Tag: mobile
-
Two SonicWall SMA100 flaws actively exploited in the wild
SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475, in its SMA100 Secure Mobile Access appliances. Below are the descriptions of the two flaws: >>During further analysis, SonicWall and trusted security partners identified an…
-
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.The vulnerabilities in question are listed below -CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to First seen…
-
SonicWall: SMA100 VPN vulnerabilities now exploited in attacks
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/
-
Mobile security is a frontline risk. Are you ready?
The mobile threat landscape has shifted. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. For … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/30/zimperium-2025-global-mobile-threat-report/
-
SK Telecom cyberattack: Free SIM replacements for 25 million customers
South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sk-telecom-cyberattack-free-sim-replacements-for-25-million-customers/
-
Google Reports 75 Zero-Days Exploited in 2024, 44% Targeted Enterprise Security Products
Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances.”Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third…
-
Best Tool for Mobile App Pentest in 2025
Your mobile application is not just any software. It is the face of a brand for some organizations, like e-commerce, and for some, it instills trust among its clients by bringing forth efficiency and accessibility, like BFSI. Moreover, with the growing number of mobile app users globally, it is projected to reach 7.49 billion by……
-
Half of Mobile Devices Run Outdated Operating Systems
50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/50-mobile-devices-run-outdated/
-
New iOS Vulnerability Could Brick iPhones with Just One Line of Code
A security researcher has uncovered a critical vulnerability in iOS, Apple’s flagship mobile operating system. The flaw, CVE-2025-24091, which leverages the long-standing but little-known >>Darwin notification
-
African multinational telco giant MTN Group disclosed a data breach
African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East.…
-
Mobile provider MTN says cyberattack compromised customer data
African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mobile-provider-mtn-says-cyberattack-compromised-customer-data/
-
Hackers access sensitive SIM card data at South Korea’s largest telecoms company
Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customers’ SIM cards. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-access-sensitive-sim-card-data-at-south-koreas-largest-telecoms-company
-
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma-vpn-devices-targeted-in-attacks-since-january/
-
Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/sonicwall-sma100-vulnerability-exploited-by-attackers-cve-2021-20035/
-
Report Warns US Allies Are Using Chinese-Owned Mobile Routes
Researchers Say Chinese Mobile Route Firms Dominate Global Interconnect Industry. A report warns U.S. allies and countries across the globe are using Chinese-owned and controlled mobile routing firms in a move that could risk national security interests and potentially expose billions of users to passive and active surveillance from Beijing. First seen on govinfosecurity.com Jump…
-
Enterprise mobile apps riddled with sloppy data security
First seen on scworld.com Jump to article: www.scworld.com/news/enterprise-mobile-apps-riddled-with-sloppy-data-security
-
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
A comprehensive study by zLabs, the research team at Zimperium, has found that over 43% of the top 100 mobile applications used in business environments contain severe vulnerabilities that expose sensitive data to potential hackers. This finding underscores the urgent need for enterprises to reassess their app vetting processes and enhance security measures to protect…
-
Mobile Security Emerging Risks in the BYOD Era
The rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling employees to use personal smartphones, tablets, and laptops for professional tasks. While this shift reduces hardware costs and supports hybrid work models, it introduces complex security challenges. Cybercriminals increasingly target personal devices as gateways to corporate networks, exploiting vulnerabilities in fragmented…
-
35 countries use Chinese networks for transporting mobile user traffic, posing cyber risks
An analysis from iVerify found U.S. allies on the list where mobile providers employ China-based networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/35-countries-use-chinese-networks-for-transporting-mobile-user-traffic-posing-cyber-risks/
-
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tags-sonicwall-vpn-flaw-as-actively-exploited-in-attacks/
-
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
Tags: access, cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection First seen…
-
CISA Issues Alert on SonicWall Flaw Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability. The flaw, documented as CVE-2021-20035, targets SonicWall’s SMA100 series appliances and has been added to CISA’s Known Exploited Vulnerabilities Catalog. Overview of the Vulnerability This particular vulnerability lies within the SonicWall Secure Mobile Access (SMA)…
-
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cloud-cryptography-flaws-mobile-apps-expose-enterprise-data
-
92% of Mobile Apps Found to Use Insecure Cryptographic Methods
Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/92-mobile-apps-insecure/
-
Tycoon 2FA phishing kit adds stealth, expands to mobile devices
First seen on scworld.com Jump to article: www.scworld.com/news/tycoon-2fa-phishing-kit-adds-stealth-expands-to-mobile-devices
-
South African telecom provider Cell C disclosed a data breach following a cyberattack
Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Cell C is the fourth-largest mobile network operator in South Africa, ,after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and…
-
iOS devices face twice the phishing attacks of Android
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/11/mobile-cybersecurity-challenges/
-
Malicious ‘mParivahan’ App Circulates on WhatsApp, Skimming Sensitive Mobile Data
A new variant of the fake NextGen mParivahan app has emerged, exploiting the trust users place in official government notifications to distribute malware. This malicious software is distributed through seemingly legitimate traffic violation alerts via WhatsApp, luring victims into installing what they believe is the official app. Infection Vector and Deceptive Tactics The malware spreads…
-
South African telecom provider serving 7.7 million confirms data leak following cyberattack
South Africa’s fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year. First seen on therecord.media Jump to article: therecord.media/south-african-telecom-provider-discloses-data-breach-ransomware