same way as the traditional perimeter.
Alastair Paterson's picture
By understanding what’s up with your mobile apps, you can mitigate the digital risk to your organization, employees and customers.
Adam Ely's picture
In this day of BYOD devices and zero-trust operating environments, IT and security professionals gain nothing from trying to manage the unmanageable—which is just as well, because the device is no longer the endpoint that matters.
Simon Crosby's picture
While flexibility offers countless benefits for corporations and their employees, this new emphasis on mobility has also introduced a new set of risks, and this in turn re-ignites a focus on endpoint security.
Adam Ely's picture
Applying a zero trust model to mobile and the right security controls at the app level could align productivity and security. But the bottom line is that it’s no longer about the device; it’s about the applications.
David Holmes's picture
DDoS continues to wax and wane in unpredictable cycles, but the ecosystem has evolved to keep it out of the mobile space.