Security News

Mobile voting: Hype or reality?
2020-09-04 05:00

For most of us, voting by anything other than a paper ballot or a voting machine is a foreign concept. Due to the pandemic and shelter in place restrictions, various alternatives have been considered this year - in particular, voting via our mobile devices.

Apple Delays Change Likely to Stymie Mobile Ad Targeting
2020-09-03 20:40

Apple said on Thursday it would give developers until next year to comply with a software change expected to stymie targeted advertising in iPhone and iPad apps. An update coming to Apple's iOS mobile software includes a requirement for apps to ask users' permission to collect and share device-identifying data used to make ads more relevant.

Private, unlicensed 5G mobile network adoption may intensify NetOps and SecOps challenges
2020-09-03 05:30

While 5G sometimes seems like the panacea for just about everything, it will likely intensify the already common friction between NetOps and SecOps teams that will take part in deployments and operations of the 5G mobile network. 5G standardization has an enhanced security framework over 4G, but there are various new implementations and complexities of design, and NetOps and SecOps teams need to come together to achieve greater agility and accommodate changes and challenges to their new mobile networks more quickly and more efficiently.

The state of GDPR compliance in the mobile app space
2020-08-26 10:14

A group of academics from three German universities has decided to investigate whether and how mobile app vendors respond to subject access requests, and the results of their four-year undercover field study are dispiriting. "In three iterations between 2015 and 2019, we sent subject access requests to vendors of 225 mobile apps popular in Germany. Throughout the iterations, 19 to 26 % of the vendors were unreachable or did not reply at all. Our subject access requests were fulfilled in 15 to 53 % of the cases, with an unexpected decline between the GDPR enforcement date and the end of our study," they shared.

Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing
2020-08-23 13:40

Thousands of ISO certifications at risk of lapsing due to halted re-certification auditsThousands of valuable ISO management system certifications earned by UK companies may now be at risk because auditors from Certification Bodies may not have been able to attend organizations' premises to conduct essential re-certification audits during the current coronavirus pandemic. Kali Linux 2020.3 released: A new shell and a Bluetooth Arsenal for NetHunterOffensive Security has released Kali Linux 2020.3, the latest iteration of the popular open source penetration testing platform.

Know the threats to mobile security
2020-08-21 04:30

According to a recent report by Malwarebytes, mobile banking malware has surged over recent months, focused on stealing personal information and using weakened remote connections and mobile devices in a work-from-home environment to gain access to more valuable corporate networks. Securing mobile is a laborious task that requires mobile app developers to factor in several entities, including device manufacturers, mobile operating system developers, app developers, mobile carriers, and service providers.

ACA Compliance Group unveils mobile app version of its ComplianceAlpha platform
2020-08-20 00:30

ACA Compliance Group announced the launch of the mobile app version of its ComplianceAlpha platform for risk and compliance management. Designed to provide financial services firms with an on-the-go hub for compliance management, communication, resources, thought leadership, and future ComplianceAlpha functionality, ACA's ComplianceAlpha mobile app provides both employees and compliance teams with an easier, more accessible compliance experience.

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
2020-08-13 13:06

Researchers have discovered an attack on the Voice over LTE mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls. Dubbed ReVoLTE, the attack - detailed by a group of academic researchers from Ruhr University Bochum and New York University Abu Dhabi - exploits an implementation flaw in the LTE cellular protocol that exists at the level of a mobile base station.

KoolSpan launches TrustCall, a secure mobile comms app for defense, intelligence operatives
2020-08-13 01:30

KoolSpan and the National Geospatial-Intelligence Agency announced the availability of TrustCall, a secure mobile communications application, to all DoD and IC users for iOS and Android, via the GEOINT App Store. The threats are posed by systemic vulnerabilities in the global telecommunications infrastructure that readily enable interception and monitoring of mobile communications, both voice and data.

Collecting and Selling Mobile Phone Location Data
2020-08-11 11:00

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "More than 500 mobile applications." Through that SDK, the company collects location data from users, which it then sells. Anomaly Six is a federal contractor that provides global-location-data products to branches of the U.S. government and private-sector clients.