Dennis Fisher and Mike Mimoso discuss the Apple OSX and iOS patches, the continuing OpenSSL Heartbleed soap opera and the Verizon DBIR report.
Browsing Category: Mobile Security
The emergence of mobile platforms such as iOS and Android have presented a number of challenges in terms of security. Not much can be done about some of these, like users leaving their phones in bars. But engineers at Google have been working on one of the thornier ones of late–how to provide solid encryption[…]
Developers who produce apps intended for use on internal networks at government agencies are getting a vetting process of their own called AppVet.
Apple has fixed a serious security flaw that’s present in many versions of both iOS and OSX and could allow an attacker to intercept data on SSL connections.
Researchers published a video this week demonstrating that Samsung’s latest entry in the smartphone arena, the Galaxy S5, is vulnerable to a hack that as crude as may seem involves lifting and copying fingerprints to trick the phone’s sensor.
Facebook’s acquisition of WhatsApp was approved by the Federal Trade Commission late last week, but not without a stern privacy-related warning from the agency.
A security vulnerability in Adobe Reader for Android could give an attacker the ability to execute arbitrary code.
Google is adding a new security feature to Android designed to scan installed apps on a device and ensure that they’re not acting maliciously or taking unwanted actions. The system is built on Google’s existing app-verification model, which warns users if there’s a potential problem with an app they’re installing. The addition to Android’s security[…]
BlackBerry’s Security Incident Response Team (BBSIRT) today released a security advisory resolving a remote code execution vulnerability in BlackBerry 10.
The BEAST attack on some TLS implementations made major news when it was disclosed, showing that attackers could intercept and decrypt SSL-protected sessions in real time, breaking a significant portion of the confidentiality model of the protocol. Vendors rushed to patch and implement mitigations. That was in 2011. Nearly three years later, Siemens is pushing[…]