HackDig : Dig high-quality web security articles

Zimperium and Ping Identity Extend Zero Trust Controls to the Most Vulnerable Endpoint: Mobile

Integration of Zimperium’s mobile device risk attestation into the PingFederate platform enables real-time Zero Trust authorizations and access to corporate resources Zimperium is excited to announce a partnership with Ping Identity, enhancing Zero Trust architectures by delivering comprehensive mobile risk posture data to enable joint customers to implemen
Publish At:2021-04-14 12:20 | Read:132 | Comments:0 | Tags:Mobile Security Mobile Threat Defense News Partners

Android Trojans Infect APKPure and Huawei App Stores

Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading detection, on-dev
Publish At:2021-04-13 14:54 | Read:177 | Comments:0 | Tags:Android Mobile Malware Mobile Security android

Joker Android Trojan Lands in Huawei AppGallery App Store

Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users, according to new data from Russian anti-malware vendor Doctor Web.Also known as Bread, the Joker Trojan was first observed in 2017 when it was originally focused on SMS fraud. Last year, the malware was observed perfor
Publish At:2021-04-12 21:15 | Read:105 | Comments:0 | Tags:Disaster Recovery Endpoint Security Mobile Security Network

LG Promises Three Years of OS Updates for Premium Android Smartphones

South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years.Currently owning less than two percent of the mobile phone market and constantly losing ground over the past year, LG on Monday revealed plans to exit the smartphone business starting this
Publish At:2021-04-09 11:04 | Read:141 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Risk Management Mobile &

Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?

NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development.Just 13 years after Google introduced the sandbox in Chrome touting "a new approach in browser security,” the company is now blaming the limitati
Publish At:2021-04-08 15:34 | Read:191 | Comments:0 | Tags:Cyberwarfare Endpoint Security Mobile Security NEWS & IN

Google Patches Critical Code Execution Vulnerability in Android

The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component.Tracked as CVE-2021-0430 and affecting Android 10 and 11, the code execution vulnerability is deemed critical severity. The bug was patched as part of the
Publish At:2021-04-07 08:22 | Read:157 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

VMware Patches Critical Flaw in Carbon Black Cloud Workload

A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface f
Publish At:2021-04-05 13:28 | Read:142 | Comments:0 | Tags:Cyberwarfare Endpoint Security Mobile Security NEWS & IN

Zimperium Collaborates with Oracle to Provide Mission Critical Mobile Security to Customers

Customers Offered Greater Visibility with Oracle Cloud Infrastructure Today, Zimperium –  a leader in enterprise mobile security and a member of Oracle PartnerNetwork (OPN) – announced that we are collaborating with Oracle to offer our mobile threat defense (MTD) solutions on Oracle Cloud Infrastructure (OCI). We are working together with Oracle
Publish At:2021-03-30 11:07 | Read:240 | Comments:0 | Tags:Mobile Security BYOD mobile attacks mobile devices Mobile se

How hackers are targeting your phone through Bluetooth

Bluetooth is an amazingly useful wireless technology built into almost every smartphone, tablet and laptop. We can use it to transfer files, play audio wirelessly, collect health data from wearable trackers and more. But like WiFi, Bluetooth is being targeted by hackers as a way to break into your devices and steal personal data. Because it is so useful, mos
Publish At:2021-03-29 05:24 | Read:247 | Comments:0 | Tags:Mobile News Security bluetooth Mobile Security security hack

Apple Patches Under-Attack iOS Zero-Day

Apple has shipped an urgent security update to fix a major security flaw affecting iPhone, iPad and Apple Watch devices alongside a warning that the vulnerability is being actively exploited in the wild.The new iOS 14.4.2 was released on Friday with yet another band-aid for Apple’s flagship iOS platform and the company said it was “aware of reports that an e
Publish At:2021-03-26 19:16 | Read:310 | Comments:0 | Tags:Cyberwarfare Endpoint Security Mobile Security Network Secur

5G Security Flaw Allows Data Access, DoS Attacks

A design flaw discovered in the architecture of 5G network slicing can allow malicious actors to access potentially sensitive data and launch denial-of-service (DoS) attacks, mobile network security company AdaptiveMobile Security warned this week.5G network slicing enables operators to provide different amounts of resources to different types of traffic — b
Publish At:2021-03-26 11:27 | Read:215 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Wireless Security Vulner

Severe Flaws in Facebook for WordPress Plugin

A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence.Formerly known as Official Facebook Pixel, the Facebook for WordPress plugin is used on more than 500,000 sites, allowing administrators t
Publish At:2021-03-26 11:27 | Read:171 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Email

Facebook Disrupts Chinese Spies Using iPhone, Android Malware

Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world.The hacking group, known to malware hunters as Evil Eye, has used Facebook to plant links to watering hole websites rigged with exploits for the two major mob
Publish At:2021-03-24 16:30 | Read:325 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Email

Firefox 87 Adds Stronger User Privacy Protections

Mozilla today announced the release of Firefox 87 in the stable channel fitted with a new intelligent tracker blocking mechanism.Called SmartBlock, the feature works in Firefox Private Browsing and Strict Mode and is meant to improve users’ browsing experience through fixing pages that Mozilla’s tracking protections break.Firefox has had a built-in Content B
Publish At:2021-03-23 17:05 | Read:220 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Email

Recently Patched Android Vulnerability Exploited in Attacks

Google has warned Android users that a recently patched vulnerability has been exploited in attacks.The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021.The vulnerability is a high-severity improper input validation issue affecting a display/graphics component from Qualcomm
Publish At:2021-03-23 09:17 | Read:151 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &