Tag: mobile
-
Militärfunk: Motorola kauft Silvus für 4,4 Milliarden US-Dollar
Tags: mobileMotorola Solutions erwirbt einen US-Militärfunkausrüster mit 200 Beschäftigten und 100 Millionen US-Dollar Umsatz: Silvus Technologies mit Mobile Ad-Hoc Networking. First seen on golem.de Jump to article: www.golem.de/news/militaerfunk-motorola-kauft-silvus-fuer-4-4-milliarden-us-dollar-2505-196676.html
-
‘Secure email’: A losing battle CISOs must give up
End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
-
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud.The activity, first detected by ReliaQuest in May 2025 targeting an unnamed customer in the manufacturing sector, is characterized by the use of fake login pages to access the employee…
-
New Android Malware GhostSpy Grants Attackers Full Control Over Infected Devices
A chilling new Android malware, dubbed GhostSpy, has emerged as a significant threat to mobile security, according to a detailed report by CYFIRMA. This high-risk malware employs advanced evasion, persistence, and surveillance techniques to seize complete control over infected devices. With capabilities ranging from keylogging to bypassing banking app protections, GhostSpy poses a severe risk…
-
Ausgezeichnete Sicherheit für unterwegs: Miercom kürt Check Point Harmony Mobile
Tags: mobileHarmony Mobile ist Teil von Check Points Infinity-Architektur einer Plattform, die Unternehmen dabei unterstützt, ihre gesamte IT-Umgebung einheitlich und effektiv abzusichern. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ausgezeichnete-sicherheit-fuer-unterwegs-miercom-kuert-check-point-harmony-mobile/a40930/
-
Miercom zeichnet Harmony-Mobile von Check Point als führende Sicherheitslösung für mobile Endgeräte aus
Check Point Software Technologies hat die Ergebnisse eines unabhängigen Tests von Miercom veröffentlicht, in dem Harmony-Mobile als branchenführende Lösung für Mobile-Threat-Defense (MTD) ausgezeichnet wurde. Die 2025er Ausgabe der Studie bescheinigt Harmony-Mobile herausragende Schutzfähigkeiten gegen Handy-Bedrohungen sowie minimale Auswirkungen auf die Geräteleistung und eine besonders einfache Implementierung. Miercom führte umfassende und praxisnahe Angriffssimulationen durch, bei denen…
-
Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. These flaws, when chained together, allow unauthenticated remote code execution (RCE) on internet-facing systems, posing a severe risk to enterprise security. EclecticIQ analysts have confirmed active exploitation in the wild since the disclosure date, with…
-
Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
CVE-2025-4427 and CVE-2025-4428 the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/chinese-cyber-spies-are-using-ivanti-epmm-flaws-to-breach-eu-us-organizations/
-
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Tags: breach, china, endpoint, exploit, flaw, government, hacker, ivanti, mobile, remote-code-executionChinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-epmm-flaw-exploited-by-chinese-hackers-to-breach-govt-agencies/
-
SHARED INTEL QA: Visibility, not volume, reframing detection for the AI-enabled SOC
For years, network security has revolved around the perimeter: firewalls, antivirus, endpoint controls. But as attackers grow more sophisticated, and as operations scatter to the cloud, mobile, and IoT, it’s increasingly what happens inside the network that counts.”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/shared-intel-qa-visibility-not-volume-reframing-detection-for-the-ai-enabled-soc/
-
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region.The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary…
-
Wyden: ATT, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
Sen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/21/wyden-att-t-mobile-and-verizon-werent-notifying-senators-of-surveillance-requests/
-
Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security
A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party JavaScript to deliver a Chinese adult-content Progressive Web App (PWA) scam. This attack, which redirects users to sites like hxxps://xjdm166[.]com, leverages the unique capabilities of PWAs to retain users longer and evade traditional browser security mechanisms. Unlike typical phishing attempts, this…
-
Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees
ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate payroll fraud against a manufacturing sector customer. This deceptive strategy involves crafting fake authentication portals that mirror legitimate organizational login pages, manipulating search engine results to rank these malicious sites at the top. Unsuspecting employees, searching for payroll portals on mobile…
-
Künstliche Intelligenz verändert Spielregeln mobile Geräte jetzt Hauptangriffsziel
Mit Homeoffice und BYOD rücken Smartphones Tablets und allgemein vernetzte Geräte ins Zentrum der Cyberbedrohung. Die Vielfalt ihrer Anwendungen, Portabilität und Fragmentierung machen sie zum Sicherheitsrisiko Nummer eins im modernen Arbeitsalltag. Doch wie sollen Unternehmen nun ihre Sicherheitsstrategie ausrichten? First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/kuenstliche-intelligenz-veraendert-spielregeln-mobile-geraete-jetzt-hauptangriffsziel/
-
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Tags: attack, authentication, cyber, endpoint, flaw, ivanti, mobile, rce, remote-code-execution, vulnerability, zero-dayIvanti’s Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused. The vulnerabilities, initially disclosed by Ivanti on March 13th, 2025, combine an authentication bypass (CVE-2025-4427) and a remote code execution flaw (CVE-2025-4428) to create a critical attack vector that allows unauthenticated attackers to execute arbitrary code on vulnerable systems. While…
-
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam.”While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out,” c/side researcher Himanshu Anand said in a Tuesday analysis.”The malicious landing…
-
Ivanti EPMM Bugs Combine for Unauthenticated RCE in the Wild
Summary On March 13, Ivanti disclosed two vulnerabilities which a ect their on-premise Endpoint Manager Mobile product: CVE-2025-4427 (an authentication bypass) and CVE-2025-4428 (an authenticated First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/05/21/ivanti-epmm-bugs-combine-for-unauthenticated-rce-in-the-wild/
-
SK Telecom revealed that malware breach began in 2022
South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its…
-
Mobile carrier Cellcom confirms cyberattack behind extended outages
Wisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May 14, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mobile-carrier-cellcom-confirms-cyberattack-behind-extended-outages/
-
Virgin Media 02 Vuln Exposes Call Recipient Location
A hacker exploiting the security flaw in the mobile provider’s network could have potentially located a call recipient with accuracy of up to 100 square meters. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/virgin-media-02-call-recipient-location
-
CISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV Catalog
Tags: authentication, cisa, cve, cyber, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, open-source, remote-code-execution, vulnerability, zero-dayCybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The flaws CVE-2025-4427 and CVE-2025-4428 enable authentication bypass and remote code execution, respectively, and stem from insecure implementations of widely used open-source…
-
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/o2-uk-patches-bug-leaking-mobile-user-location-from-call-metadata/
-
RSA 2025: AI’s Promise vs. Security’s Past”Š”, “ŠA Reality Check”
Tags: ai, automation, cloud, conference, cyberattack, cybersecurity, data, detection, edr, endpoint, infrastructure, mobile, resilience, soar, tool, update, windows, zero-trustRSA 2025: AI’s Promise vs. Security’s Past”Š”, “ŠA Reality Check Ah, RSA. That yearly theater (Carnival? Circus? Orgy? Got any better synonyms, Gemini?) of 44,000 people vaguely (hi salespeople!) related to cybersecurity “¦ where the air is thick with buzzwords and the vendor halls echo with promises of a massive revolution”Š”, “Ševery year. Gemini imagines RSA 2025 (very tame!)…
-
Ivanti Fixes RCE and Auth Bypass Vulnerabilities in Endpoint Manager Mobile
Tags: cve, endpoint, exploit, ivanti, mobile, rce, remote-code-execution, risk, software, vulnerabilityIvanti has released security patches to address two vulnerabilities in its Endpoint Manager Mobile (EPMM) software, which were being actively exploited in limited attacks. These vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, have the potential to allow attackers to execute remote code on vulnerable systems, posing a severe risk to organizations using the software. First seen…
-
Android Enterprise Launches Device Trust For Enhanced Security
Android Enterprise introduced Device Trust to enhance mobile security on Android devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-enterprise-launches-device/
-
Russian internet shutdown that disrupted essential services condemned by rights groups
Russian authorities restricted mobile internet access from May 5 to May 9, citing security concerns related to the preparation and celebration of the Victory Day parade in Moscow. First seen on therecord.media Jump to article: therecord.media/russian-internet-shutdown-condemned-by-rights-groups
-
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
Tags: access, attack, authentication, credentials, cve, endpoint, exploit, flaw, ivanti, mobile, remote-code-execution, software, update, vulnerabilityIvanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.The vulnerabilities in question are listed below -CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials…
-
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution
Tags: access, advisory, api, attack, authentication, cve, endpoint, exploit, flaw, ivanti, mobile, open-source, programming, rce, remote-code-execution, software, vulnerability, waf, zero-dayRemote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks Background On May 13, Ivanti released a security advisory to address a high severity remote code execution (RCE) and a medium severity authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM) product, a…

