Security News
While 2020 has brought many challenges, perhaps the most critical from a social perspective is how we have intertwined mobile devices into our daily lives. We've seen a similar tactic used in an ongoing mobile phishing campaign that sends a message purporting to be a missed package delivery with a link to a fake claim page that is a mobile phishing attack.
Did you know you can join us for a live cybersecurity lecture every Friday? Thanks for watching hope to see you online later this week!
The meteoric rise of the game Among Us appears to be outpacing its developer's ability to keep up with malicious actors. Among Us takes place in a space setting, where some platers are "Crewmates," and others are "Imposters" that live among us.
If you have loads of apps installed, don't worry: you can check some of the most important permissions for all of them in one go. With iOS 14 small arrows now appear alongside an app in the list or on the home screen when the app is in use to let you know if a location service is being or has been accessed by that app.
Avatier announced the release of Avatier for iOS and Android, a new mobile app platform that creates a collaborative, self-service approach to enterprise access without compromising security. Avatier's new mobile experience is designed for the modern workforce, giving employees, customers, contractors and vendors a single mobile app that enables self-service business agility for time-sensitive security requests.
Security researcher Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, which could allow attackers to trick users into sharing sensitive information through legitimate-looking phishing sites. "First and foremost, it is easy to persuade the victim into stealing credentials or distributing malware when the address bar points to a trusted website and giving no indicators forgery, secondly since the vulnerability exploits a specific feature in a browser, it can evade several anti-phishing schemes and solutions."
SlashNext announced the on-device AI mobile phishing defense for iOS and Android with natural language and link-based detection to protect users from the exponential increase in mobile-based SMS phishing attacks. Now SlashNext, customers and partners can benefit from the industry's fastest and most accurate, 2.0 mobile AI phishing defense, protecting users from all forms of phishing across all their communication channels - SMS, email, social networking, gaming, collaboration and search - without compromising user privacy or performance.
Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. The issue stems from using malicious executable JavaScript code in an arbitrary website to force the browser to update the address bar while the page is still loading to another address of the attacker's choice.
A set of address-bar spoofing vulnerabilities that affect a number of mobile browsers open the door for malware delivery, phishing and disinformation campaigns. "Essentially, if your browser tells you that a pop-up notification or a page is 'from' your bank, your healthcare provider or some other critical service you depend on, you really should have some mechanism of validating that source. In mobile browsers, that source begins and ends with the URL as shown in the address bar. The fact of the matter is, we really don't have much else to rely on."
Entrust announced the Sigma Instant Desktop Issuance solution, a direct-to-card solution for instant physical and mobile ID issuance. Equipped with cloud-based APIs, Sigma systems bring issuance to the cloud without additional hardware - enabling instant printing for both physical IDs, badges and payment cards.