Tag: mobile
-
KnowBe4 gibt praktische Tipps für den Datenschutz in der Urlaubszeit
Ob Phishing-Mails im Urlaubslook, unsichere WLAN-Verbindungen oder anfällige mobile Geräte: Die Bedrohungslage für Reisende hat sich weiterentwickelt. Umso wichtiger ist es, vorbereitet zu sein. KnowBe4 gibt sieben einfache, aber wirkungsvolle Empfehlungen, wie man sich und seine Daten auf Reisen schützen kann: First seen on infopoint-security.de Jump to article: www.infopoint-security.de/knowbe4-gibt-praktische-tipps-fuer-den-datenschutz-in-der-urlaubszeit/a40980/
-
Top Cloud Vulnerabilities in Fintech and How to Fix Them
Tags: banking, cloud, computing, cyber, finance, fintech, international, mobile, service, technology, threat, vulnerabilityFor financial technology (FinTech) organizations, cloud security is both a top priority and a significant concern, as highlighted by a study conducted by McKinsey and the Institute of International Finance (IIF). FinTech companies increasingly rely on cloud computing to power services such as mobile banking, digital payments, and investment platforms. However, as cyber threats grow……
-
Krankenhaus-Betreiber in Großbritannien von Cyberangriff auf Mobile Device Management betroffen
Cyber security incident at UCLH First seen on uclh.nhs.uk Jump to article: www.uclh.nhs.uk/news/cyber-incident-uclh-may2025
-
Krankenhaus-Betreiber in Großbritannien von Cyberangriff auf Mobile Device Management betroffen
Two NHS trusts hit by cyberattack First seen on computing.co.uk Jump to article: www.computing.co.uk/news/2025/security/two-nhs-trusts-hit-by-cyberattack
-
New ChoiceJacking Exploit Targets Android and iOS via Infected Charging Ports
A team of cybersecurity researchers from the Institute of Information Security and A-SIT Secure Information Technology Centre Austria has unveiled a new class of USB-based attacks on mobile devices, dubbed “ChoiceJacking.” This attack revives and surpasses the notorious “juice jacking” threat from a decade ago, which prompted Apple and Google to introduce user confirmation prompts…
-
Your Mobile Apps May Not Be as Secure as You Think”¦ FireTail Blog
Tags: access, ai, android, api, authentication, banking, best-practice, cloud, control, cyber, cybersecurity, data, encryption, finance, leak, mobile, password, phone, risk, threat, vulnerabilityMay 28, 2025 – Lina Romero – Your Mobile Apps May Not Be as Secure as You Think”¦ Excerpt: Cybersecurity risks are too close for comfort. Recent data from the Global Mobile Threat Report reveals that our mobile phone applications are most likely exposing our data due to insecure practices such as API key hardcoding.…
-
Cellcom Restores Regional Mobile Services After Cyberattack
Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cellcom-restores-regional-mobile-services-cyberattack
-
Militärfunk: Motorola kauft Silvus für 4,4 Milliarden US-Dollar
Tags: mobileMotorola Solutions erwirbt einen US-Militärfunkausrüster mit 200 Beschäftigten und 100 Millionen US-Dollar Umsatz: Silvus Technologies mit Mobile Ad-Hoc Networking. First seen on golem.de Jump to article: www.golem.de/news/militaerfunk-motorola-kauft-silvus-fuer-4-4-milliarden-us-dollar-2505-196676.html
-
‘Secure email’: A losing battle CISOs must give up
End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
-
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud.The activity, first detected by ReliaQuest in May 2025 targeting an unnamed customer in the manufacturing sector, is characterized by the use of fake login pages to access the employee…
-
New Android Malware GhostSpy Grants Attackers Full Control Over Infected Devices
A chilling new Android malware, dubbed GhostSpy, has emerged as a significant threat to mobile security, according to a detailed report by CYFIRMA. This high-risk malware employs advanced evasion, persistence, and surveillance techniques to seize complete control over infected devices. With capabilities ranging from keylogging to bypassing banking app protections, GhostSpy poses a severe risk…
-
Ausgezeichnete Sicherheit für unterwegs: Miercom kürt Check Point Harmony Mobile
Tags: mobileHarmony Mobile ist Teil von Check Points Infinity-Architektur einer Plattform, die Unternehmen dabei unterstützt, ihre gesamte IT-Umgebung einheitlich und effektiv abzusichern. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ausgezeichnete-sicherheit-fuer-unterwegs-miercom-kuert-check-point-harmony-mobile/a40930/
-
Miercom zeichnet Harmony-Mobile von Check Point als führende Sicherheitslösung für mobile Endgeräte aus
Check Point Software Technologies hat die Ergebnisse eines unabhängigen Tests von Miercom veröffentlicht, in dem Harmony-Mobile als branchenführende Lösung für Mobile-Threat-Defense (MTD) ausgezeichnet wurde. Die 2025er Ausgabe der Studie bescheinigt Harmony-Mobile herausragende Schutzfähigkeiten gegen Handy-Bedrohungen sowie minimale Auswirkungen auf die Geräteleistung und eine besonders einfache Implementierung. Miercom führte umfassende und praxisnahe Angriffssimulationen durch, bei denen…
-
Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. These flaws, when chained together, allow unauthenticated remote code execution (RCE) on internet-facing systems, posing a severe risk to enterprise security. EclecticIQ analysts have confirmed active exploitation in the wild since the disclosure date, with…
-
Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
CVE-2025-4427 and CVE-2025-4428 the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/chinese-cyber-spies-are-using-ivanti-epmm-flaws-to-breach-eu-us-organizations/
-
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Tags: breach, china, endpoint, exploit, flaw, government, hacker, ivanti, mobile, remote-code-executionChinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-epmm-flaw-exploited-by-chinese-hackers-to-breach-govt-agencies/
-
SHARED INTEL QA: Visibility, not volume, reframing detection for the AI-enabled SOC
For years, network security has revolved around the perimeter: firewalls, antivirus, endpoint controls. But as attackers grow more sophisticated, and as operations scatter to the cloud, mobile, and IoT, it’s increasingly what happens inside the network that counts.”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/shared-intel-qa-visibility-not-volume-reframing-detection-for-the-ai-enabled-soc/
-
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region.The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary…
-
Wyden: ATT, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
Sen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/21/wyden-att-t-mobile-and-verizon-werent-notifying-senators-of-surveillance-requests/
-
Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security
A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party JavaScript to deliver a Chinese adult-content Progressive Web App (PWA) scam. This attack, which redirects users to sites like hxxps://xjdm166[.]com, leverages the unique capabilities of PWAs to retain users longer and evade traditional browser security mechanisms. Unlike typical phishing attempts, this…
-
Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees
ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate payroll fraud against a manufacturing sector customer. This deceptive strategy involves crafting fake authentication portals that mirror legitimate organizational login pages, manipulating search engine results to rank these malicious sites at the top. Unsuspecting employees, searching for payroll portals on mobile…
-
Künstliche Intelligenz verändert Spielregeln mobile Geräte jetzt Hauptangriffsziel
Mit Homeoffice und BYOD rücken Smartphones Tablets und allgemein vernetzte Geräte ins Zentrum der Cyberbedrohung. Die Vielfalt ihrer Anwendungen, Portabilität und Fragmentierung machen sie zum Sicherheitsrisiko Nummer eins im modernen Arbeitsalltag. Doch wie sollen Unternehmen nun ihre Sicherheitsstrategie ausrichten? First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/kuenstliche-intelligenz-veraendert-spielregeln-mobile-geraete-jetzt-hauptangriffsziel/
-
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Tags: attack, authentication, cyber, endpoint, flaw, ivanti, mobile, rce, remote-code-execution, vulnerability, zero-dayIvanti’s Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused. The vulnerabilities, initially disclosed by Ivanti on March 13th, 2025, combine an authentication bypass (CVE-2025-4427) and a remote code execution flaw (CVE-2025-4428) to create a critical attack vector that allows unauthenticated attackers to execute arbitrary code on vulnerable systems. While…
-
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam.”While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out,” c/side researcher Himanshu Anand said in a Tuesday analysis.”The malicious landing…
-
Ivanti EPMM Bugs Combine for Unauthenticated RCE in the Wild
Summary On March 13, Ivanti disclosed two vulnerabilities which a ect their on-premise Endpoint Manager Mobile product: CVE-2025-4427 (an authentication bypass) and CVE-2025-4428 (an authenticated First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/05/21/ivanti-epmm-bugs-combine-for-unauthenticated-rce-in-the-wild/
-
SK Telecom revealed that malware breach began in 2022
South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its…
-
Mobile carrier Cellcom confirms cyberattack behind extended outages
Wisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May 14, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mobile-carrier-cellcom-confirms-cyberattack-behind-extended-outages/
-
Virgin Media 02 Vuln Exposes Call Recipient Location
A hacker exploiting the security flaw in the mobile provider’s network could have potentially located a call recipient with accuracy of up to 100 square meters. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/virgin-media-02-call-recipient-location