Cybersecurity, Information Security and Mobile

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers.

Information Security

Information Security Mobile Manufacturing Encryption

Mobile virtual network operator Mint Mobile discloses a data breach

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Mobile

Mobile Data breaches Wireless Data collection

Ukraine President enforces Information Security Strategy

CyberSecurity Insiders

DECEMBER 29, 2021

Amid extreme concerns related to cyber warfare from Russia, Ukraine’s President Volodymyr Zelensky announced a new information security strategy policy was launched and came into effect early this week. The post Ukraine President enforces Information Security Strategy appeared first on Cybersecurity Insiders.

Information Security

Information Security Cryptocurrency Scams Cyber Attacks

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. Los Angeles-based electric car-sharing provider Blink Mobility left a misconfigured MongoDB database open to the public.

Mobile

Mobile Identity Theft Passwords Phishing

Rethinking the Status Quo of Mobile App Security

Security Boulevard

APRIL 19, 2023

Most executives view mobile applications as a crucial component of their organization’s business strategy. Mobile apps help companies generate revenue, engage with customers and create new business opportunities. The post Rethinking the Status Quo of Mobile App Security appeared first on Security Boulevard.

Mobile

Mobile Accountability CISO Information Security

Attackers can discover IP address by sending a link over the Skype mobile app

Security Affairs

AUGUST 28, 2023

A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The problem only impacts the Skype mobile app.

Mobile

Mobile Media VPN Risk

Google announced its Mobile VRP (vulnerability rewards program)

Security Affairs

MAY 23, 2023

Google introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities in its mobile applications. Google announced a new bug bounty program, named Mobile VRP (vulnerability rewards program), that covers its mobile applications. We are in the final!

Mobile

Mobile Hacking Accountability Cybersecurity

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has disclosed a data breach exposing customers’ account’s information. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Data breaches

Data breaches Mobile Telecommunications Wireless

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

Security Affairs

JULY 30, 2023

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. “A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.” ” reads the advisory published by the company.

Mobile

Mobile Authentication Software Government

Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited

Security Affairs

OCTOBER 26, 2022

Cisco warns of active exploitation attempts targeting two vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows. Cisco is warning of exploitation attempts targeting two security flaws, tracked as CVE-2020-3153 (CVSS score: 6.5) Both vulnerabilities are dated 2020 and are now patched. Pierluigi Paganini.

Mobile

Mobile Authentication Hacking Risk

T-Mobile confirms Lapsus$ had access its systems

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that LAPSUS$ extortion gang gained access to its networks. ” LAPSUS$ leader White/Lapsus Jobs looking up the Department of Defense in T-Mobile’s internal Atlas system.

Mobile

Mobile VPN Social Engineering Telecommunications

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States.

Mobile

Mobile Data breaches Telecommunications Passwords

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Security Affairs

DECEMBER 5, 2022

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. Later, cybercriminals successfully applied the same approach to mobile devices, because modern digital payments are extremely interconnected when it comes to mobile applications used by consumers. .

Mobile

Mobile Malware Banking Retail

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs

AUGUST 11, 2020

A researcher found multiple flaws in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. ” reads the report published by the security firm. The [Find My Mobile] application should not have arbitrary components publicly available and in an exported state.

Mobile

Mobile Hacking Advertising Cybersecurity

Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Security Affairs

JULY 10, 2023

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution.

Mobile

Mobile Banking Firmware Software

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. The company declared that it is not aware of abuses of the exposed information.

Mobile

Mobile Data breaches Telecommunications Wireless

JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. According to a US CISA advisory, the successful exploitation of these flaws could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.

Mobile

Mobile Hacking Firmware Surveillance

T-Mobile discloses data breach affecting prepaid wireless customers

Security Affairs

NOVEMBER 22, 2019

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident. The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. Pierluigi Paganini.

Wireless

Wireless Data breaches Mobile Telecommunications

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

A threat actor is offering a database apparently belonging to Pakistan’s leading telecom service, it includes data of 44 Million Pakistani mobile users. – Database contains information such as names, addresses, phone numbers, national IDs, and more on over 44,000,000 Pakistanis. Pierluigi Paganini.

Mobile

Mobile Telecommunications Data breaches Advertising

Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity?

Security Boulevard

APRIL 3, 2022

This week we battle it out between the two mobile tech giants, Google Android vs Apple iOS, and discuss which one is better for your privacy and cybersecurity. The post Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity? The post Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity?

Cybersecurity

Cybersecurity Scams Mobile Encryption

Blackhawk Network Expands Security and Technology Team with Addition of Selim Aissi as New Chief Information Security Officer

CyberSecurity Insiders

JANUARY 11, 2022

.–( BUSINESS WIRE )– Blackhawk Network , a global financial technology company and a leader in payment technologies and solutions, today announced veteran information security executive, Selim Aissi, has been named its Chief Information Security Officer. About Blackhawk Network.

Information Security

Information Security Technology CISO Engineering

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. “The GTP protocol contains a number of vulnerabilities threatening both mobile operators and their clients. ” reads the report published by the experts.

Mobile

Mobile Internet Internet Wireless

DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’

Security Boulevard

DECEMBER 10, 2023

Permalink The post DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Mobile

Mobile Architecture Education Information Security

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

The Last Watchdog

JANUARY 9, 2024

Augmented reality (AR) and virtual reality (VR) technologies provide intriguing opportunities for immersive and interactive experiences in cybersecurity training. Related: GenAI’ impact on DevSecOps Here’s how these technologies can bridge learning gaps in cybersecurity awareness and enhance the overall training experience.

Technology

Technology Cybersecurity Risk Mobile

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

In addition, educating employees about cybersecurity issues can help to reinforce the security-minded culture of the organization and change employee behaviour. One of the best ways to increase employee security awareness is to provide frequent training and communication about the risks of phishing and other cyberattacks.

Passwords

Passwords Security Awareness Data breaches Cybersecurity

SecurityAffairs Top 10 cybersecurity posts of 2022

Security Affairs

JANUARY 2, 2023

These are the most-read cybersecurity articles that have been published by SecurtiyAffairs in 2022. In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Pierluigi Paganini.

Cybersecurity

Cybersecurity Firewall Banking Hacking

Venafi Wins 2021 CyberSecurity Breakthrough Awards

CyberSecurity Insiders

OCTOBER 1, 2021

SALT LAKE CITY–( BUSINESS WIRE )– Venafi , the inventor and leading provider of machine identity management, today announced that the company’s Trust Protection Platform won the “Identity Management Platform of the Year” award in the 2021 CyberSecurity Breakthrough Awards. For more information, visit: www.venafi.com.

Cybersecurity

Cybersecurity Digital transformation IoT Marketing

Poll Data: What CEOs Need to Know About Cybersecurity Going into 2022

CyberSecurity Insiders

DECEMBER 6, 2021

Like years past, 2021 revealed more of the same for the cybersecurity industry—more breaches, bigger ransomware attacks, higher stakes. These attacks received global attention and spotlighted the need for even more attention on cybersecurity best practices. Understand cybersecurity impacts your bottom line.

Cybersecurity

Cybersecurity Ransomware Security Awareness Technology

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

The audit conducted by NASA’s inspector general revealed that the agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a 39,000 Tb of data. NASA lacked an Agency-wide risk management framework for information security and an information security architecture.

Information Security

Information Security Cyber Attacks Mobile Architecture

A Unique Cybersecurity Career Path: From Journalism to Cisco

Cisco Security

JULY 22, 2022

But after several stints at communications agencies, she charted a new path for herself in cybersecurity. Not only has her diverse background served as a strength in her current role as senior manager for strategy and operations, but it’s also informed her management philosophy. Road to Cybersecurity.

Cybersecurity

Cybersecurity Engineering Education Mobile

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. What used to be a focus on physical safety has now shifted to cybersecurity due to the widened attack surface that connected cars present.

Malware

Malware Manufacturing IoT Software

A Cybersecurity Conversation with Vince Moore – Senior Network Engineer at OPSWAT

CyberSecurity Insiders

JANUARY 16, 2022

OPSWAT is a global leader in IT, OT and ICS critical infrastructure cybersecurity solutions. Before entering the computer networking field, Vince utilized his degree in physical therapy while working in acute care and skilled nursing facilities helping patients regain their mobility and independence. Vince is an avid traveler.

Engineering

Engineering Cybersecurity Energy and Utilities Software

U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082

Security Affairs

JANUARY 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM flaw CVE-2023-35082 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Ivanti EPMM flaw CVE-2023-35082 (CVSS score: 9.8) and below).

Mobile

Mobile Internet Internet Hacking

Tufin Named Policy Management Solution of the Year by CyberSecurity Breakthrough Awards

CyberSecurity Insiders

OCTOBER 23, 2021

BOSTON–( BUSINESS WIRE )– Tufin® (NYSE: TUFN), a company pioneering a policy-centric approach to security and IT operations, today announced that it was recognized as “ Policy Management Solution of the Year ” by the fifth annual CyberSecurity Breakthrough Awards. About CyberSecurity Breakthrough.

Cybersecurity

Cybersecurity Threat Detection Firewall Marketing

Security BSides Dublin 2021 – Kirill Efimov’s ‘The Case Of Malicious Advertisement SDK Affecting Thousands Of Mobile Apps’

Security Boulevard

FEBRUARY 3, 2022

The post Security BSides Dublin 2021 – Kirill Efimov’s ‘The Case Of Malicious Advertisement SDK Affecting Thousands Of Mobile Apps’ appeared first on Security Boulevard. Just a month and a half away.

Advertising

Advertising Mobile Education InfoSec

A flaw in the Kyocera Android printing app can be abused to drop malware

Security Affairs

APRIL 13, 2023

“Multiple mobile printing apps for Android are vulnerable to improper intent handling ( CWE-668 ).” According to the company, its Mobile Print’s application class allows data transmission from malicious third-party mobile apps, which could allow downloading of malicious payloads.

Malware

Malware Mobile Education Media

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Security Affairs

MARCH 29, 2024

The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023. Hot Topic revealed that after detecting the suspicious activity, they launched an investigation with the help of outside cybersecurity experts.

Accountability

Accountability Mobile Passwords Authentication

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 1, 2023

US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. The vulnerability is an authentication bypass issue impacting Ivanti Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core).

Mobile

Mobile Authentication Government Risk

9 Myths Busted About Having a Career in Cybersecurity [Women Don’t Read]

Jane Frankland

JULY 13, 2020

Last year, the world’s largest non-profit membership association of certified cybersecurity professionals, (ISC)², announced the findings of its Cybersecurity Workforce Study. The latest figures depict a shortage of cybersecurity professionals at a time when protecting the world’s operating systems has never been as important.

Cybersecurity

Cybersecurity Government Engineering Technology

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

MARCH 4, 2024

literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole sensitive information from the company, including military and government documents, revealed Taiwan’s Defense Ministry. “The

Hacking

Hacking Government Cyber threats Cyber Attacks

Onfido Wins “Fraud Prevention Innovation of the Year” in the 2021 CyberSecurity Breakthrough Awards

CyberSecurity Insiders

OCTOBER 2, 2021

The company won “Fraud Prevention Innovation of the Year” at the 2021 CyberSecurity Breakthrough Awards , an awards program that recognizes the world’s best information security companies, products, and people. About CyberSecurity Breakthrough Awards. For more information visit [link].

Cybersecurity

Cybersecurity Artificial Intelligence Digital transformation Threat Detection

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

Security Affairs

MARCH 26, 2022

. “The Federal Communications Commission’s Public Safety and Homeland Security Bureau today added equipment and services from three entities – AO Kaspersky Lab, China Telecom (Americas) Corp, and China Mobile International USA Inc. – International telecommunications services provided by China Mobile International USA Inc.

Risk

Risk Telecommunications Mobile Antivirus

Android pre-installed apps are affected by high-severity vulnerabilities

Security Affairs

MAY 27, 2022

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. We worked with mce Systems , the developer of the framework, and the affected mobile service providers to solve these issues.” ” reads the post published by Microsoft. ” concludes the report.

Mobile

Mobile Hacking Cybersecurity Information Security

CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JULY 3, 2023

US Cybersecurity and Infrastructure Security Agency (CISA) added six Samsung and two D-Link vulnerabilities to its Known Exploited Vulnerabilities Catalog. US CISA added actively exploited Samsung and D-Link vulnerabilities to its Known Exploited Vulnerabilities catalog.

Mobile

Mobile IoT Hacking Risk

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Mobile virtual network operator Mint Mobile discloses a data breach

Webinars

Trending Sources

Ukraine President enforces Information Security Strategy

Webinars

Data leak exposes users of car-sharing service Blink Mobility

Rethinking the Status Quo of Mobile App Security

Attackers can discover IP address by sending a link over the Skype mobile app

Google announced its Mobile VRP (vulnerability rewards program)

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited

T-Mobile confirms Lapsus$ had access its systems

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Hackers gained access to T-Mobile customers and employee personal info

JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals

T-Mobile discloses data breach affecting prepaid wireless customers

Data belonging 44 Million Pakistani mobile users leaked online

Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity?

Blackhawk Network Expands Security and Technology Team with Addition of Selim Aissi as New Chief Information Security Officer

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

SecurityAffairs Top 10 cybersecurity posts of 2022

Venafi Wins 2021 CyberSecurity Breakthrough Awards

Poll Data: What CEOs Need to Know About Cybersecurity Going into 2022

NASA identified 1,785 cyber incidents in 2020

A Unique Cybersecurity Career Path: From Journalism to Cisco

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

A Cybersecurity Conversation with Vince Moore – Senior Network Engineer at OPSWAT

U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082

Tufin Named Policy Management Solution of the Year by CyberSecurity Breakthrough Awards

Security BSides Dublin 2021 – Kirill Efimov’s ‘The Case Of Malicious Advertisement SDK Affecting Thousands Of Mobile Apps’

A flaw in the Kyocera Android printing app can be abused to drop malware

American fast-fashion firm Hot Topic hit by credential stuffing attacks

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

9 Myths Busted About Having a Career in Cybersecurity [Women Don’t Read]

Threat actors hacked Taiwan-based Chunghwa Telecom

Onfido Wins “Fraud Prevention Innovation of the Year” in the 2021 CyberSecurity Breakthrough Awards

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

Android pre-installed apps are affected by high-severity vulnerabilities

CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog

Stay Connected