Tag: mobile
-
New iOS Vulnerability Could Brick iPhones with Just One Line of Code
A security researcher has uncovered a critical vulnerability in iOS, Apple’s flagship mobile operating system. The flaw, CVE-2025-24091, which leverages the long-standing but little-known >>Darwin notification
-
African multinational telco giant MTN Group disclosed a data breach
African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East.…
-
Mobile provider MTN says cyberattack compromised customer data
African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mobile-provider-mtn-says-cyberattack-compromised-customer-data/
-
Hackers access sensitive SIM card data at South Korea’s largest telecoms company
Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customers’ SIM cards. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-access-sensitive-sim-card-data-at-south-koreas-largest-telecoms-company
-
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma-vpn-devices-targeted-in-attacks-since-january/
-
Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/sonicwall-sma100-vulnerability-exploited-by-attackers-cve-2021-20035/
-
Report Warns US Allies Are Using Chinese-Owned Mobile Routes
Researchers Say Chinese Mobile Route Firms Dominate Global Interconnect Industry. A report warns U.S. allies and countries across the globe are using Chinese-owned and controlled mobile routing firms in a move that could risk national security interests and potentially expose billions of users to passive and active surveillance from Beijing. First seen on govinfosecurity.com Jump…
-
Enterprise mobile apps riddled with sloppy data security
First seen on scworld.com Jump to article: www.scworld.com/news/enterprise-mobile-apps-riddled-with-sloppy-data-security
-
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
A comprehensive study by zLabs, the research team at Zimperium, has found that over 43% of the top 100 mobile applications used in business environments contain severe vulnerabilities that expose sensitive data to potential hackers. This finding underscores the urgent need for enterprises to reassess their app vetting processes and enhance security measures to protect…
-
Mobile Security Emerging Risks in the BYOD Era
The rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling employees to use personal smartphones, tablets, and laptops for professional tasks. While this shift reduces hardware costs and supports hybrid work models, it introduces complex security challenges. Cybercriminals increasingly target personal devices as gateways to corporate networks, exploiting vulnerabilities in fragmented…
-
35 countries use Chinese networks for transporting mobile user traffic, posing cyber risks
An analysis from iVerify found U.S. allies on the list where mobile providers employ China-based networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/35-countries-use-chinese-networks-for-transporting-mobile-user-traffic-posing-cyber-risks/
-
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tags-sonicwall-vpn-flaw-as-actively-exploited-in-attacks/
-
CISA Issues Alert on SonicWall Flaw Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability. The flaw, documented as CVE-2021-20035, targets SonicWall’s SMA100 series appliances and has been added to CISA’s Known Exploited Vulnerabilities Catalog. Overview of the Vulnerability This particular vulnerability lies within the SonicWall Secure Mobile Access (SMA)…
-
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
Tags: access, cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection First seen…
-
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cloud-cryptography-flaws-mobile-apps-expose-enterprise-data
-
92% of Mobile Apps Found to Use Insecure Cryptographic Methods
Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/92-mobile-apps-insecure/
-
Tycoon 2FA phishing kit adds stealth, expands to mobile devices
First seen on scworld.com Jump to article: www.scworld.com/news/tycoon-2fa-phishing-kit-adds-stealth-expands-to-mobile-devices
-
South African telecom provider Cell C disclosed a data breach following a cyberattack
Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Cell C is the fourth-largest mobile network operator in South Africa, ,after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and…
-
iOS devices face twice the phishing attacks of Android
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/11/mobile-cybersecurity-challenges/
-
Malicious ‘mParivahan’ App Circulates on WhatsApp, Skimming Sensitive Mobile Data
A new variant of the fake NextGen mParivahan app has emerged, exploiting the trust users place in official government notifications to distribute malware. This malicious software is distributed through seemingly legitimate traffic violation alerts via WhatsApp, luring victims into installing what they believe is the official app. Infection Vector and Deceptive Tactics The malware spreads…
-
South African telecom provider serving 7.7 million confirms data leak following cyberattack
South Africa’s fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year. First seen on therecord.media Jump to article: therecord.media/south-african-telecom-provider-discloses-data-breach-ransomware
-
Top 16 OffSec, pen-testing, and ethical hacking certifications
Tags: access, android, antivirus, application-security, attack, authentication, blockchain, bug-bounty, business, cisco, cloud, computing, credentials, crypto, cryptography, cyber, cybersecurity, data, defense, detection, encryption, exploit, guide, hacker, hacking, incident response, injection, iot, jobs, kali, linux, malware, microsoft, mitigation, mobile, network, penetration-testing, RedTeam, remote-code-execution, reverse-engineering, risk, risk-assessment, sap, skills, sql, technology, threat, tool, training, update, vulnerability, windowsExperiential learning Offensive security can’t be fully mastered through lectures alone. Candidates need hands-on training in lab environments to develop practical skills. Ideally, certification exams should include a practical assessment, such as developing an exploit to compromise a system.Because individuals learn OffSec techniques, such as penetration testing, in different ways, the most effective certifications offer…
-
Innovations in Managing Cloud Machine Identities
Can Innovations in Machine Identity Management Reshape Cloud Security? Cloud technology has transformed the way we work, store data, and build software, revolutionizing various industries from vending to mobile automation. Nevertheless, this digital shift brings forth novel cybersecurity challenges. One particularly important aspect often overlooked is the management of Non-Human Identities (NHIs). So, what exactly……
-
Kids Online: Das mobile Gerät hat Schule gemacht
Das Internet hat bei Kids Schule gemacht. Deswegen sollten Eltern und Lehrer ihre Hausaufgaben zum Thema Online-Sicherheit erledigt haben. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/08/28/kids-online-das-mobile-gerat-hat-schule-gemacht/
-
Windows-Gefahren: Vergangenheit, Gegenwart und Zukunft
Mobile Malware befindet sich auf dem Vormarsch, doch die fragmentierte Marktsituation erschwert den Cyberkriminellen ihre Arbeit ganz im Gegensatz zu der Welt der Desktops und Laptops: Laut Net Marketshare laufen seit letztem Monat 90 Prozent der Computer unter einer Windows-Version. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/05/19/windows-gefahren-vergangenheit-gegenwart-und-zukunft/
-
Whatsapp plugs bug allowing RCE with spoofed filenames
Whatsapp makes for a popular attack vector: Whatsapp has been frequently targeted in the past for its popularity as an encrypted chatting platform. With over 10 billion downloads on Google Play Store alone, the platform makes for a lucrative target for threat actors.A similar security oversight was reported in July 2024 to be affecting the…
-
NCSC issues warning over Chinese Moonshine and BadBazaar spyware
Two spyware variants are being used to target the mobile devices of persons of interest to Chinese intelligence, including individuals in the Taiwanese, Tibetan and Uyghur communities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622023/NCSC-issues-warning-over-Chinese-Moonshine-and-BadBazaar-spyware
-
Apple Pay und Sicherheit was Nutzer wissen sollten
Mobile Bezahlsysteme scheinen einer der wichtigsten Trends für das Jahr 2015 zu werden dafür spricht zumindest der Boom, der durch die Veröffentlichung von Apple Pay ausgelöst wurde. Damit hat Apple etwas geschafft, woran sich andere Unternehmen schon lange die Zähne ausbeißen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/11/18/apple-pay-und-sicherheit-nutzer-wissen-sollten/
-
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
Tags: apple, cyber, cybercrime, exploit, finance, fraud, google, hacker, mobile, nfc, password, technology, vulnerabilityIn a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology like chip cards and one-time passwords, exploiting vulnerabilities in contactless payments and digital wallets. By…
-
Check Point Infinity überzeugt im unabhängigen KI-Sicherheitsvergleich
Check Point wurde insbesondere in den Bereichen Threat Prevention, Zero Trust Access, Secure Access Service Edge (SASE), Cloud Security, Mobile & Endpoint Protection als führend eingestuft. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-infinity-ueberzeugt-im-unabhaengigen-ki-sicherheitsvergleich/a40415/

