Tag: mobile
-
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-fixes-epmm-zero-days-chained-in-code-execution-attacks/
-
Ivanti Released Security Updates to Fix for the Mutiple RCE Vulnerabilities Patch Now
Ivanti, a leading enterprise software provider, has released critical security updates addressing vulnerabilities across several products, including Endpoint Manager Mobile (EPMM), Neurons for ITSM (on-premises), Cloud Services Application (CSA), and Neurons for MDM (N-MDM). These vulnerabilities, ranging from medium to critical severity, could allow attackers to execute remote code, gain administrative access, escalate privileges, or…
-
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a >>very limited
-
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a >>very limited
-
The rise of vCISO as a viable cybersecurity career path
Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, trainingDamon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…
-
What your browser knows about you, from contacts to card numbers
Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. Chrome: the most data-hungry browser … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/09/browser-data-collection-tracking/
-
SonicWall SMA 100 Series Critical Post-Authentication Vulnerabilities (CVE-2025-32819, CVE-2025-32820, CVE-2025-32821)
Summary On May 7, 2025, SonicWall and Rapid7 disclosed three vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 Series appliances, including models 200, 210, 400, First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/05/09/sonicwall-sma-100-series-critical-post-authentication-vulnerabilities-cve-2025-32819-cve-2025-32820-cve-2025-32821/
-
SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution.The vulnerabilities are listed below -CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path traversal checks…
-
The Subscription Society
In the quaint town of Everyville, USA, Sarah starts her day with a familiar routine. She wakes up in her rented apartment, checks her phone (leased through her mobile plan), and streams her favourite morning playlist on Spotify. As she sips her coffee, brewed from beans delivered monthly by a subscription service, Sarah reflects on……
-
SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-vpn-flaw-exploited-in-attacks/
-
Meta awarded $167m in court battle with spyware mercenaries
WhatsApp owner Meta is awarded millions of dollars in damages and compensation after its service was exploited by users of mercenary spyware developer NSO’s infamous Pegasus mobile malware. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623689/Meta-awarded-167m-in-court-battle-with-spyware-mercenaries
-
You’ll never guess which mobile browser is the worst for data collection
We were shocked SHOCKED by the answer First seen on theregister.com Jump to article: www.theregister.com/2025/05/07/mobile_browser_data_collection/
-
SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control
Tags: access, attack, authentication, control, cyber, cybersecurity, exploit, hacker, login, mobile, vulnerabilityCybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the >>SonicBoom Attack Chain,
-
Zimperiums Global Mobile Threat Report 2025: Mobilgeräte als bevorzugter Angriffsvektor Cyber-Krimineller
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/zimperium-global-mobile-threat-report-2025-mobilgeraete-bevorzugung-angriffsvektor-cyber-kriminelle
-
RSAC 2025: Top 5 mobile app risks revealed by half a million assessments
First seen on scworld.com Jump to article: www.scworld.com/news/rsac-2025-top-5-mobile-app-risks-revealed-by-half-a-million-assessments
-
Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/02/sonicwall-cve-2024-38475-cve-2023-44221-exploited/
-
Mobilgeräte bevorzugter Angriffsvektor für Cyberkriminelle
Die Sicherheit mobiler Geräte rückt zunehmend in den Fokus der Cybersicherheitsbranche. Der aktuelle ‘Global Mobile Threat Report 2025″ des Unternehmens Zimperium zeigt auf, dass mobile Endgeräte längst zum bevorzugten Ziel für Cyberangriffe geworden sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/mobilgeraete-angriffsvektor
-
Report Exposes Soft Security Underbelly of Mobile Computing
Zimperium, this week during the 2025 RSA Conference, shared an analysis of mobile computing environments that finds more than 60% of iOS and 34% of Android apps lack basic code protection, with nearly 60% of iOS and 43% of Android apps also vulnerable to leaking personally identifiable information (PII). First seen on securityboulevard.com Jump to…
-
SonicWall warns of more VPN flaws exploited in attacks
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/
-
Two SonicWall SMA100 flaws actively exploited in the wild
SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475, in its SMA100 Secure Mobile Access appliances. Below are the descriptions of the two flaws: >>During further analysis, SonicWall and trusted security partners identified an…
-
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.The vulnerabilities in question are listed below -CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to First seen…
-
SonicWall: SMA100 VPN vulnerabilities now exploited in attacks
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/
-
Mobile security is a frontline risk. Are you ready?
The mobile threat landscape has shifted. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. For … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/30/zimperium-2025-global-mobile-threat-report/
-
SK Telecom cyberattack: Free SIM replacements for 25 million customers
South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sk-telecom-cyberattack-free-sim-replacements-for-25-million-customers/
-
Google Reports 75 Zero-Days Exploited in 2024, 44% Targeted Enterprise Security Products
Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances.”Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third…
-
Best Tool for Mobile App Pentest in 2025
Your mobile application is not just any software. It is the face of a brand for some organizations, like e-commerce, and for some, it instills trust among its clients by bringing forth efficiency and accessibility, like BFSI. Moreover, with the growing number of mobile app users globally, it is projected to reach 7.49 billion by……
-
Half of Mobile Devices Run Outdated Operating Systems
50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/50-mobile-devices-run-outdated/

